provisor.com.ua Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://provisor.com.ua/
Effective URL:
https://provisor.com.ua/
Submission: On August 27 via api (August 27th 2022, 7:42:41 am UTC) from GB — Scanned from GB

Summary HTTP 140 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 17 domains to perform 140 HTTP transactions. The main IP is 2a06:98c1:3120::c, located in United States and belongs to CLOUDFLARENET, US. The main domain is provisor.com.ua.
TLS certificate: Issued by E1 on June 30th 2022. Valid for: 3 months.

This is the only time provisor.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2a06:98c1:312... 2a06:98c1:3120::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
34	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
6	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:812::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
7	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4016:7::7	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
140	21

18 2a06:98c1:3120::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

provisor.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.provisor.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (GLOBAL_DC, FI)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

site.yandex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i1.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4016:7::7 (Ireland)

ASN15169 (GOOGLE, US)

rr2---sn-h0jelnes.googlevideo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
48	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 123 tpc.googlesyndication.com — Cisco Umbrella Rank: 159	1 MB
23	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com csi.gstatic.com fonts.gstatic.com	336 KB
23	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108 googleads.g.doubleclick.net — Cisco Umbrella Rank: 52	286 KB
18	provisor.com.ua 1 redirects provisor.com.ua www.provisor.com.ua	179 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 194	216 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 10960	2 KB
5	yandex.net site.yandex.net — Cisco Umbrella Rank: 121727	28 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 54	2 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 88 www.google.com — Cisco Umbrella Rank: 9	1 KB
3	yandex.ru 1 redirects informer.yandex.ru — Cisco Umbrella Rank: 67781 an.yandex.ru Failed mc.yandex.ru — Cisco Umbrella Rank: 3880	58 KB
1	googlevideo.com rr2---sn-h0jelnes.googlevideo.com — Cisco Umbrella Rank: 96840	1 MB
1	ytimg.com i1.ytimg.com — Cisco Umbrella Rank: 1443	14 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 8811	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 882	647 B
1	yastatic.net yastatic.net — Cisco Umbrella Rank: 6925	28 KB
1	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 149309	758 B
0	yandex.ua Failed mc.yandex.ua Failed
140	17

	Domain	Requested by
35	tpc.googlesyndication.com	googleads.g.doubleclick.net provisor.com.ua tpc.googlesyndication.com pagead2.googlesyndication.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
17	provisor.com.ua	1 redirects provisor.com.ua
13	pagead2.googlesyndication.com	provisor.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	csi.gstatic.com	www.gstatic.com
7	www.gstatic.com	googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net
5	mc.yandex.com	2 redirects provisor.com.ua
5	site.yandex.net	provisor.com.ua site.yandex.net
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.google.com	1 redirects tpc.googlesyndication.com
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
2	mc.yandex.ru	1 redirects provisor.com.ua
2	stats.g.doubleclick.net	provisor.com.ua
1	rr2---sn-h0jelnes.googlevideo.com	googleads.g.doubleclick.net
1	i1.ytimg.com	googleads.g.doubleclick.net
1	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	yastatic.net	site.yandex.net
1	c.bigmir.net	provisor.com.ua
1	informer.yandex.ru	provisor.com.ua
1	www.provisor.com.ua	provisor.com.ua
0	mc.yandex.ua Failed	provisor.com.ua
0	an.yandex.ru Failed	provisor.com.ua
140	28

This site contains links to these domains. Also see Links.

Domain
www.provisor.com.ua
www.bigmir.net
metrika.yandex.ru

Subject Issuer	Validity	Valid
*.provisor.com.ua E1	`2022-06-30` - `2022-09-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
c.bigmir.net R3	`2022-08-07` - `2022-11-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-08-16` - `2022-10-25`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://provisor.com.ua/
Frame ID: F7B9A9022610548AAD45BF61C79182E2
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html
Frame ID: BE7C1147A0737AD8808E9527B7E848CC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5294162237265932&output=html&adk=1812271804&adf=3025194257&lmt=1661586156&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34603008%2C32%3A32&format=0x0&url=https%3A%2F%2Fprovisor.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155987&bpp=2&bdt=332&idt=348&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7893079252336&frm=20&pv=2&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=362
Frame ID: 9F4DB5C909FF601E578AFE168C5753B8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=280&slotname=9166063991&adk=3915986777&adf=3377321640&pi=t.ma~as.9166063991&w=780&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155989&bpp=1&bdt=334&idt=365&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7893079252336&frm=20&pv=2&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=354&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yZ6BKoYnhR&p=https%3A//provisor.com.ua&dtd=369
Frame ID: E3F9275A97899136A5242D093632A4C6
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=5198483531&adk=356026656&adf=10137820&pi=t.ma~as.5198483531&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155990&bpp=1&bdt=335&idt=371&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AF3kaqZPoO&p=https%3A//provisor.com.ua&dtd=373
Frame ID: D9B8551DB0295DC9ACD9D44DD2FD590F
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=9166063991&adk=3275295246&adf=1536194643&pi=t.ma~as.9166063991&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155991&bpp=1&bdt=336&idt=374&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xH1cyfy05C&p=https%3A//provisor.com.ua&dtd=376
Frame ID: DEECE051DE394369BE05D99D24135816
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=6787312668&adk=2354762848&adf=2448148850&pi=t.ma~as.6787312668&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155992&bpp=1&bdt=336&idt=377&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=RHrZuDaeyr&p=https%3A//provisor.com.ua&dtd=378
Frame ID: BA6083B5F420F52C2FE58E57369C2F19
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=9166063991&adk=1006573206&adf=4055061548&pi=t.ma~as.9166063991&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155993&bpp=1&bdt=338&idt=380&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450%2C240x600&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=2143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=0qXytTKcec&p=https%3A//provisor.com.ua&dtd=382
Frame ID: 0983799D43809367046EA271BA0575F5
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=9166063991&adk=1006573206&adf=2834586014&pi=t.ma~as.9166063991&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155993&bpp=1&bdt=338&idt=385&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450%2C240x600%2C240x600&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=3487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=9Bu8C1MU2G&p=https%3A//provisor.com.ua&dtd=387
Frame ID: D2DB40A42BF5C6E6651D770C096E6DC0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html
Frame ID: B3C19BF37462FFEA8F39E1C176325243
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js
Frame ID: DAA9B7741583CC5E295B341152B8C16C
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 82FEDDED3616723F98B0798A443C4A6B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: 930F1B7EA5F3F997708D3CEB95DE664C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: BD6AB5BFD073F09A0FF8345E18F8AF4A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: 414CF714DF4548DF95ADBEC120BFA4B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7D9322BE2055AF01E5769E2113739EAD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D06DF8E914E0C6E00F7586CA48F6E4A7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Журнал «Провизор»

Page URL History Show full URLs

http://provisor.com.ua/ HTTP 301
https://provisor.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

140
Requests

96 %
HTTPS

90 %
IPv6

17
Domains

28
Subdomains

21
IPs

6
Countries

3343 kB
Transfer

5450 kB
Size

20
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: http://www.provisor.com.ua/archive/2017/N11/kak-pravilno-uhazhivat-za-kozhey-litsa.php
Title: Как правильно ухаживать за кожей лица

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N11/novye-shemy-lecheniya-gepatita-s.php
Title: Новые схемы лечения гепатита с

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N11/razriv-miniska-kolennogo-sustava.php
Title: Разрыв мениска коленного сустава

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N11/naskolko-vredni-elektronnie-sigareti.php
Title: Насколько вредны электронные сигареты?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N2/Kak-vybrat-kliniku-reproduktivnoj-mediciny.php
Title: Как выбрать клинику репродуктивной медицины?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N2/dostavka-vody-kievhtml.php
Title: Забота об организме: что может быть важнее?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N2/analizy-shchitovidnoy-zhelezy.php
Title: Анализы щитовидной железы

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N3/mezoterapiya-volos-v-odnoy-iz-luchshih-klinik-kieva.php
Title: Мезотерапия волос в одной из лучших клиник Киева

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N2/prichiny-vozniknoveniya-cellyulita.php
Title: Причины возникновения целлюлита

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N2/vidy-liposakcii.php
Title: Виды липосакции

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2016/N14/Novye-fakty-o-dostizhenijah-Aspirina-v-onkologii.php
Title: Новые факты о достижениях Аспирина в онкологии

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2011/N03/gripb_0311.php
Title: Грипп у беременных и кормящих женщин

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N18/gripp-privivka-ot-grippa-nuzhna-li-vakcinaciya.php
Title: Грипп. Прививка от гриппаНужна ли вакцинация?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N18/gripp-privivka-ot-grippa-nuzhna-li-vakcinaciya.php#1
Title: С какого возраста можно делать прививку от гриппа?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N18/gripp-privivka-ot-grippa-nuzhna-li-vakcinaciya.php#2
Title: Скажите, пожалуйста, есть ли смысл делать прививку от гриппа детям полутора и двух лет и если делать, то какой вакциной?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N18/gripp-privivka-ot-grippa-nuzhna-li-vakcinaciya.php#3
Title: Какой эффект от профилактики гриппа стимуляторами интерферона?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N18/gripp-privivka-ot-grippa-nuzhna-li-vakcinaciya.php#4
Title: Умершие от обычного гриппа были привиты?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N18/gripp-privivka-ot-grippa-nuzhna-li-vakcinaciya.php#5
Title: Насколько прививка снижает шансы заболеть гриппом?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N03/Chem-lechit-kashel.php
Title: Как и чем лечить кашель?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2002/N10/art_18.php#bezRx
Title: Безрецептурные лекарства при сухом и влажном кашле

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/1999/N1/razm.php
Title: Устойчивость микробов к антибиотикам

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/-PR-novosti-partnerov-3/-PR-glisty.php
Title: Глисты у детей

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2017/N4/analizy-na-gelminty.php
Title: Анализы на гельминты

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N03/Artrit-sustavov-1.php
Title: Артрит суставов. Симптомы

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N03/osteoartroz-1.php
Title: Остеоартроз

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N03/osteoartroz-4-Hondroprotektory.php
Title: Хондропротекторы

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N18/bol-v-kolene.php
Title: Боль в колене

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2014/N3/Pomogaet-li-odezhda-iz-shelka-lechit-ekzemu.php
Title: Помогает ли одежда из шелка лечить экзему?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2014/N4/Chto-luchshe-razvivaet-rebenka-Knizhki-s-kartinkami-ili-s-tekstom.php
Title: Что лучше развивает ребёнка — книжки с картинками или с текстом?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2014/N8/O-bezopasnosti-avtokresel-dlja-detei-v-vozraste-ot-4-do-12-let.php
Title: О безопасности автокресел для детей в возрасте от 4 до 12 лет

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N16/-PR-allergicheskiy-renit.php
Title: Аллергический ринит

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N16/zaberemenet-v-40.php
Title: Забеременеть в 40

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N24/lechenie-besplodija-Obzor-suschestvujuschih-variantov.php
Title: Лечение бесплодия. Обзор существующих вариантов

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N18/adenoma-prostaty-kak-i-chem-lechit.php
Title: Аденома простаты. Как и чем лечить ?

