bubelo.in.ua Open in urlscan Pro
91.196.0.18 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.bubelo.in.ua/
Effective URL:
http://bubelo.in.ua/
Submission: On November 12 via api (November 12th 2024, 9:05:02 pm UTC) from US — Scanned from US

Summary HTTP 36 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 36 HTTP transactions. The main IP is 91.196.0.18, located in Ukraine and belongs to HBUA-AS, UA. The main domain is bubelo.in.ua.

This is the only time bubelo.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	91.196.0.18 91.196.0.18	41550 (HBUA-AS) (HBUA-AS)
4	2607:f8b0:400... 2607:f8b0:4006:823::2002	15169 (GOOGLE) (GOOGLE)
7	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
12	2607:f8b0:400... 2607:f8b0:4006:806::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:817::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:81e::2004	15169 (GOOGLE) (GOOGLE)
36	8

8 91.196.0.18 (Ukraine) 1 redirects

ASN41550 (HBUA-AS, UA)
PTR: server18.hostbizua.kiev.ua

www.bubelo.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bubelo.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:823::2002 (United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:80b::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2607:f8b0:4006:806::200e (United States)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:817::2002 (United States)

ASN15169 (GOOGLE, US)

ep1.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2001 (United States)

ASN15169 (GOOGLE, US)

ep2.adtrafficquality.google	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:81e::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 684 www.google.com — Cisco Umbrella Rank: 4	73 KB
8	bubelo.in.ua 1 redirects www.bubelo.in.ua bubelo.in.ua	9 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
4	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 127	270 KB
3	adtrafficquality.google ep1.adtrafficquality.google — Cisco Umbrella Rank: 530 ep2.adtrafficquality.google — Cisco Umbrella Rank: 539	20 KB
0	googletagmanager.com Failed www.googletagmanager.com Failed
36	6

	Domain	Requested by
12	fundingchoicesmessages.google.com	pagead2.googlesyndication.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com
7	bubelo.in.ua	bubelo.in.ua
4	pagead2.googlesyndication.com	bubelo.in.ua pagead2.googlesyndication.com
2	ep2.adtrafficquality.google	pagead2.googlesyndication.com ep2.adtrafficquality.google
1	www.google.com	ep2.adtrafficquality.google
1	ep1.adtrafficquality.google	pagead2.googlesyndication.com
1	www.bubelo.in.ua	1 redirects
0	www.googletagmanager.com Failed	bubelo.in.ua
36	9

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
*.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh
adtrafficquality.google WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 10 frames:

Primary Page: http://bubelo.in.ua/
Frame ID: 40EADB85950AAB49346807A15A789D6B
Requests: 27 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html
Frame ID: 7C0B7A5C1896CDF96756BD34EEEF15FB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7765725843538462&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1731445498&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_r&format=0x0&url=http%3A%2F%2Fbubelo.in.ua%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&dt=1731445497691&bpp=7&bdt=4243&idt=382&shv=r20241107&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3783143729169&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C31088672%2C31088723%2C95333412%2C95344190%2C95345966&oid=2&pvsid=3395884966666782&tmod=1559640241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=427
Frame ID: 824C5716C544BA77F8264BA1296FAF50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7765725843538462&output=html&h=600&slotname=3051253853&adk=3016157826&adf=2776073670&pi=t.ma~as.3051253853&w=160&abgtt=3&lmt=1731445498&format=160x600&url=http%3A%2F%2Fbubelo.in.ua%2F&wgl=1&dt=1731445497699&bpp=2&bdt=4251&idt=445&shv=r20241107&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3783143729169&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C31088672%2C31088723%2C95333412%2C95344190%2C95345966&oid=2&pvsid=3395884966666782&tmod=1559640241&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=457
Frame ID: 950FEB8EF8D5DF5ABE332ED5FEA7616E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7765725843538462&output=html&h=50&slotname=1206090655&adk=1120428567&adf=2931727451&pi=t.ma~as.1206090655&w=320&abgtt=3&lmt=1731445498&format=320x50&url=http%3A%2F%2Fbubelo.in.ua%2F&wgl=1&dt=1731445497701&bpp=1&bdt=4254&idt=470&shv=r20241107&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C160x600&nras=1&correlator=3783143729169&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C31088672%2C31088723%2C95333412%2C95344190%2C95345966&oid=2&pvsid=3395884966666782&tmod=1559640241&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=474
Frame ID: 1E3530FE081ED2A9FADB79E6483CA4BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7765725843538462&output=html&h=280&slotname=4527987050&adk=3229821568&adf=3334915108&pi=t.ma~as.4527987050&w=1024&abgtt=3&fwrn=4&fwrnh=100&lmt=1731445498&rafmt=1&format=1024x280&url=http%3A%2F%2Fbubelo.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1731445497702&bpp=2&bdt=4254&idt=481&shv=r20241107&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C160x600%2C320x50&nras=1&correlator=3783143729169&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=16&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C31088672%2C31088723%2C95333412%2C95344190%2C95345966&oid=2&pvsid=3395884966666782&tmod=1559640241&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=484
Frame ID: A1C42082FC4BD808F725C5D30F83235C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html
Frame ID: 0F8217D24AB32EEE7266A1879524880A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html
Frame ID: 62A762A34028A1FC739E862B6866CA02
Requests: 1 HTTP requests in this frame

Frame: https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html
Frame ID: 1126C7623B50B324F28008FFA77BC1B8
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7547106C23646E907CEFD6EDBC4ECF74
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Н.Б. и др. - bubelo.in.ua

Page URL History Show full URLs

http://www.bubelo.in.ua/ HTTP 307
https://www.bubelo.in.ua/ HTTP 301
http://bubelo.in.ua/ HTTP 307
https://bubelo.in.ua/ HTTP 307
http://bubelo.in.ua/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

36
Requests

72 %
HTTPS

86 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

371 kB
Transfer

1071 kB
Size

15
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.bubelo.in.ua/ HTTP 307
https://www.bubelo.in.ua/ HTTP 301
http://bubelo.in.ua/ HTTP 307
https://bubelo.in.ua/ HTTP 307
http://bubelo.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js HTTP 307
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

36 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
bubelo.in.ua/
Redirect Chain

http://www.bubelo.in.ua/
https://www.bubelo.in.ua/
http://bubelo.in.ua/
https://bubelo.in.ua/
http://bubelo.in.ua/

7 KB
3 KB

530ms
510ms

Document
text/html

91.196.0.18
HBUA-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://bubelo.in.ua/

Protocol

HTTP/1.1

Server

91.196.0.18 , Ukraine, ASN41550 (HBUA-AS, UA),

Reverse DNS

server18.hostbizua.kiev.ua

Software

nginx / PHP/5.6.40

Resource Hash

ab1236b4349b1ce590bf77d49ec22e8705ee71c3cbb147e5893c9d88d20cafe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Language: ru
Content-Type: text/html; charset=UTF-8
Date: Tue, 12 Nov 2024 21:04:53 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Powered-By: PHP/5.6.40
X-Server-Powered-By: Engintron
X-XSS-Protection: 1; mode=block

Redirect headers

Location: http://bubelo.in.ua/
Non-Authoritative-Reason: HttpsUpgrades

GET
H/1.1 200
OK style.css
bubelo.in.ua/ 4 KB
2 KB 175ms
163ms Stylesheet
text/css 91.196.0.18
HBUA-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://bubelo.in.ua/style.css

Requested by

Host: bubelo.in.ua
URL: http://bubelo.in.ua/

Protocol

HTTP/1.1

Server

91.196.0.18 , Ukraine, ASN41550 (HBUA-AS, UA),

Reverse DNS

server18.hostbizua.kiev.ua

Software

nginx /

Resource Hash

89f3aa78252c919d3161a71c042f1183c5ec2318f46691dbd39de45fcf6a2a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ETag: W/"f60073-e27-5a75295e0c5f1"
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Thu, 12 Dec 2024 21:04:53 GMT
Date: Tue, 12 Nov 2024 21:04:53 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 05 Jun 2020 09:07:07 GMT
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx
X-Nginx-Upstream-Cache-Status: STALE

GET
H/1.1 200
OK style.css
bubelo.in.ua/item/ 946 B
882 B 3333ms
3279ms Stylesheet
text/css 91.196.0.18
HBUA-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://bubelo.in.ua/item/style.css