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N20/krem-ot-morschin-vozmozhen-li-effekt.php
Title: Крем от морщин

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N24/Lechenie-miomy-matki-Vazhnyj-proryv-sistema-Acessa.php
Title: Лечение миомы матки

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2013/N23/kak-otlichit-anginu-ot-faringita.php
Title: Как отличить ангину от фарингита

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2015/N7/Rukovodstvo-dlya-mamy-2015-5-luchshih-uvlazhniteley-vozduha-dlya-novorozhdennyh.php
Title: Руководство для мамы 2015: Пять лучших увлажнителей воздуха для Новорожденных

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/archive/2014/N1/Kak-i-chem-lechit-gipertoniju-Lekarstva-ot-davlenija-Novye-rekomendacii-dlya-gipertonikov.php
Title: Как и чем лечить гипертонию? Лекарства от давления. Новые рекомендации для гипертоников

Search URL Search Domain Scan URL

URL: http://www.provisor.com.ua/100matolog/archive.htm
Title: Журнал СТОМАТОЛОГ

Search URL Search Domain Scan URL

URL: http://www.bigmir.net/?cl=54320

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=46143141&from=informer

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://provisor.com.ua/ HTTP 301
https://provisor.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9743.K0FCBGT5YwXGUSDVoq9IIrwDWxC-pOHfyaAgpwc9ROYNT-KelpxctCXbjTDCT1tN.EoYQXSKAX8oBa6Vr_BNdf2284SI%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9743.1FX6GXvUkV9Jlqt7TMfcvl2x5YulNikQqOd6QqDtFe9jtbNoihzySJIJjN3oPqxkOfksyk6RMg5XiN_cgkF1Ww%2C%2C.30HpnADQCfPHE63Tw9s2TNCAPhU%2C

Request Chain 45

https://mc.yandex.com/watch/46143141?wmode=7&page-url=https%3A%2F%2Fprovisor.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A477%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1061431888612%3Ahid%3A24316503%3Az%3A0%3Ai%3A20220827074236%3Aet%3A1661586156%3Ac%3A1%3Arn%3A306144248%3Arqn%3A1%3Au%3A1661586156670714473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661586155248%3Ads%3A0%2C97%2C153%2C47%2C151%2C0%2C%2C91%2C2%2C%2C%2C%2C541%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661586157%3At%3A%D0%96%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%C2%AB%D0%9F%D1%80%D0%BE%D0%B2%D0%B8%D0%B7%D0%BE%D1%80%C2%BB&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/46143141/1?wmode=7&page-url=https%3A%2F%2Fprovisor.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A477%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1061431888612%3Ahid%3A24316503%3Az%3A0%3Ai%3A20220827074236%3Aet%3A1661586156%3Ac%3A1%3Arn%3A306144248%3Arqn%3A1%3Au%3A1661586156670714473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661586155248%3Ads%3A0%2C97%2C153%2C47%2C151%2C0%2C%2C91%2C2%2C%2C%2C%2C541%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661586157%3At%3A%D0%96%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%C2%AB%D0%9F%D1%80%D0%BE%D0%B2%D0%B8%D0%B7%D0%BE%D1%80%C2%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 119

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

140 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
provisor.com.ua/
Redirect Chain

http://provisor.com.ua/
https://provisor.com.ua/

49 KB
15 KB

251ms
153ms

Document
text/html

2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98dcd6cc1a73bd618f7524fdb321e3e49fbb78a1841b4873180e4778e7d008d3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 74132bdffc9f7549-LHR
content-encoding: br
content-type: text/html; charset=CP1251
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k23MrwznIqQz%2Bb%2FAD7Kwf9uSShBnMIdm1tKTGyGDiejVwgctA%2Bg49%2BNALLG9G6pcl3iW9glE8RJP%2F1XfplZObCMVfJclDVEeQG8YzB3ENTk%2BsmtVIPn2u0Nzox4gB3ZEFhRH6hgDqPRbDBC06xE%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-ray: p1054:0.010/wne22491:0.000/wn22491:0.000/wa22491:D=6364

Redirect headers

CF-RAY: 74132bdf0e7f7785-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 27 Aug 2022 07:42:35 GMT
Expires: Sat, 27 Aug 2022 08:42:35 GMT
Location: https://provisor.com.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uYEtAmPtLRrWEjf9bi%2Fbc5LdqafshN%2B62nwlsryRvfykmPoghJE175NHz9YQi28mQoEtJEMFGtJrBVC27gfUWeDXS9P%2FdRiLr1hWWjiqodQi4YYo1%2Fc8DU%2FE2FY9e14qrQZH%2BUpBxuWVTJYwVKk%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 229ms
101ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5294162237265932

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5dcc79f608b81a3174f77730ca8673c8b9fd6a6c027af4f1713ea997ef8daebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Origin: https://provisor.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57472
x-xss-protection: 0
server: cafe
etag: 729854983459698850
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:42:35 GMT

GET
H2 200 prov_2.css
provisor.com.ua/css/ 17 KB
5 KB 54ms
53ms Stylesheet
text/css 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provisor.com.ua/css/prov_2.css
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53ee84391d7cb7c63ca6689396dea928754f52acad56f0d4831eca5c8fa95362

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.015/wne22491:0.000/wn22491:0.000/
content-encoding: br
etag: W/"58c2ae46-43c2"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2017 13:46:46 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ww7sgflaIftzXQG7DlZmsKfZWo%2BKsYdr4Bk%2B%2FOasmFULNiwEDCkPC9EkSEAzrECvork7hpaXfrgjFAMAri6Ce7bkPR9XZcK9jJwC2vDTUAFGor4LwNJdEJnpyr99sGkhQP0ueMOoKuWNb8lUksk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 74132be0fdfc7549-LHR

GET
H2 200 head3.js Show response
provisor.com.ua/js/ 7 KB
3 KB 52ms
51ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provisor.com.ua/js/head3.js
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2e1531e433bb2f0742ac388a8a5afe7f3bf02c9c16f54571b5bf18c037815489

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.010/wne22491:0.000/wn22491:0.000/
content-encoding: br
etag: W/"591c997b-1c5a"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 17 May 2017 18:42:03 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPm3ySkzBNAV6Fh7DxtOZfvWlE%2FhS566XmY2AKC4bWBh%2FImjJsrAt3ztyGPSVqHZWaH3GNUKzaib1P9DcOpBjhhNGuZxW%2Bu7p0Nnv213jtV5uSkXHTyKcbjr1DO7Ko9fEcW3%2FOVIbXJAHc7XhTU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74132be0fdfe7549-LHR

GET
H2 200 t_transparent.gif
provisor.com.ua/img/ 43 B
411 B 50ms
49ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://provisor.com.ua/img/t_transparent.gif
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
etag: "58c2ae7b-2b"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Fri, 10 Mar 2017 13:47:39 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBuoB%2FkjQ3fUl5aleK%2BIsDCdambtngISzS1Kt0X8nUsaqdQSCKDMGpz8pg9ZliZPoSBy4j1nzsCwoTelJi2Dx3AS3huv9BXElAfKwv2yVQ%2BZIxgw1mtuzNIE%2BlxgmJ92rqaM4IPjRmPofHaAQLw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74132be11e167549-LHR

GET
H2 200 t.gif
provisor.com.ua/img/ 43 B
364 B 51ms
50ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://provisor.com.ua/img/t.gif
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
etag: "58c2ae7a-2b"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
last-modified: Fri, 10 Mar 2017 13:47:38 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j0xdRCmqFTevmRdmd%2FB58iFZKmhtPYUUxZElmqlTmsJ8facPJX8M1z1fprBnJAe88ApjviTu67DCBL5wrSk8TA9zJ%2F5dTFhJRdntYbc%2FCF8ePiZ4W6vseQasjzU8aJwnTRYvwWl3YRaBZoXbu%2Fw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74132be11e177549-LHR

GET
H2 200 Logo_provisor_new_2013_08_04.png
provisor.com.ua/img/ 48 KB
49 KB 52ms
51ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://provisor.com.ua/img/Logo_provisor_new_2013_08_04.png
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b02b82dcc570701ff857813f154736157d236c9badaf548d94f79796e1112f88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
etag: "58c2ae73-c102"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49410
last-modified: Fri, 10 Mar 2017 13:47:31 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dVceG0%2Fdb6U2GLFuq8lBdMxaXHdWiBP7%2FmbRF4TG0XD21SeP77zMW3VQSXSsflj4RRRybsZf8DgnUre0Td0QCENuHgE6B7kPN9FlecxwkZ79bSHQ4%2B63BnT01ugBOb9h7nfNlbhFfK1Xr4QhUfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74132be11e197549-LHR

GET
H2 200 nav_b.js Show response
provisor.com.ua/js/ 629 B
849 B 70ms
70ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provisor.com.ua/js/nav_b.js
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d39b1239b2af6c8d825ac673ab835de8afc75e2305268efece1f5d827c878c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
content-encoding: br
etag: W/"58c2a9a2-275"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2017 13:26:58 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ty5R3RwKvpkwulr1tDenRA%2BoEoAVFW3C66DNTTwpZjKH%2FVoOvWnAfr721tkqHowq2RKSnOiZhEwnzEY8lPAzeSgO02fAIfKEMIarAYU%2BQBoSE2Jg24rBE%2FB4C2PUwGGPdZzhIj7YN8RXXt4d39E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74132be11e147549-LHR

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
57 KB 259ms
143ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

badca0f1a9d1da39474d0a6ac65569ff362709dbc2ce8e49941b04f7235283fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57517
x-xss-protection: 0
server: cafe
etag: 7838022884374672826
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:42:35 GMT

GET
H2 200 favicon.png
provisor.com.ua/news/wp-content/uploads/2017/05/ 1 KB
1 KB 145ms
145ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://provisor.com.ua/news/wp-content/uploads/2017/05/favicon.png
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c450d927decf84683fd76fa87c6e13d438d71afeb650577d88e591317703d95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
etag: "591b6e44-45a"
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1114
last-modified: Tue, 16 May 2017 21:25:24 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HehzhPS8MyDxuXAN9c1Ex19KKiUsgKOkULsqUZ8ImGLojNtRGRutlrAcoCf7mXtwAfP7VxTPVHuTmqrloW8Gx62%2FgO2bq%2FINhHtSYpUsptigDnvmLuDH4bUIo9i%2BXbMxbM1AxUtgCRq3YXaFiMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74132be11e1b7549-LHR

GET
H2 200 logo_4.gif
www.provisor.com.ua/100matolog/img/ 2 KB
3 KB 133ms
52ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.provisor.com.ua/100matolog/img/logo_4.gif
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d5d68c9199e0a4859d45fd2e5aad75c3280ad5f9406ac8c0b053c6f4f1ac4cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wn22491:0.000/
etag: "58c2bc2d-9cd"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1505
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2509
last-modified: Fri, 10 Mar 2017 14:46:05 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1VkgLGtTCd2Rjhk7f6OmHnljxZtPXjs2gnxEjyGaSCp4Oc0PFNWJKGHghzZ2xW2urLT7VUII2y0Wnn3OfjkcF1niB9YNGW%2BOL9haOaLqhm3nHOHeOuXlerz1LOBnn5myY7IbgKcKU1qO1zFqtfBFzn9%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74132be1cefc7549-LHR

GET
H2 200 email-decode.min.js Show response
provisor.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 48ms
45ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://provisor.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 23 Aug 2022 11:02:51 GMT
server: cloudflare
etag: W/"6304b3db-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGs4UhIxiR03Fl6gkOrZvGCB6Qpy6r9DyvXyan8cJkrHYachgA7MA5mdXSFSbN14LtZw5bQCTh9hMeE1lpYGcpNdX3D%2FkKJHg9lh59nTgbXBi1CmBJLHb16WrQAJAzXFFL2RRemSVCTBEesRhLk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 74132be14e5e7549-LHR
vary: Accept-Encoding
expires: Mon, 29 Aug 2022 07:42:35 GMT

GET
H2 200 foot3.js Show response
provisor.com.ua/js/ 1 KB
893 B 53ms
51ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provisor.com.ua/js/foot3.js
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb57157c5589aeae14d55d43fb91d37cbee53c95c8d19449c986daf03cf93729

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
content-encoding: br
etag: W/"58c2a9a0-4cc"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2017 13:26:56 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99FZL8jQhmcodFpbdDnXfNuj8M0j7NRHawbR0L6iCoKPw5ZuxbrV8z8GpzqBNmeiPcmbphI8bWXZlKLS3hiZdjfjoy8eButopYJh7DBtjD%2B8EBRCzkhFTap%2FpuXTcu4Q8D8NsQdpZFpU7orCrdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74132be14e617549-LHR

GET
H2 200 3_0_FFFFFFFF_EFEFEFFF_0_pageviews
informer.yandex.ru/informer/46143141/ 1 KB
2 KB 380ms
102ms Image
image/png 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/46143141/3_0_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

be5ce430ce2157a5cde8f5c053a417876842cd7157d17b04bfb734a858aa08f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Sat, 27-Aug-2022 07:42:36 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1305
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 07:42:36 GMT

GET
H2 200 jquery-1.10.2.min.js Show response
provisor.com.ua/js/ 91 KB
33 KB 56ms
55ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provisor.com.ua/js/jquery-1.10.2.min.js
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
content-encoding: br
etag: W/"58c2a9a2-16bb3"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2017 13:26:58 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I3D5Lw87wBbgBe%2Fz7UDXfeuJlGiQI777WPoFAYxHeHP30VEKHuknfotdviJIR17UsS7Ctl9XhVVW%2BrACZeylnksf7WmPhOxM25exVfxvSumMSR3mFdDiLth9PWhNFnTrx9nFox0NiMjzpw0%2FMN0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74132be14e627549-LHR

GET
H2 200 jquery-migrate-1.2.1.min.js Show response
provisor.com.ua/js/ 7 KB
3 KB 53ms
52ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provisor.com.ua/js/jquery-migrate-1.2.1.min.js
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
content-encoding: br
etag: W/"58c2a9a2-1c1f"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2017 13:26:58 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N6bDFEetC2ANVcPWA%2FWPmOXlACOcdPaqyg5zqcmSCZNrsIjJCBF%2FPF2vrelJko%2FcSVD3bfbSm70HUCh6sJ9ytChI5nQbQ7hAGGkWNxtrI2vCmK1wkjgM8yjBc7Q%2BgknJXiLJ9s8Szp5GCtIRWQk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74132be14e647549-LHR

GET
H2 200 jquery.smoothscroll.js Show response
provisor.com.ua/js/ 15 KB
4 KB 66ms
65ms Script
application/javascript 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://provisor.com.ua/js/jquery.smoothscroll.js
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94435b73560a3202a3db03fefd744c4a6d2f56f1954dcdbbf05289c0a2a5bc90

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
content-encoding: br
etag: W/"58c2a9a2-3a70"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3573
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 10 Mar 2017 13:26:58 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cv4NjjMw67%2B%2Fto8ySOLJPkgwani7%2F%2BhwkYsxAxXpYtpLHDf7XPuV9mV5OdkPr6PfD03cNTw6Qd6CWFZr0aP2IkgC0laXRP0I%2BiS5aMJc6%2FoCZ9d%2FIv5oyJHWbj20Qj7yC8iebAqr6%2BpQZFNuZqo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 74132be14e687549-LHR

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 167ms
54ms Script
text/javascript 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4578
date: Sat, 27 Aug 2022 06:26:17 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17093
expires: Sat, 27 Aug 2022 08:26:17 GMT

GET
H3 200 bg_fabric_of_squares_gray.png
provisor.com.ua/img/ 55 KB
56 KB 54ms
54ms Image
image/png 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://provisor.com.ua/img/bg_fabric_of_squares_gray.png
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/css/prov_2.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7008c24259f51de7e985237b385bd523b5152697feda8a7ad220634d70a2d487

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/css/prov_2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wne22491:0.000/wn22491:0.000/
etag: "58c2ae6b-dc97"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5694
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 56471
last-modified: Fri, 10 Mar 2017 13:47:23 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cejIN%2FdetF2CsJJcyWhwi7Mr%2BGmy0%2Bnaqz3h0qZZTUZC05iLwKTQGYZzcwku5S8nTSlrDr36uAJaMbN5qQPMDOG3OiXMnMHGdplAFt%2BVuyfvDgrXJK0tFttvQQ2DW5AEq9EtikHgHxtlWoXiKFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74132be15d26778f-LHR

GET
H3 200 nav_top.gif
provisor.com.ua/img/ 64 B
640 B 140ms
140ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://provisor.com.ua/img/nav_top.gif
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04b7de004e45a5f05f8187b39402c46557b6b5b9439bc7f363cc25ec16536326

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.001/wn22491:0.000/
etag: "58c2ae75-40"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5694
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 64
last-modified: Fri, 10 Mar 2017 13:47:33 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pro3Ok%2B%2Be0sXinBX%2FbBwmCwETosaQrNhJC23J3MaDVYxOPVhP9MVOba6ycFBG1YFibst5Xpk5n9JWSb0Rua11aC9k3UgpGZK0kXP76yz6zkQxUU4Mjg4PuTIOrTrAxY%2Fp1E8p3GWFzQgnT0sX%2FU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74132be16d3d778f-LHR

GET
H3 200 nav_top_b.gif
provisor.com.ua/img/ 48 B
628 B 132ms
132ms Image
image/gif 2a06:98c1:3120::c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://provisor.com.ua/img/nav_top_b.gif
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b028b601c5159c3a4815c1eb014d96894703f778c6d98c4206c95399fae92da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1054:0.000/wn22491:0.000/
etag: "58c2ae75-30"
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5694
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 48
last-modified: Fri, 10 Mar 2017 13:47:33 GMT
server: cloudflare
date: Sat, 27 Aug 2022 07:42:35 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RtpW%2BpdBwwHKdtQqTSPOwRM%2F%2Fp70f%2FC6F7iC1ZoWnbaAgrfX6FF1FzlASQTdRH%2BUky%2FZkvWxq3Znye0onW%2BiTHEKa4SInGKD4ZN9vaXYM2FP0NVKFTkWPZ0jATb1u%2BvvM0fkPQt3jMRBGV8siTE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 74132be16d43778f-LHR

GET
H2 200 all.js Show response
site.yandex.net/v2.0/js/ 56 KB
15 KB 303ms
75ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/all.js

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:35 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 15151
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "a144f832184afae15f82138151d89089"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 19:39:46 GMT

GET context.js
an.yandex.ru/system/ 0
0

GET
H/1.1 200
OK /
c.bigmir.net/ 503 B
758 B 586ms
85ms Image
image/png 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bigmir.net/?s54320&t12&c1&d24&r1600
Requested by: Host: provisor.com.ua
URL: https://provisor.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: e1d1f71a581c6c23341b1a7eaaa27d7cc16788aae6b345b8b0d4fe009f4ea662

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 27 Aug 2022 07:42:36 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 158 KB
56 KB 388ms
192ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:35 GMT
content-encoding: br
last-modified: Thu, 25 Aug 2022 15:42:57 GMT
etag: "63076e51-de2c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56876
expires: Sat, 27 Aug 2022 08:42:35 GMT

GET
H3 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
55 B 167ms
56ms Image
image/gif 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=427186953&utmhn=provisor.com.ua&utmcs=windows-1251&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=%D0%96%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%C2%AB%D0%9F%D1%80%D0%BE%D0%B2%D0%B8%D0%B7%D0%BE%D1%80%C2%BB&utmhid=914108125&utmr=-&utmp=%2F&utmht=1661586155905&utmac=UA-38044933-1&utmcc=__utma%3D136848113.1513260282.1661586156.1661586156.1661586156.1%3B%2B__utmz%3D136848113.1661586156.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=728103070&utmredir=3&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 27 Aug 2022 07:42:36 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/ 342 KB
120 KB 219ms
111ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5294162237265932&plah=provisor.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5294162237265932

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a745d5fd0e933c1c0b2c39d07b6036853732c9493dc16a08ad8842c323e2643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122963
x-xss-protection: 0
server: cafe
etag: 9942554713233669331
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 27 Aug 2022 07:42:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/ Frame BE7C 10 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220822/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5294162237265932

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 61230
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Aug 2022 14:42:06 GMT
etag: 8616628553774171045
expires: Fri, 09 Sep 2022 14:42:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jquery.min.js Show response
yastatic.net/jquery/1.6.2/ 89 KB
28 KB 109ms
96ms Script
application/x-javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/jquery/1.6.2/jquery.min.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 28368
x-nginx-request-id: 8e05291226c2bce3
last-modified: Mon, 12 Nov 2018 13:13:42 GMT
server: nginx/1.17.9
etag: "57f5e4ce99f95e1eb0f18d52b65b6769"
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31556952
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Mar 2023 15:34:09 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9743.K0FCBGT5YwXGUSDVoq9IIrwDWxC-pOHfyaAgpwc9ROYNT-KelpxctCXbjTDCT1tN.EoYQXSKAX8oBa6Vr_BNdf2284SI%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9743.1FX6GXvUkV9Jlqt7TMfcvl2x5YulNikQqOd6QqDtFe9jtbNoihzySJIJjN3oPqxkOfksyk6RMg5XiN_cgkF1Ww%2C%2C.30HpnADQCfPHE63Tw9s2TNCAPhU%2C

75 B
75 B

100ms
100ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9743.1FX6GXvUkV9Jlqt7TMfcvl2x5YulNikQqOd6QqDtFe9jtbNoihzySJIJjN3oPqxkOfksyk6RMg5XiN_cgkF1Ww%2C%2C.30HpnADQCfPHE63Tw9s2TNCAPhU%2C

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9743.1FX6GXvUkV9Jlqt7TMfcvl2x5YulNikQqOd6QqDtFe9jtbNoihzySJIJjN3oPqxkOfksyk6RMg5XiN_cgkF1Ww%2C%2C.30HpnADQCfPHE63Tw9s2TNCAPhU%2C
date: Sat, 27 Aug 2022 07:42:36 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sync_cookie_image_check
mc.yandex.ua/ 0
0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 222ms
97ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
last-modified: Thu, 25 Aug 2022 15:42:57 GMT
etag: "63076e51-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 27 Aug 2022 08:42:36 GMT

GET
H2 200 suggest.js Show response
site.yandex.net/v2.0/js/ 8 KB
3 KB 79ms
79ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/suggest.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 2610
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "5905bc95497a3dcdd5543e8af9bb2553"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 19:37:49 GMT

GET
H2 200 opensearch.js Show response
site.yandex.net/v2.0/js/ 22 KB
7 KB 87ms
87ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/opensearch.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

cb680dda19a174fc226c8d0df81c04ed7496e9ad226df863f98b6d87b7a9392e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 6188
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "1df256fb3e065fdf3b47b6ac51380393"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 19:39:53 GMT

GET
H2 200 yandex-hint-rb.png
site.yandex.net/v2.0/i/ 425 B
953 B 86ms
86ms Image
image/png 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://site.yandex.net/v2.0/i/yandex-hint-rb.png

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 425
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "fbe624b4939c4538e386beffac5861f6"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 19:39:06 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
647 B 203ms
62ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=provisor.com.ua&callback=_gfp_s_&client=ca-pub-5294162237265932

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5294162237265932&plah=provisor.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

499bb1db86fe1cead9ddc4009ef5198854a3edcd2261379cb90f5d901c22a2e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 183ms
64ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=provisor.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 07:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 183ms
65ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=provisor.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 07:42:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9F4D 603 B
68 B 83ms
83ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5294162237265932&output=html&adk=1812271804&adf=3025194257&lmt=1661586156&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34603008%2C32%3A32&format=0x0&url=https%3A%2F%2Fprovisor.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155987&bpp=2&bdt=332&idt=348&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7893079252336&frm=20&pv=2&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=362