Requested by

Host: bubelo.in.ua
URL: http://bubelo.in.ua/

Protocol

HTTP/1.1

Server

91.196.0.18 , Ukraine, ASN41550 (HBUA-AS, UA),

Reverse DNS

server18.hostbizua.kiev.ua

Software

nginx /

Resource Hash

158c28264f0da3ed0a58abb06f0bcb1a74d35216c4cbd3353fe716d688e82868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ETag: W/"f6027c-3b2-539c71b4d35e4"
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Thu, 12 Dec 2024 21:04:56 GMT
Date: Tue, 12 Nov 2024 21:04:56 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2016 07:56:42 GMT
Content-Type: text/css
Vary: Accept-Encoding
Server: nginx
X-Nginx-Upstream-Cache-Status: MISS

GET
H/1.1 200
OK item.js Show response
bubelo.in.ua/item/ 712 B
898 B 3313ms
3259ms Script
application/javascript 91.196.0.18
HBUA-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://bubelo.in.ua/item/item.js

Requested by

Host: bubelo.in.ua
URL: http://bubelo.in.ua/

Protocol

HTTP/1.1

Server

91.196.0.18 , Ukraine, ASN41550 (HBUA-AS, UA),

Reverse DNS

server18.hostbizua.kiev.ua

Software

nginx /

Resource Hash

a4cb7d522b77053f7873a1185b690c5c9e52c4a7aca19bb5d8dcb251be96b41e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=2592000
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ETag: W/"f6027a-2c8-53ca034b089de"
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Thu, 12 Dec 2024 21:04:56 GMT
Date: Tue, 12 Nov 2024 21:04:56 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 16 Sep 2016 13:47:39 GMT
Content-Type: application/javascript
Vary: Accept-Encoding
Server: nginx
X-Nginx-Upstream-Cache-Status: MISS

GET
H3

200

adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/
Redirect Chain

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

159 KB
53 KB

696ms
62ms

Script
text/javascript

2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bubelo.in.ua
URL: http://bubelo.in.ua/

Protocol

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a88d5979930c91a47ec62700ccace7a44c44ab70b304158ac2d0b503217bacb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: br
etag: 7493644126335948691
x-content-type-options: nosniff
expires: Tue, 12 Nov 2024 21:04:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 12 Nov 2024 21:04:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 53767
x-xss-protection: 0
server: cafe

Redirect headers

Cross-Origin-Resource-Policy: Cross-Origin
Location: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Non-Authoritative-Reason: DNS

GET js
www.googletagmanager.com/gtag/ 0
0

GET
H/1.1 200
OK burger.svg
bubelo.in.ua/img/ 404 B
749 B 399ms
337ms Image
image/svg+xml 91.196.0.18
HBUA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://bubelo.in.ua/img/burger.svg

Requested by

Host: bubelo.in.ua
URL: http://bubelo.in.ua/

Protocol

HTTP/1.1

Server

91.196.0.18 , Ukraine, ASN41550 (HBUA-AS, UA),

Reverse DNS

server18.hostbizua.kiev.ua

Software

nginx /

Resource Hash

b24c4c2ccc8d760a82bccf3b8765dcae11588a4b1f43976e04e0688b2cab36ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ETag: W/"f60248-194-539c71ade726d"
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Sat, 11 Jan 2025 21:04:53 GMT
Date: Tue, 12 Nov 2024 21:04:53 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2016 07:56:35 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding
Server: nginx
X-Nginx-Upstream-Cache-Status: STALE

GET
H/1.1 200
OK burgerz.svg
bubelo.in.ua/img/ 413 B
751 B 249ms
248ms Image
image/svg+xml 91.196.0.18
HBUA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://bubelo.in.ua/img/burgerz.svg

Requested by

Host: bubelo.in.ua
URL: http://bubelo.in.ua/

Protocol

HTTP/1.1

Server

91.196.0.18 , Ukraine, ASN41550 (HBUA-AS, UA),

Reverse DNS

server18.hostbizua.kiev.ua

Software

nginx /

Resource Hash

729cab5b8e992955c2049cb82226d5c6bba2bdeefc84718fddd6179e6a644145

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ETag: W/"f60249-19d-539c71ae06e3d"
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Sat, 11 Jan 2025 21:04:56 GMT
Date: Tue, 12 Nov 2024 21:04:56 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2016 07:56:35 GMT
Content-Type: image/svg+xml
Vary: Accept-Encoding
Server: nginx
X-Nginx-Upstream-Cache-Status: STALE