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:36 GMT
expires: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E3F9 104 KB
34 KB 531ms
531ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=280&slotname=9166063991&adk=3915986777&adf=3377321640&pi=t.ma~as.9166063991&w=780&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155989&bpp=1&bdt=334&idt=365&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7893079252336&frm=20&pv=2&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=354&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yZ6BKoYnhR&p=https%3A//provisor.com.ua&dtd=369

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f1feb53cfd1bb361a8813da6f9e06993402fcb51ba389f3c1454039e993246c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34758
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:36 GMT
expires: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D9B8 92 KB
24 KB 438ms
438ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=5198483531&adk=356026656&adf=10137820&pi=t.ma~as.5198483531&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155990&bpp=1&bdt=335&idt=371&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AF3kaqZPoO&p=https%3A//provisor.com.ua&dtd=373

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dedb16ebbcfbafb5fee83de8ff3d188d6775516da34b88c9613286e59b93fa0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 24736
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:36 GMT
expires: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DEEC 83 KB
30 KB 355ms
355ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=9166063991&adk=3275295246&adf=1536194643&pi=t.ma~as.9166063991&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155991&bpp=1&bdt=336&idt=374&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xH1cyfy05C&p=https%3A//provisor.com.ua&dtd=376

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8087f158dc659acd8ab4fe8d7a4c69eec4772775526321d9f0d8d5e1e5b17638

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 30566
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:36 GMT
expires: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BA60 137 KB
44 KB 343ms
343ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=6787312668&adk=2354762848&adf=2448148850&pi=t.ma~as.6787312668&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155992&bpp=1&bdt=336&idt=377&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=RHrZuDaeyr&p=https%3A//provisor.com.ua&dtd=378

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbd319cf3ac19ccea67839a7b54ae203f875e84e983866567faae038a4649381

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLi2-OTC5vkCFXgHewodE8YHtw&gqi=7MoJY5XEGL-8x_AP_PO4gAU&layout=/sadbundle/%24csp%253Der3%24/10669166306190290360/300x600_EN_V2/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44913
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLi2-OTC5vkCFXgHewodE8YHtw&gqi=7MoJY5XEGL-8x_AP_PO4gAU&layout=/sadbundle/%24csp%253Der3%24/10669166306190290360/300x600_EN_V2/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:36 GMT
expires: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 punycode.js Show response
site.yandex.net/v2.0/js/ 3 KB
2 KB 75ms
75ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://site.yandex.net/v2.0/js/punycode.js

Requested by

Host: site.yandex.net
URL: https://site.yandex.net/v2.0/js/all.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

53f195d73d3772db367875c72b49e33c27fba5cf221fa164118ac7c8cbfcf993

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:36 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 1285
last-modified: Thu, 14 Jan 2021 10:10:45 GMT
server: nginx/1.17.9
etag: "950bc9cba9ad2bd0fe8e439d3d775b56"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=216013
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 19:41:03 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0983 92 KB
33 KB 353ms
353ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=9166063991&adk=1006573206&adf=4055061548&pi=t.ma~as.9166063991&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155993&bpp=1&bdt=338&idt=380&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450%2C240x600&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=2143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=0qXytTKcec&p=https%3A//provisor.com.ua&dtd=382

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9b9233ba037b470b284a0dbbae5adf523c5bc0443aeae6082dde35b62853fde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33449
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:36 GMT
expires: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D2DB 430 B
230 B 275ms
275ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=9166063991&adk=1006573206&adf=2834586014&pi=t.ma~as.9166063991&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155993&bpp=1&bdt=338&idt=385&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450%2C240x600%2C240x600&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=3487&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=9Bu8C1MU2G&p=https%3A//provisor.com.ua&dtd=387

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

64eab8bbee20ea6806d4adbb9958154d70efba6d1d78a409c2eaa7bc7b90ff35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 207
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:36 GMT
expires: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/46143141/
Redirect Chain

https://mc.yandex.com/watch/46143141?wmode=7&page-url=https%3A%2F%2Fprovisor.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A477%3Afu%3A0%3Aen%3Awindows...
https://mc.yandex.com/watch/46143141/1?wmode=7&page-url=https%3A%2F%2Fprovisor.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A477%3Afu%3A0%3Aen%3Awindo...

350 B
432 B

97ms
97ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/46143141/1?wmode=7&page-url=https%3A%2F%2Fprovisor.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A477%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1061431888612%3Ahid%3A24316503%3Az%3A0%3Ai%3A20220827074236%3Aet%3A1661586156%3Ac%3A1%3Arn%3A306144248%3Arqn%3A1%3Au%3A1661586156670714473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661586155248%3Ads%3A0%2C97%2C153%2C47%2C151%2C0%2C%2C91%2C2%2C%2C%2C%2C541%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661586157%3At%3A%D0%96%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%C2%AB%D0%9F%D1%80%D0%BE%D0%B2%D0%B8%D0%B7%D0%BE%D1%80%C2%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

dc7be35aa53e2f6359e67b932200f47868368c9cf2a2a7d27f9cf85559c92a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:36 GMT
x-content-type-options: nosniff
last-modified: Sat, 27-Aug-2022 07:42:36 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://provisor.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 350
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 07:42:36 GMT

Redirect headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:36 GMT
last-modified: Sat, 27-Aug-2022 07:42:36 GMT
location: /watch/46143141/1?wmode=7&page-url=https%3A%2F%2Fprovisor.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A477%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A1061431888612%3Ahid%3A24316503%3Az%3A0%3Ai%3A20220827074236%3Aet%3A1661586156%3Ac%3A1%3Arn%3A306144248%3Arqn%3A1%3Au%3A1661586156670714473%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1661586155248%3Ads%3A0%2C97%2C153%2C47%2C151%2C0%2C%2C91%2C2%2C%2C%2C%2C541%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1661586157%3At%3A%D0%96%D1%83%D1%80%D0%BD%D0%B0%D0%BB%20%C2%AB%D0%9F%D1%80%D0%BE%D0%B2%D0%B8%D0%B7%D0%BE%D1%80%C2%BB&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://provisor.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 27-Aug-2022 07:42:36 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame DEEC 6 KB
1 KB 179ms
62ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=9166063991&adk=3275295246&adf=1536194643&pi=t.ma~as.9166063991&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155991&bpp=1&bdt=336&idt=374&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xH1cyfy05C&p=https%3A//provisor.com.ua&dtd=376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 06:16:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 07:42:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 07:42:36 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame DEEC 2 KB
983 B 328ms
195ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:33:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame DEEC 23 KB
10 KB 187ms
55ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:39:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame DEEC 3 KB
1 KB 298ms
197ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:25:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DEEC 140 KB
44 KB 186ms
70ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 07:42:37 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame DEEC 17 KB
8 KB 195ms
63ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:26:15 GMT

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame DEEC 33 KB
13 KB 204ms
117ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 0983 225 B
355 B 344ms
213ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=9166063991&adk=1006573206&adf=4055061548&pi=t.ma~as.9166063991&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155993&bpp=1&bdt=338&idt=380&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450%2C240x600&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=2143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=0qXytTKcec&p=https%3A//provisor.com.ua&dtd=382

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 11:11:26 GMT
x-content-type-options: nosniff
server: cafe
age: 73871
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14085932017949564970
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
expires: Sat, 27 Aug 2022 11:11:26 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 0983 2 KB
936 B 326ms
195ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:33:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame 0983 23 KB
10 KB 272ms
175ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:39:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 0983 3 KB
1 KB 289ms
193ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:25:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame 0983 17 KB
7 KB 285ms
188ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:26:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0983 140 KB
43 KB 275ms
195ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 07:42:37 GMT

GET
H2 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame 0983 33 KB
13 KB 154ms
72ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
H2 200 11ba241b9597ec96a8a9e01db4cce1e1.js Show response
www.gstatic.com/mysidia/ Frame D9B8 10 KB
5 KB 169ms
53ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=5198483531&adk=356026656&adf=10137820&pi=t.ma~as.5198483531&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155990&bpp=1&bdt=335&idt=371&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AF3kaqZPoO&p=https%3A//provisor.com.ua&dtd=373

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4562
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 03:43:50 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D9B8 2 KB
936 B 325ms
196ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:33:50 GMT

GET
H2 200 c8e0b55fe821c81f08170fdfda7867a2.js Show response
www.gstatic.com/mysidia/ Frame D9B8 22 KB
9 KB 173ms
57ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c8e0b55fe821c81f08170fdfda7867a2.js?tag=exit_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bafe0d77da149747e80070b41884cc9037badf5bc9ceaba305b8ae1510cdf73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:26:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 184592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9364
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 04:26:04 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame D9B8 23 KB
10 KB 199ms
70ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:39:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D9B8 3 KB
1 KB 150ms
150ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:25:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame D9B8 17 KB
7 KB 237ms
108ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:26:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D9B8 140 KB
43 KB 255ms
142ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 07:42:37 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/ Frame B3C1 8 KB
3 KB 234ms
128ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html

Requested by

Host: provisor.com.ua
URL: https://provisor.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb385b3b9c256fd9fd467a4331084d0b2da890e0e02df2692bd0ef8e642cbe6c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 268614
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1757
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 24 Aug 2022 05:05:43 GMT
expires: Thu, 24 Aug 2023 05:05:43 GMT
last-modified: Fri, 12 Aug 2022 14:54:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame DAA9 23 KB
10 KB 221ms
117ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=6787312668&adk=2354762848&adf=2448148850&pi=t.ma~as.6787312668&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155992&bpp=1&bdt=336&idt=377&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=RHrZuDaeyr&p=https%3A//provisor.com.ua&dtd=378

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:39:23 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame DAA9 3 KB
1 KB 300ms
197ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:25:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1038
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:25:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame DAA9 17 KB
7 KB 287ms
183ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:26:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DAA9 140 KB
43 KB 260ms
172ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 07:42:37 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DEEC 0
0 98ms
98ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4G8m7MoJY5D9GK6SjuwP-6Sd2Aue4fW5a6m-_JW-EL7E0oSGAhABIMXF_yFglfrwgYwHoAHlhKTlKMgBCakCVKlVwvy3sD6oAwHIA8sEqgTVAU_Qb_fR20czCbgjLKnI-twsOX7hRmCyX0wOjnRU8vgGOuwKpx3LbemsetP-VojaoHvOuK8LjYDF8jSkJtFV0eZ2hKiHTOvdI77xnXYa3HNSr7sX_mgg9BMyXhc9sOwJHoDGdtZ7pCeQKDfXKB88Fh_VRj1Y_8h7jVte4Ja-Wbj0zd_qKJHiPBmVQJDOT7KiWrTYRjyFCyjpRWlQJar23WcIcZh9YnEnr2fjGBy_5Z6UMZkdMw31fth1UuBFAmNnx_in6f8k7qrgszUd_eSombQSrqrxh8AEvu-vgYsEkgUECAQYAZIFBAgFGASgBi6AB-W89MQDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ4tAF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMK0BUBgBcBshccChoIABIUcHViLTYyMzA4ODAyMjM0ODY3NzUYAA&sigh=YGUeLBSFfUc&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=9166063991&adk=3275295246&adf=1536194643&pi=t.ma~as.9166063991&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155991&bpp=1&bdt=336&idt=374&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=4418&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=xH1cyfy05C&p=https%3A//provisor.com.ua&dtd=376
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Aug 2022 07:42:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0983 0
0 97ms
97ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CmZCQ7MoJY7e5Guuy7AOmwrLYBcOCsYhsievavL4Q2tkeEAEgxcX_IWCV-vCBjAegAb__5qEByAEBqQJyHubSDc4JPqgDAcgDywSqBMwBT9Dxb7UHnYgrssd68hvQHG9QsveTJ93IY2HU1ITHWidVlhG4-ZV_azLpH2fJsqIcVZI34SQpNWCCBuFFlTfC5YkMIB6QfHbELiYeybbFsaFfoFyez2Ov_nYpG2qI8sbqaXnkIhUEIvrqECmM-K3WSxvoi1nGlyTRyGi2VjCtCHOjXV5qU3oiFUlCxjl_U3I_lwPc4SMU52Aqfj2bYpQzNPVspSMWvcyaDA5VNdZa0m8eFeDtzAKk-0RiCDNeOzNh1FEIha3xsydVxcCWwASO_6eYgwSSBQQIBBgBkgUECAUYBKAGAoAHqYCZ3gKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDVkxDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi02MjMwODgwMjIzNDg2Nzc1GAA&sigh=d-A_TmGg4qQ&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=9166063991&adk=1006573206&adf=4055061548&pi=t.ma~as.9166063991&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155993&bpp=1&bdt=338&idt=380&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450%2C240x600&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=2143&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=0qXytTKcec&p=https%3A//provisor.com.ua&dtd=382
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Aug 2022 07:42:36 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 27 Aug 2022 07:42:36 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/2611979054990625108/ Frame DEEC 4 KB
4 KB 252ms
161ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2611979054990625108/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce86ecd33362849fdea49a8af4c32615756e668e610e96df93f432e55490e13a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 22:09:28 GMT
x-content-type-options: nosniff
age: 293589
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3904
x-xss-protection: 0
last-modified: Tue, 16 Aug 2022 10:42:29 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 23 Aug 2023 22:09:28 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15447879294655394342/ Frame DEEC 26 KB
26 KB 290ms
199ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15447879294655394342/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13bbf60a5c0929430e9fa4e8b61919b66766f5e2604c25c58ba7b45806efa5eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 09:05:02 GMT
x-content-type-options: nosniff
age: 167855
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26398
x-xss-protection: 0
last-modified: Wed, 10 Aug 2022 13:17:44 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Aug 2023 09:05:02 GMT

GET
DATA 200
OK truncated
/ Frame DEEC 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 15894239385905038544
tpc.googlesyndication.com/daca_images/simgad/ Frame 0983 30 KB
30 KB 212ms
130ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/15894239385905038544?w=360&h=640

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d12ea808d7d4dd37d3f8834a9567561eba47355f2937948ee6219f0b39dfa4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 05:10:18 GMT
x-content-type-options: nosniff
age: 9139
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30981
x-xss-protection: 0
last-modified: Fri, 26 Aug 2022 07:55:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 03 Sep 2022 05:10:18 GMT

GET
H2 200 11ba241b9597ec96a8a9e01db4cce1e1.js Show response
www.gstatic.com/mysidia/ Frame E3F9 10 KB
5 KB 102ms
67ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/11ba241b9597ec96a8a9e01db4cce1e1.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=280&slotname=9166063991&adk=3915986777&adf=3377321640&pi=t.ma~as.9166063991&w=780&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155989&bpp=1&bdt=334&idt=365&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7893079252336&frm=20&pv=2&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=354&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yZ6BKoYnhR&p=https%3A//provisor.com.ua&dtd=369

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:43:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4562
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 23 Nov 2022 03:43:50 GMT

GET
H2 200 120dba6b59d2f966bd44cf141203e8a0.js Show response
www.gstatic.com/mysidia/ Frame E3F9 150 KB
56 KB 169ms
133ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d644294233adb479cce7d6390b93dc5ae6fe97f8cad88596d5208942aee6b3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 23:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 204077
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57108
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 23:01:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame E3F9 4 KB
887 B 96ms
63ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 07:26:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 07:42:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 07:42:36 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E3F9 2 KB
902 B 180ms
68ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:33:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:33:50 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/ Frame E3F9 23 KB
10 KB 213ms
164ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:39:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9668
x-xss-protection: 0
server: cafe
etag: 3250940068065303693
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:39:23 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E3F9 3 KB
1 KB 181ms
69ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 307
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:37:30 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/ Frame E3F9 17 KB
7 KB 219ms
171ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220822/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:26:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7599
x-xss-protection: 0
server: cafe
etag: 9215437806027971270
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Sep 2022 07:26:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E3F9 140 KB
43 KB 237ms
205ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44079
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1661341966742178"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 07:42:37 GMT

GET
H3 200 e3ca5db921b3b46420ba257a4c2f6b26.js Show response
www.gstatic.com/mysidia/ Frame E3F9 33 KB
13 KB 166ms
57ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 22:40:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205349
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13683
x-xss-protection: 0
last-modified: Mon, 22 Aug 2022 19:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 22 Nov 2022 22:40:08 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11050985128579825162/ Frame D9B8 79 KB
79 KB 187ms
186ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11050985128579825162/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e21ff6601f233c390b976c905ce9ff285d5b5ee4b8ccf94d5ac1f62b17c888f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 17:50:07 GMT
x-content-type-options: nosniff
age: 222750
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80476
x-xss-protection: 0
last-modified: Wed, 15 Dec 2021 10:11:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 17:50:07 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6961404164278659398/ Frame D9B8 182 KB
182 KB 163ms
163ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6961404164278659398/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da76311664f06c140fb4e3211faa44d18a6a1d3d3871ba76c6dec9d20bc5ffd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 03:42:34 GMT
x-content-type-options: nosniff
age: 446403
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 186163
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 06:32:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 22 Aug 2023 03:42:34 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/6987114930873387740/ Frame D9B8 65 KB
65 KB 219ms
219ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6987114930873387740/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da48db43161bd702e223a745d608da96578bb75ecc9c11d82f493e16b7269647

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 14:46:10 GMT
x-content-type-options: nosniff
age: 233787
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 66671
x-xss-protection: 0
last-modified: Mon, 18 Jan 2021 08:06:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 14:46:10 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/13888601744655779864/ Frame D9B8 100 KB
100 KB 174ms
174ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13888601744655779864/downsize_200k_v1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

148ac8c7a2f9227b6dec33bf7ef8d08571e4f10ebefd021245693f7097403889

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 04:53:06 GMT
x-content-type-options: nosniff
age: 182971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102156
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 12:33:06 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 25 Aug 2023 04:53:06 GMT

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame D9B8 99 KB
99 KB 426ms
426ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=5198483531&adk=356026656&adf=10137820&pi=t.ma~as.5198483531&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155990&bpp=1&bdt=335&idt=371&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AF3kaqZPoO&p=https%3A//provisor.com.ua&dtd=373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28497
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D9B8 0
0 98ms
98ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CU-ak7MoJY-3uGditYubli5gM1ZSY22ur4syZ6A-2wr7ehQIQASDFxf8hKARglfrwgYwHoAG3mIGiKMgBBqkChyy5aZCDez6oAwHIAwKqBNYBT9Bymt758YE6IRv1_k6yWo6MB3uj4jk0TA-8HN5JQy26f_SLShSuJGA_MlM6jMlfpEFdcRbEXx3C_dKP9f6YmtsK5wE_o7cfbluvGxK1v75roi_UvaOMFp-P3bvhKX7tKUT52zdaDvCgqYsRYnX3fHl0HHbeX0z9UTuedMF6FbHciOMjm6MuyCrIMmYeAXxlT9kFW16r5iUiK5HdFa_sDqyQEBmFtgVK2FFm4Ryetgk1jQetoRKHbnxbTZwUBtEHoIhFnZgOkR6ruxeD4Yxm5ro2N_Bi6cAEpfirnPQDkgUECAQYAZIFBAgFGASgBjeAB77NkIgDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQlHjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi02MjMwODgwMjIzNDg2Nzc1GAA&sigh=T1uWpw6sNPw&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=5198483531&adk=356026656&adf=10137820&pi=t.ma~as.5198483531&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155990&bpp=1&bdt=335&idt=371&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AF3kaqZPoO&p=https%3A//provisor.com.ua&dtd=373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Aug 2022 07:42:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D9B8 0
0 98ms
96ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZYpX7MoJY-3uGditYubli5gM9rqmp2uusprElxDa2R4QAiDFxf8hKARglfrwgYwHoAH-xpnDA8gBBqkCVKlVwvy3sD6oAwHIAwKqBMoBT9A198L58oE6IRv1_k6yWo6MB3uj4jk0TA-8HN5JQy26f_SLShSuJGA_MlM6jMlfpEFdcRbEXx3C_dKP9f6YmtsK53k8o_cfaTOvSDWBOWeBp3vVqV2N5W9kIyYXwn1zKOgPJbavDfBVqs9kYfUCf3mBHXarXEwIUjtrdcGPFrEpi-PWmKHbyyo9MWbrAn-QTNnlXYKqMhbCLAvilaTBACJno9McXCHYihDP0gn7LgPkxxKvDJ1N1YVDVaN3UfMHqoFnk4DnRFmiH8AEhs_hnY4EkgUECAQYAZIFBAgFGASgBjeAB7zt3jKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxCUeNIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMNiBQB0BUBgBcBshccChoIABIUcHViLTYyMzA4ODAyMjM0ODY3NzUYAA&sigh=jDIKkvx-nZY&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=5198483531&adk=356026656&adf=10137820&pi=t.ma~as.5198483531&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155990&bpp=1&bdt=335&idt=371&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AF3kaqZPoO&p=https%3A//provisor.com.ua&dtd=373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Aug 2022 07:42:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D9B8 0
0 99ms
98ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzX4i7MoJY-3uGditYubli5gM0ubPhmzU1MKwvBCLtt2HmA4QAyDFxf8hKARglfrwgYwHoAGk3ZqLA8gBBqgDAcgDAqoEzAFP0B-04_nzgTohG_X-TrJajowHe6PiOTRMD7wc3klDLbp_9ItKFK4kYD8yUzqMyV-kQV1xFsRfHcL90o_1_pia2wrnAT-jtx9uO6_JTAYjl6cJ_j5CwhAMhPnfz-E8fIYrrPomcloOcKCpzxFi9Xd8eXQcdl5dTP1RO552wXoVsdyI4yOboy7IKMgyZh4BfmVP2AVbXr7jruao5L0WNLOMKKqrtqXNPUpt92SMmklltwLvlgE7v0fcp09NfPMfraIQqUWdmAyRAseMd7zABKH93KjuA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfEouV0qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQlHjSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi02MjMwODgwMjIzNDg2Nzc1GAA&sigh=41TjV7MjFDo&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=5198483531&adk=356026656&adf=10137820&pi=t.ma~as.5198483531&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155990&bpp=1&bdt=335&idt=371&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AF3kaqZPoO&p=https%3A//provisor.com.ua&dtd=373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Aug 2022 07:42:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D9B8 0
0 96ms
96ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9CZX7MoJY-3uGditYubli5gM8-r0hWzCmciJ4g-wkB8QBCDFxf8hKARglfrwgYwHoAHUkp7IAcgBBqkCVKlVwvy3sD6oAwHIAwKqBMsBT9A5kfD59IE6IRv1_k6yWo6MB3uj4jk0TA-8HN5JQy26f_SLShSuJGA_MlM6jMlfpEFdcRbEXx3C_dKP9f6YmtsK53k8o_cfajOvWBrcH2eBp3vVqV2N5W9kIyYXwn1zKOgPJbavDfBVqs9kYfUCf3mBHXarXEwIUjtrdcGPFrEpi-PWmKHbyyo9MWbrAn-QTNnlXaDAY5wgy5bHrioGxSrvT7q5zAjzbyjmndDs_WK2wIOviTpl94VPQWgWA_SWoKNnnZYafHDtxvrABIqF1pWPBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAeU7eG3AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEJR40ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw2IFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNjIzMDg4MDIyMzQ4Njc3NRgA&sigh=7wCzXouCLcI&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=450&slotname=5198483531&adk=356026656&adf=10137820&pi=t.ma~as.5198483531&w=750&cr_col=4&cr_row=2&fwrn=2&lmt=1661586156&rafmt=9&psa=0&format=750x450&url=https%3A%2F%2Fprovisor.com.ua%2F&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155990&bpp=1&bdt=335&idt=371&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=369&ady=3900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=AF3kaqZPoO&p=https%3A//provisor.com.ua&dtd=373
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Aug 2022 07:42:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E3F9 37 KB
37 KB 185ms
54ms Image
image/jpeg 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTd0e1nsR6oRWhZcTbY5vFo5bayZ-d3AlRioUoZvhZddQ1S1IuwEXegQEVgVWQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc417e6cc362c6087fa449776fec59d36bd0604cbfc88b34612b162e437a89e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 12:20:51 GMT
x-content-type-options: nosniff
age: 588106
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37402
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 06:57:52 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 12:20:51 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E3F9 34 KB
34 KB 259ms
116ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcT-cc_kwAGJvnQrWWK0qyh2jL399jhiOVKeJhFAzBe4n4Ma3ffEUxe8yVWJSoo&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab601e344ebea73f9443dc7f0b85ea380d6204566bb5531056a09ce59da1b5e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:49:33 GMT
x-content-type-options: nosniff
age: 3184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34660
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 14:43:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Aug 2023 06:49:33 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame E3F9 36 KB
37 KB 188ms
57ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcSq7LyDmh1fFxDI3XwOPemUBEOZH1Oqq9XoAOGWn5vJc0aVQCxpYocc_55MzxI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60a27d4b6b9dc33e18e75ee58b7dc7608a6f0fd0d75e9ba73c397c660ab7997a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 20 Aug 2022 13:13:46 GMT
x-content-type-options: nosniff
age: 584931
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36931
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 18:19:00 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 20 Aug 2023 13:13:46 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame E3F9 32 KB
33 KB 197ms
55ms Image
image/jpeg 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcRU8--oPaV0TUTSN47Wfa2x94knHgc8j0dHjqJX4tmrBV_YKSJtK99Zo-qsCoQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fddd2908bd6f7c49cebb8910902f33e4b05e761e9d2f492deea1f0a55187275