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/ 433 KB
144 KB 69ms
68ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e9e33f14835b6548c16e4da570b0b6fb38edf8ab151550e2bcbc6a924e629e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: br
etag: 3260650629102474649
x-content-type-options: nosniff
expires: Tue, 12 Nov 2024 21:04:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 12 Nov 2024 21:04:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 147302
x-xss-protection: 0
server: cafe

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/ Frame 7C0B 0
0 620ms
48ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 20:44:30 GMT
etag: 4475648825157136472
expires: Tue, 26 Nov 2024 20:44:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 824C 0
0 831ms
283ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7765725843538462&output=html&adk=1812271804&adf=3025194257&abgtt=3&lmt=1731445498&plat=3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_r&format=0x0&url=http%3A%2F%2Fbubelo.in.ua%2F&pra=5&wgl=1&aihb=0&aiof=4&asro=0&ailel=1~2~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aiael=1~2~3~4~6~7~8~9~10~11~12~13~14~15~16~17~18~19~20~21~24~29~30~34&aicel=33~38&aifxl=29_18~30_19&aiixl=29_5~30_6&aiict=1&aiapm=0.3221&aiapmi=0.33938&aiombap=1&aiopts=1&aief=1&dt=1731445497691&bpp=7&bdt=4243&idt=382&shv=r20241107&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&nras=1&correlator=3783143729169&frm=20&pv=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C31088672%2C31088723%2C95333412%2C95344190%2C95345966&oid=2&pvsid=3395884966666782&tmod=1559640241&uas=0&nvt=1&fsapi=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=1&uci=a!1&fsb=1&dtd=427

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 38491
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 21:04:58 GMT
expires: Tue, 12 Nov 2024 21:04:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 950F 0
0 989ms
479ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7765725843538462&output=html&h=600&slotname=3051253853&adk=3016157826&adf=2776073670&pi=t.ma~as.3051253853&w=160&abgtt=3&lmt=1731445498&format=160x600&url=http%3A%2F%2Fbubelo.in.ua%2F&wgl=1&dt=1731445497699&bpp=2&bdt=4251&idt=445&shv=r20241107&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0&nras=1&correlator=3783143729169&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1104&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C31088672%2C31088723%2C95333412%2C95344190%2C95345966&oid=2&pvsid=3395884966666782&tmod=1559640241&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=2&uci=a!2&fsb=1&dtd=457

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24948
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 21:04:59 GMT
expires: Tue, 12 Nov 2024 21:04:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame 1E35 0
0 210ms
171ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7765725843538462&output=html&h=50&slotname=1206090655&adk=1120428567&adf=2931727451&pi=t.ma~as.1206090655&w=320&abgtt=3&lmt=1731445498&format=320x50&url=http%3A%2F%2Fbubelo.in.ua%2F&wgl=1&dt=1731445497701&bpp=1&bdt=4254&idt=470&shv=r20241107&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C160x600&nras=1&correlator=3783143729169&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C31088672%2C31088723%2C95333412%2C95344190%2C95345966&oid=2&pvsid=3395884966666782&tmod=1559640241&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7ClEr%7C&abl=CS&pfx=0&fu=32768&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=3&uci=a!3&fsb=1&dtd=474

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 21:04:58 GMT
expires: Tue, 12 Nov 2024 21:04:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads
googleads.g.doubleclick.net/pagead/ Frame A1C4 0
0 539ms
503ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7765725843538462&output=html&h=280&slotname=4527987050&adk=3229821568&adf=3334915108&pi=t.ma~as.4527987050&w=1024&abgtt=3&fwrn=4&fwrnh=100&lmt=1731445498&rafmt=1&format=1024x280&url=http%3A%2F%2Fbubelo.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1731445497702&bpp=2&bdt=4254&idt=481&shv=r20241107&mjsv=m202411070101&ptt=9&saldr=aa&abxe=1&cookie_enabled=1&eoidce=1&prev_fmts=0x0%2C160x600%2C320x50&nras=1&correlator=3783143729169&frm=20&pv=1&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=16&ady=498&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C95346097%2C31088672%2C31088723%2C95333412%2C95344190%2C95345966&oid=2&pvsid=3395884966666782&tmod=1559640241&uas=0&nvt=1&fc=1920&brdim=60%2C60%2C60%2C60%2C1600%2C0%2C1600%2C1285%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&nt=1&ifi=4&uci=a!4&fsb=1&dtd=484