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:49:33 GMT
x-content-type-options: nosniff
age: 3184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32681
x-xss-protection: 0
last-modified: Fri, 19 Aug 2022 01:14:44 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 27 Aug 2023 06:49:33 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame E3F9 9 KB
9 KB 253ms
122ms Image
image/png 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRzO8XqFKGWuT4nUjSX2UZQEELvCJoNkgkC1csnQuDjslBbnko&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2aa9f94a55d16fd1dc4bf8599586b56a57c7655961ebdc53ae8b54db89dff4fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 03:36:26 GMT
x-content-type-options: nosniff
age: 187571
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8992
x-xss-protection: 0
last-modified: Thu, 10 Jan 2019 12:50:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 25 Aug 2023 03:36:26 GMT

GET
DATA 200
OK truncated
/ Frame D9B8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 314950f916c100bf2b3a89ad1da09b810ae46dced3c3e718258a8f163f97d1dd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82FE 143 B
163 B 54ms
54ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=6787312668&adk=2354762848&adf=2448148850&pi=t.ma~as.6787312668&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155992&bpp=1&bdt=336&idt=377&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=RHrZuDaeyr&p=https%3A//provisor.com.ua&dtd=378
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 07:39:18 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame B3C1 9 KB
3 KB 81ms
58ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 09:41:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79259
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 27 Aug 2022 09:41:38 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame B3C1 26 KB
10 KB 80ms
57ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12513
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 28 Aug 2022 04:14:04 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame B3C1 1 KB
396 B 174ms
64ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:700,400

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 07:42:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 07:42:37 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 07:42:37 GMT

GET
H3 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/ Frame B3C1 9 KB
9 KB 55ms
54ms Image
image/png 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78672eb7b5e51ed374bd2f8941cf091b5d175ed5353cea941c62436335df041b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 272146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8815
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 14:54:51 GMT
server: sffe
date: Wed, 24 Aug 2022 04:06:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 04:06:51 GMT

GET
H3 200 300x600.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/ Frame B3C1 162 KB
162 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/300x600.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/10669166306190290360/300x600_EN_V2/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7fbe9ffd8252136010e0c318bc3082a2483d60597f20beca2fb3df1b8eafb18c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 272146
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165840
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 14:54:51 GMT
server: sffe
date: Wed, 24 Aug 2022 04:06:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 24 Aug 2023 04:06:51 GMT

GET
DATA 200
OK truncated
/ Frame DEEC 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80c796b921cb34717e5afb72707886e1f1da763396a2fd984673ccf5de996c57

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 204 csi
csi.gstatic.com/ Frame E3F9 0
327 B 217ms
73ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l7blhw8a&c=8765407112480&slotId=4382703556240&qqid=CLrr9-TC5vkCFVoHewodKjUJsg&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=ssc&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hq1.jpg
i1.ytimg.com/vi/BmGHpPjcnhw/ Frame E3F9 13 KB
14 KB 188ms
54ms Image
image/jpeg 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.ytimg.com/vi/BmGHpPjcnhw/hq1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c928b7ec0820c7a400100ddc55ace5622e146416647ed9d7dd8d350a28624452

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:41:24 GMT
x-content-type-options: nosniff
age: 73
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13797
x-xss-protection: 0
server: sffe
etag: "0"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 27 Aug 2022 09:41:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E3F9 0
0 102ms
98ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPTOp7MoJY7rFGdqO7AOq6qSQC9P4wIhs1t_d2JYQy43OiOswEAEgxcX_IWCV-vCBjAegAae3ldsDyAEJqQJUqVXC_LewPqgDAcgDywSqBMcBT9DwyijR3t-bp6rHB91omfB1pUYJMGDVwoxDOxaCOkxfsK_Rdryhsn6rNoIJ73gk2k5tDm0qfAk3A13q8_BeJzcEqNS_GLM7xGmEDEZM1inLfGLEwPW-Cxeil93_RjYJqLDsORknt6ft4f7cCtgyskrQEadaDHDIFgzxpRLxKEXhZErYrclozkajWpG3hs-fySCwHUVtPu44Dr8w-pM8i0xiX0uGkGk2yWS7ESBFIcctW75Z9BXwLlpJz0aL5opXX2UdDkVtXcAEmKGWuoIEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB8HI6iSoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQv6Yf0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwvQFQGYFgGAFwGyFxwKGggAEhRwdWItNjIzMDg4MDIyMzQ4Njc3NRgA&sigh=trVyVho2ex8&uach_m=[UACH]&template_id=499

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=280&slotname=9166063991&adk=3915986777&adf=3377321640&pi=t.ma~as.9166063991&w=780&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155989&bpp=1&bdt=334&idt=365&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7893079252336&frm=20&pv=2&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=354&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yZ6BKoYnhR&p=https%3A//provisor.com.ua&dtd=369
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Aug 2022 07:42:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E3F9 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d7ae2e4372a13b31cafd9be65d7d73c7d29f15716d774c2810aeaf6cb969607

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 206
Partial Content videoplayback
rr2---sn-h0jelnes.googlevideo.com/ Frame E3F9 1 MB
1 MB 403ms
231ms Media
video/mp4 2a00:1450:4016:7::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://rr2---sn-h0jelnes.googlevideo.com/videoplayback?expire=1661614956&ei=7MoJY6iLL8L3yQWVo5GoCw&ip=2a01:4a0:2c::9&id=066187a4f8dc9e1c&itag=18&source=youtube&requiressl=yes&mh=5P&mm=31&mn=sn-h0jelnes&ms=au&mv=u&mvi=2&pl=46&susc=gvp&acao=yes&ctier=L&mime=video/mp4&vprv=1&dur=15.061&lmt=1659604326763729&mt=1661585704&txp=6310224&sparams=expire,ei,ip,id,itag,source,requiressl,susc,acao,ctier,mime,vprv,dur,lmt&sig=AOq0QJ8wRAIgMry5ZKSGHQ2QwHhomKf_l53OqVm8zPbMINPYVYnU97ECICfLlYJri_9CatWQQP7eNY62BQ0D-c9VNk7sOhtqd-4z&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRAIgT8FqpWigAPUuziSYi5ovN_xuyme20F50FL9KDFjHSSICIHJ1gRDl3E7EIYdaeWf_rGHdho0Xt30nYU4B9QC2-Nfd&cpn=AG4TWStf2dPAwrJS

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4016:7::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

5b92d1b7f95b2050140a0ba991491ddfc1f1f127058cc5f8221706dbf1c4c67e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 27 Aug 2022 07:42:37 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Aug 2022 09:12:06 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-1124172/1124173
Cache-Control: private, max-age=28499
Cross-Origin-Resource-Policy: cross-origin
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 1124173
Expires: Sat, 27 Aug 2022 07:42:37 GMT

GET
DATA 200
OK truncated
/ Frame DAA9 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e9d684bd576f20f3ce51d9ccb5db291402450f6a511c2ef445d132007b0e798

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0983 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2dac9fa0baee887b33a86f7e369d84459077f6cefa3380dc13a0c7dc1e3d03ac

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DEEC 15 KB
16 KB 168ms
53ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 399465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame DEEC 15 KB
15 KB 182ms
70ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 22 Aug 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 399772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Aug 2023 16:39:45 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 930F 36 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 07:23:16 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 82FE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

65ms
65ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:37 GMT
expires: Sat, 27 Aug 2022 07:42:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:37 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame E3F9 17 KB
17 KB 237ms
141ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyk.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 24 Aug 2022 20:35:41 GMT
x-content-type-options: nosniff
age: 212816
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17204
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 24 Aug 2023 20:35:41 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame BD6A 36 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 07:23:16 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E3F9 0
54 B 73ms
73ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l7blhw8h&c=8765407112480&slotId=4382703556240&qqid=CLrr9-TC5vkCFVoHewodKjUJsg&umsem=0&ple=1&ape=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F11ba241b9597ec96a8a9e01db4cce1e1.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E3F9 0
54 B 73ms
73ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l7blhwcx&c=8765407112480&slotId=4382703556240&qqid=CLrr9-TC5vkCFVoHewodKjUJsg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F120dba6b59d2f966bd44cf141203e8a0.js%253Ftag%253Dgpa%252Fdynamic_fig_web_banner_v2&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E3F9 0
54 B 73ms
73ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l7blhwcy&c=8765407112480&slotId=4382703556240&qqid=CLrr9-TC5vkCFVoHewodKjUJsg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Fe3ca5db921b3b46420ba257a4c2f6b26.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E3F9 0
54 B 74ms
73ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l7blhwcy&c=8765407112480&slotId=4382703556240&qqid=CLrr9-TC5vkCFVoHewodKjUJsg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn1.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcTd0e1nsR6oRWhZcTbY5vFo5bayZ-d3AlRioUoZvhZddQ1S1IuwEXegQEVgVWQ%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame E3F9 0
54 B 74ms
73ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~l7blhwcy&c=8765407112480&slotId=4382703556240&qqid=CLrr9-TC5vkCFVoHewodKjUJsg&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fencrypted-tbn1.gstatic.com%252Fshopping%253Fq%253Dtbn%253AANd9GcRzO8XqFKGWuT4nUjSX2UZQEELvCJoNkgkC1csnQuDjslBbnko%2526usqp%253DCAI&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:37 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ Frame B3C1 23 KB
23 KB 204ms
115ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:700,400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 311723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 17:07:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DAA9 0
17 B 98ms
98ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C-hB17MoJY7iQGviO7AOTjJ-4C47ppOlr6cXi8ccQ3auDwvAiEAEgxcX_IWCV-vCBjAegAe6YpO0ByAEJqQI1f6lF6b6pPqgDAcgDSKoEyAFP0EWBJP9CyQtwAjVAtYAATbDMPVDCr0ZZm0aIUsny60hfN2cLqxvCORNpbyr5cKrc0Kss7J5kwFSTwX9YLgWiUZvUZKlFRsftTab04YgJvOsy2mSihyjMP4DJV_1WTl9mlfqTLNJc-2YyFCez9DOjoKj0kiENbq6D46PuNMl-h94uGskJSW8DmPbDb0oc6R6rPNq2OOLExc44cppHnnSvx8LIUkivVT51wGcW7FhHztFDmKQVki0rGPJ32Pms-iGDg-iulUY1MsAEpo_vlIUEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB_rm25ICqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ_M8E0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjIzMDg4MDIyMzQ4Njc3NRgA&sigh=J77uLog2JrU&uach_m=[UACH]&template_id=419&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=600&slotname=6787312668&adk=2354762848&adf=2448148850&pi=t.ma~as.6787312668&w=240&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=240x600&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155992&bpp=1&bdt=336&idt=377&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C780x280%2C750x450%2C750x450&nras=1&correlator=7893079252336&frm=20&pv=1&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1159&ady=733&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=RHrZuDaeyr&p=https%3A//provisor.com.ua&dtd=378
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 27 Aug 2022 07:42:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame B3C1 36 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 07:23:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 217ms
109ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220822&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c499da2cc36d6ce05bc351c00aaf86205d7514215ca9aba5e225291a6f023baa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 27 Aug 2022 07:42:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11080
x-xss-protection: 0

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E3F9 42 B
64 B 91ms
91ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=CqzAB7MoJY7rFGdqO7AOq6qSQC9P4wIhs1t_d2JYQy43OiOswEAEgxcX_IWCV-vCBjAegAae3ldsDyAEJqQJUqVXC_LewPqgDAcgDywSqBMoBT9DwyijR3t-bp6rHB91omfB1pUYJMGDVwoxDOxaCOkxfsK_Rdryhsn6rNoIJ73gk2k5tDm0qfAk3A13q8_BeJzcEqNS_GLM7xGmEDEZM1inLfGLEwPW-Cxeil93_RjYJqLDsORknt6ft4f7cCtgyskrQEadaDHDIFgzxpRLxKEXhZErYrclozkajWpG3hs-fySCwHUVtPu44Dr8w-pM8i0wgXWoUV5mewqgTDb2ja2XjbpxTWR_eNojPMQwpIhJ_c33Y2_VmkaW4ZMAEmKGWuoIEwAUFoAYugAfByOokqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbgMAeAS2Yfiw8D97Okm2BML0BUBmBYB-BYBgBcB&sigh=RzX8GnOdBJk&cid=CAQSGwCsnQUxb9chN_r3DMuoY7bixmsTb8HB-I1ADw&label=adresume

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=280&slotname=9166063991&adk=3915986777&adf=3377321640&pi=t.ma~as.9166063991&w=780&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155989&bpp=1&bdt=334&idt=365&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7893079252336&frm=20&pv=2&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=354&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yZ6BKoYnhR&p=https%3A//provisor.com.ua&dtd=369
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 414C 36 KB
14 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 07:23:16 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 07:42:38 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame E3F9 42 B
64 B 93ms
92ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6230880223486775&output=html&h=280&slotname=9166063991&adk=3915986777&adf=3377321640&pi=t.ma~as.9166063991&w=780&fwrn=4&fwrnh=100&lmt=1661586156&rafmt=1&psa=0&format=780x280&url=https%3A%2F%2Fprovisor.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661586155989&bpp=1&bdt=334&idt=365&shv=r20220822&mjsv=m202208180101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7893079252336&frm=20&pv=2&ga_vid=1513260282.1661586156&ga_sid=1661586156&ga_hid=914108125&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=354&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31068874%2C31069063%2C31060049&oid=2&pvsid=1221568803742622&tmod=927750893&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=yZ6BKoYnhR&p=https%3A//provisor.com.ua&dtd=369
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7D93 13 KB
5 KB 55ms
53ms Document
text/html 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:36:41 GMT
expires: Sun, 27 Aug 2023 07:36:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D06D 783 B
538 B 176ms
64ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

600bcfc0b5307f322819bd76705f86cb594d07cff0070cfe4ee6f9db34eec114

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-64VHKFR21NVIgLk4JXo6vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://provisor.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 516
content-security-policy: script-src 'report-sample' 'nonce-64VHKFR21NVIgLk4JXo6vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 27 Aug 2022 07:42:38 GMT
expires: Sat, 27 Aug 2022 07:42:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js Show response
pagead2.googlesyndication.com/bg/ Frame 7D93 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 25 Aug 2022 07:23:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173962
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14036
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 08:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 25 Aug 2023 07:23:16 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D06D 0
0 87ms
87ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220822&jk=1221568803742622&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7D93 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:812::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vQ6K_A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 07:42:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DAA9 42 B
64 B 90ms
89ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssGaPHIThULMUfMkABjOhurJAHtP0FhbQYTi3uOqHQ7Z9g8aYTGsCNe1aSXd9EqVI4CJ5F4yJKC1nCP5syBJq716nkqXceny0gM4iGilqCh1KOPvV6Gs6xLzXysMfS5YozVKseN5w&sai=AMfl-YRrt9AzNnFavaU0kc9i-6FKtjaSMqgilXYi4qiZl10m3IUZ4XwKBH5N2HE60Oc6ZXZ9SuBqBBIt1xOj&sig=Cg0ArKJSzHKZ1Iu0uUKOEAE&id=lidar2&mcvt=1000&p=0,0,480,240&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=0.97&if=1&vu=1&app=0&itpl=2&adk=2354762848&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661586156856&rpt=396&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E3F9 42 B
64 B 89ms
88ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvpvr_6C1PQ_MIT2rFHi1Oh38ljuDALQoEeanK5K7Nm56mjB7FI1_OHIMs19kEcdhG2_rzYwH_wCUxZ-OaK-N11l11khZqRbjdrvFTjjVOXa6O8CC-B9dmhZ5JK_AlxAamtONx2gA&sai=AMfl-YSy_D2sLYonMGPk296qmr-hDHPseyYN-GnI4KnF_Y-nqXBrXPMKuy-SMMYAUf_-k7flDje2IWL7lDcw&sig=Cg0ArKJSzNMtjSOInZYKEAE&id=lidar2&mcvt=1000&p=0,0,280,780&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220824&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3915986777&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661586156359&rpt=1357&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
89ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220822&jk=1221568803742622&bg=!CQqlCk7NAAYUOm8VNDo7ACkAdvg8WpRDhkqwA6kEk14ijNSXpIEx0IPyKZ3mUTMivMcOC3_i2fgcEgIAAABWUgAAAAJoAQcKAH_g0Cl8Kr1U-UbwDfXcpFn8JoQs1DPRxKUUIunbekxazoknlruHD4F5XU_ZjEB7kNvJzgO4m6IT8cHBiARqmGsqOl4N-bYnspvsngsL0hSB8qHGlzXeclzRbod9rdOLuuJzA4EKhLAGlPlCDpMumF0ZmToPxNx7nqrLkFR6BdnDmQKgtX91Az14j8nnlTcjBFwNNFF-U4Z73IZUT7ImRks-DtQiOaLbN2cwZW_Bv4HLvqGsj59w7WYUHBmQDVOOyf3uKmTqqspAOzqaJjMsuytpa01iU4hg3hnDCpzvWdkFx9u_gpWVmV3TRUcD6z5eSCa4bsVo1a0RL6iMsSJD6IWOAUOdpzu1Fx9709-kf3EODtqI9I_T5Dvcp7iGAAfaklRRUkI4KVGay9bdSKKN4NURsFPBGCuvuA9WECNj0rYlomOAdUIT33TlEYymSp6IMf7SyJ51fuEtv_O9Ng58TAoRlQrIPzb6YfyblUswUbjhwlqrNnE9IMR7tR-H8bJH56OUP0Wt_zSsTs8dmyjCYlA9SZwnMDVKUfv-V03U03zk9h5MAv6CoGzMOS_OvCx44TEX0koVoQydRqcQ0crFlQdF3W5pIXaPVCufkIpqTx--TgN6Hq85gGpdvcOH8svN-Ewkeu-FZpRw7jV4Bvvn3dt8ZvM02fAQ4ym2djgECWV4Klidogdlg8KdEsUUN7alJ6varPRBaGi5NuOA6dY7oe8FWRpqPdTObXwqnj84rp56Jyu-IRoVxxIfky5W5dzEYl6ZXvK63bGUJpjQyoxKbGlysNdQJ-yeJ_9-yQ_W7bappD_PN-3jLct4aI4g0YeXPGDna24FxI5I7U-sRguWgO2tj9ZJhNdVPiCiDgPEW4qk8060Qy3d8_6G3MNfI7PsDc5j9YDBSLIlpj9efLJ2StwGWW28D89zQ5B8uFUpTtxyEx2bqlEoBh_MCxbInYukku2YadKV1SkC3PWajiQ1Qd4YgBjsacHu7GP5wIvmRP2kA_LBNEnHH4r-wZnl-9uVbgItnj7u53rYmXmWamlZBeGzOVeSA2DZtjKxOEOh-I3UhFyw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://provisor.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame E3F9 0
17 B 183ms
74ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~l7blhwcz&c=8765407112480&slotId=4382703556240&qqid=CLrr9-TC5vkCFVoHewodKjUJsg&dm=15021&event_name=first_play&asset_bytes=21787&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=12&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=7&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l7blhwul
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/120dba6b59d2f966bd44cf141203e8a0.js?tag=gpa/dynamic_fig_web_banner_v2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 27 Aug 2022 07:42:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET /
googleads.g.doubleclick.net/pagead/interaction/ Frame E3F9 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: an.yandex.ru
URL: http://an.yandex.ru/system/context.js

Domain: mc.yandex.ua
URL: https://mc.yandex.ua/sync_cookie_image_check

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/interaction/?ai=CqzAB7MoJY7rFGdqO7AOq6qSQC9P4wIhs1t_d2JYQy43OiOswEAEgxcX_IWCV-vCBjAegAae3ldsDyAEJqQJUqVXC_LewPqgDAcgDywSqBMoBT9DwyijR3t-bp6rHB91omfB1pUYJMGDVwoxDOxaCOkxfsK_Rdryhsn6rNoIJ73gk2k5tDm0qfAk3A13q8_BeJzcEqNS_GLM7xGmEDEZM1inLfGLEwPW-Cxeil93_RjYJqLDsORknt6ft4f7cCtgyskrQEadaDHDIFgzxpRLxKEXhZErYrclozkajWpG3hs-fySCwHUVtPu44Dr8w-pM8i0wgXWoUV5mewqgTDb2ja2XjbpxTWR_eNojPMQwpIhJ_c33Y2_VmkaW4ZMAEmKGWuoIEwAUFoAYugAfByOokqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbgMAeAS2Yfiw8D97Okm2BML0BUBmBYB-BYBgBcB&sigh=RzX8GnOdBJk&cid=CAQSGwCsnQUxb9chN_r3DMuoY7bixmsTb8HB-I1ADw&label=videoplaytime25

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
provisor.com.ua/	1969-12-31 23:59:59	Name: b Value: b
.provisor.com.ua/	1970-01-20 15:09:06	Name: __utma Value: 136848113.1513260282.1661586156.1661586156.1661586156.1
.provisor.com.ua/	1969-12-31 23:59:59	Name: __utmc Value: 136848113
.provisor.com.ua/	1970-01-20 09:55:54	Name: __utmz Value: 136848113.1661586156.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.provisor.com.ua/	1970-01-20 05:33:06	Name: __utmt Value: 1
.provisor.com.ua/	1970-01-20 05:33:07	Name: __utmb Value: 136848113.1.10.1661586156
.provisor.com.ua/	1970-01-20 14:18:42	Name: _ym_uid Value: 1661586156670714473
.provisor.com.ua/	1970-01-20 14:18:42	Name: _ym_d Value: 1661586156
.provisor.com.ua/	1970-01-20 05:34:18	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 05:33:06	Name: sync_cookie_csrf Value: 1563748391fake
.provisor.com.ua/	1970-01-20 14:54:42	Name: __gads Value: ID=d230f15a779b2a67-224d57fe05ce0062:T=1661586156:RT=1661586156:S=ALNI_Mb61hWD7MKZU5ubUz0ZZ2ZWTaYY5g
.mc.yandex.ru/	1970-01-20 05:33:06	Name: sync_cookie_csrf Value: 4210822115fake
.yandex.com/	1970-01-20 14:18:42	Name: yandexuid Value: 823545951661586156
.yandex.com/	1970-01-20 14:18:42	Name: yuidss Value: 823545951661586156
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2304301461661586156
.yandex.com/	1970-01-20 15:09:06	Name: i Value: 70VdOiDA4TJWxaAfLjTcYk9Y98rTz2vr99hWgi608vO4MaEyg9s6n+GoXbXRBQgwxxYZf9nd6ywb/il7UTuAOA9Bwmc=
.yandex.com/	1970-01-20 14:18:42	Name: ymex Value: 1693122156.yrts.1661586156#1693122156.yrtsi.1661586156
.provisor.com.ua/	1970-01-20 05:33:07	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 14:54:42	Name: IDE Value: AHWqTUmSiEBHtKMUQ8BfgmQ6K4_ZLe4AhS1XO4H5kOuV_N1FKUYEelak6CZC3Rbs98Q
.doubleclick.net/	1970-01-20 05:33:09	Name: DSID Value: NO_DATA

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://provisor.com.ua/ Message: Mixed Content: The page at 'https://provisor.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://www.provisor.com.ua/100matolog/img/logo_4.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
javascript	warning	URL: https://provisor.com.ua/(Line 591) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://an.yandex.ru/system/context.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://provisor.com.ua/(Line 591) Message: Mixed Content: The page at 'https://provisor.com.ua/' was loaded over HTTPS, but requested an insecure script 'http://an.yandex.ru/system/context.js'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://provisor.com.ua/(Line 591) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://an.yandex.ru/system/context.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	warning	URL: https://provisor.com.ua/(Line 1001) Message: Mixed Content: The page at 'https://provisor.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://www.provisor.com.ua/100matolog/img/logo_4.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://provisor.com.ua/ Message: Mixed Content: The page at 'https://provisor.com.ua/' was loaded over HTTPS, but requested an insecure element 'http://c.bigmir.net/?s54320&t12&c1&d24&r1600'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://mc.yandex.ua/sync_cookie_image_check Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9743.1FX6GXvUkV9Jlqt7TMfcvl2x5YulNikQqOd6QqDtFe9jtbNoihzySJIJjN3oPqxkOfksyk6RMg5XiN_cgkF1Ww%2C%2C.30HpnADQCfPHE63Tw9s2TNCAPhU%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
an.yandex.ru
c.bigmir.net
csi.gstatic.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i1.ytimg.com
informer.yandex.ru
mc.yandex.com
mc.yandex.ru
mc.yandex.ua
pagead2.googlesyndication.com
partner.googleadservices.com
provisor.com.ua
rr2---sn-h0jelnes.googlevideo.com
site.yandex.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.provisor.com.ua
yastatic.net
an.yandex.ru
googleads.g.doubleclick.net
mc.yandex.ua
142.250.185.98
193.239.68.97
2001:4860:4802:32::3
2a00:1450:4001:801::2003
2a00:1450:4001:801::200e
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:812::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:400c:c0d::9a
2a00:1450:4016:7::7
2a02:6b8:20::215
2a02:6b8::1:119
2a06:98c1:3120::c
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04b7de004e45a5f05f8187b39402c46557b6b5b9439bc7f363cc25ec16536326
0ba081f546084bd5097aa8a73c75931d5aa1fc4d6e846e53c21f98e6a1509988
0c450d927decf84683fd76fa87c6e13d438d71afeb650577d88e591317703d95
0d5d68c9199e0a4859d45fd2e5aad75c3280ad5f9406ac8c0b053c6f4f1ac4cf
13bbf60a5c0929430e9fa4e8b61919b66766f5e2604c25c58ba7b45806efa5eb
148ac8c7a2f9227b6dec33bf7ef8d08571e4f10ebefd021245693f7097403889
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1d7ae2e4372a13b31cafd9be65d7d73c7d29f15716d774c2810aeaf6cb969607
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
1fddd2908bd6f7c49cebb8910902f33e4b05e761e9d2f492deea1f0a55187275
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2aa9f94a55d16fd1dc4bf8599586b56a57c7655961ebdc53ae8b54db89dff4fc
2b028b601c5159c3a4815c1eb014d96894703f778c6d98c4206c95399fae92da
2d12ea808d7d4dd37d3f8834a9567561eba47355f2937948ee6219f0b39dfa4a
2dac9fa0baee887b33a86f7e369d84459077f6cefa3380dc13a0c7dc1e3d03ac
2e1531e433bb2f0742ac388a8a5afe7f3bf02c9c16f54571b5bf18c037815489
314950f916c100bf2b3a89ad1da09b810ae46dced3c3e718258a8f163f97d1dd
3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f
3ea2171f1cfa3fba1737d38126a0f074577b73ff01493fcf8a9d4e362bb2a232
40b5f6acfe971488e28b4570d0b485406d6a56cbdf45e86f0df9b1f040eb6d0d
499bb1db86fe1cead9ddc4009ef5198854a3edcd2261379cb90f5d901c22a2e1
4a745d5fd0e933c1c0b2c39d07b6036853732c9493dc16a08ad8842c323e2643
4bafe0d77da149747e80070b41884cc9037badf5bc9ceaba305b8ae1510cdf73
4e9d684bd576f20f3ce51d9ccb5db291402450f6a511c2ef445d132007b0e798
53ee84391d7cb7c63ca6689396dea928754f52acad56f0d4831eca5c8fa95362
53f195d73d3772db367875c72b49e33c27fba5cf221fa164118ac7c8cbfcf993
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54d39b1239b2af6c8d825ac673ab835de8afc75e2305268efece1f5d827c878c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5b92d1b7f95b2050140a0ba991491ddfc1f1f127058cc5f8221706dbf1c4c67e
5dcc79f608b81a3174f77730ca8673c8b9fd6a6c027af4f1713ea997ef8daebe
600bcfc0b5307f322819bd76705f86cb594d07cff0070cfe4ee6f9db34eec114
60a27d4b6b9dc33e18e75ee58b7dc7608a6f0fd0d75e9ba73c397c660ab7997a
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f
64eab8bbee20ea6806d4adbb9958154d70efba6d1d78a409c2eaa7bc7b90ff35
7008c24259f51de7e985237b385bd523b5152697feda8a7ad220634d70a2d487
70a0083e92cf715231f7734f0ecf0365c77ec3fdfe97921d75b39afd09871711
78672eb7b5e51ed374bd2f8941cf091b5d175ed5353cea941c62436335df041b
7f1feb53cfd1bb361a8813da6f9e06993402fcb51ba389f3c1454039e993246c
7fbe9ffd8252136010e0c318bc3082a2483d60597f20beca2fb3df1b8eafb18c
8087f158dc659acd8ab4fe8d7a4c69eec4772775526321d9f0d8d5e1e5b17638
80c796b921cb34717e5afb72707886e1f1da763396a2fd984673ccf5de996c57
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d644294233adb479cce7d6390b93dc5ae6fe97f8cad88596d5208942aee6b3e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
94435b73560a3202a3db03fefd744c4a6d2f56f1954dcdbbf05289c0a2a5bc90
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98dcd6cc1a73bd618f7524fdb321e3e49fbb78a1841b4873180e4778e7d008d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
ab601e344ebea73f9443dc7f0b85ea380d6204566bb5531056a09ce59da1b5e2
b02b82dcc570701ff857813f154736157d236c9badaf548d94f79796e1112f88
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4820095dbb33dffee5026491f08575d5adcb7e3cab956061f0cffb5052d78c6
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
badca0f1a9d1da39474d0a6ac65569ff362709dbc2ce8e49941b04f7235283fb
bb385b3b9c256fd9fd467a4331084d0b2da890e0e02df2692bd0ef8e642cbe6c
bbd319cf3ac19ccea67839a7b54ae203f875e84e983866567faae038a4649381
be5ce430ce2157a5cde8f5c053a417876842cd7157d17b04bfb734a858aa08f2
c499da2cc36d6ce05bc351c00aaf86205d7514215ca9aba5e225291a6f023baa
c928b7ec0820c7a400100ddc55ace5622e146416647ed9d7dd8d350a28624452
cb680dda19a174fc226c8d0df81c04ed7496e9ad226df863f98b6d87b7a9392e
cc417e6cc362c6087fa449776fec59d36bd0604cbfc88b34612b162e437a89e5
ce86ecd33362849fdea49a8af4c32615756e668e610e96df93f432e55490e13a
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
d524bfae27e5abd09253fc0750d127771c61bf3b8aad0ea5c23db7b0148a23f1
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
da48db43161bd702e223a745d608da96578bb75ecc9c11d82f493e16b7269647
da76311664f06c140fb4e3211faa44d18a6a1d3d3871ba76c6dec9d20bc5ffd8
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
dc7be35aa53e2f6359e67b932200f47868368c9cf2a2a7d27f9cf85559c92a81
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dedb16ebbcfbafb5fee83de8ff3d188d6775516da34b88c9613286e59b93fa0c
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1d1f71a581c6c23341b1a7eaaa27d7cc16788aae6b345b8b0d4fe009f4ea662
e21ff6601f233c390b976c905ce9ff285d5b5ee4b8ccf94d5ac1f62b17c888f2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9b9233ba037b470b284a0dbbae5adf523c5bc0443aeae6082dde35b62853fde
eb57157c5589aeae14d55d43fb91d37cbee53c95c8d19449c986daf03cf93729
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f75626d2a6383bfdad3b92c86ae0623790fbe692e880b315cd06bfaa1d249f9f
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82

provisor.com.ua Open in urlscan Pro 2a06:98c1:3120::c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

96 %HTTPS

90 %IPv6

17 Domains

28 Subdomains

21 IPs

6 Countries

3343 kBTransfer

5450 kBSize

20 Cookies

42 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

provisor.com.ua Open in urlscan Pro
2a06:98c1:3120::c Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

96 %
HTTPS

90 %
IPv6

17
Domains

28
Subdomains

21
IPs

6
Countries

3343 kB
Transfer

5450 kB
Size

20
Cookies

140 HTTP transactions
6 data transactions