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45748
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 21:04:59 GMT
expires: Tue, 12 Nov 2024 21:04:59 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/ 177 KB
59 KB 74ms
73ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

255d63ebcdfbd3efc3c4977a5cdcaadd58bdfe0ea88650c4bf4110e9c7250d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: br
etag: 12101935256325979720
x-content-type-options: nosniff
expires: Tue, 12 Nov 2024 21:04:59 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 12 Nov 2024 21:04:59 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
content-disposition: attachment; filename="f.txt"
cache-control: private, max-age=1209600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 60557
x-xss-protection: 0
server: cafe

GET
H2 200 ca-pub-7765725843538462 Show response
fundingchoicesmessages.google.com/i/ 195 KB
64 KB 346ms
89ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/ca-pub-7765725843538462?href=http%3A%2F%2Fbubelo.in.ua&ers=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a9b476cbe934bdd70be21b40da2b3a093bbeb8c2456676e39732c4eaf36e3c7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-N8eYi3ts-KQOEuS-c6squg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:04:59 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw05BikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4free38km8ODBtPmMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYGegbm8QUGAItQQDo"
content-security-policy: script-src 'report-sample' 'nonce-N8eYi3ts-KQOEuS-c6squg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 409ms
107ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw==

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mSamRJVzRB4.es5.O/am=GAw/d=1/rs=AJlcJMzvFknBQuI0-8i1PBD0GCEHIl0lhw/m=kernel_loader,loader_js_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YGBZI3HdqYMx-_2jsQdgJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://bubelo.in.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:04:59 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw15BicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH43Xp-J5vAjf2XW5iVXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYkhEOgZmMUXGAAAUTMpLQ"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-YGBZI3HdqYMx-_2jsQdgJw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://bubelo.in.ua
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 AGSKWxXzcBPdMIlQLQIUmVhqSRzawfwqtS1yfvoGYndgKp_08wsEFG8VpaTSzRGh52g8TDRKCkRUk7bWOy1F6cCkYwQU3vew_uIA0s3qrkUDS-OcY9VXPcqzTYY2JAy3Fipo-1cjUFaKxQ== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 168ms
162ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXzcBPdMIlQLQIUmVhqSRzawfwqtS1yfvoGYndgKp_08wsEFG8VpaTSzRGh52g8TDRKCkRUk7bWOy1F6cCkYwQU3vew_uIA0s3qrkUDS-OcY9VXPcqzTYY2JAy3Fipo-1cjUFaKxQ==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNDQ1NDk5LDUyMzAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cDovL2J1YmVsby5pbi51YS8iLG51bGwsW1s4LCJtU2FtUkpWelJCNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b1112544857fac27c94a6842b5a0c7d7bb6ab93273dc757b15f288afe65b05d5

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ti8ArIOWvFDEx9V4sFazsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:04:59 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmII0pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4free38kmcOLyn2VMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYGegbm8QUGAJ8vQI8"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-ti8ArIOWvFDEx9V4sFazsQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/ Frame 0F82 0
0 3ms
2ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 20:44:30 GMT
etag: 4475648825157136472
expires: Tue, 26 Nov 2024 20:44:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/ Frame 62A7 0
0 0ms
0ms Document
text/html 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20241107/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

age: 1228
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4134
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 20:44:30 GMT
etag: 4475648825157136472
expires: Tue, 26 Nov 2024 20:44:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 AGSKWxXvC4cJ7u3kSBkKhOuqAN1ml86lf1wgXvJeqWhK1v3Mf_0tY86BVqe53sYyXEZXvw_wIwDSg-y2rwQNq_duwT6R_opbvfNJNUnM3TCunPkxfwYfBNcvKvEpc0g2GoFF2AVQ4tOHmw== Show response
fundingchoicesmessages.google.com/f/ 10 KB
5 KB 131ms
130ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXvC4cJ7u3kSBkKhOuqAN1ml86lf1wgXvJeqWhK1v3Mf_0tY86BVqe53sYyXEZXvw_wIwDSg-y2rwQNq_duwT6R_opbvfNJNUnM3TCunPkxfwYfBNcvKvEpc0g2GoFF2AVQ4tOHmw==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNDQ1NDk5LDcyNTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOV0sbnVsbCwyLG51bGwsImVuIl0sImh0dHA6Ly9idWJlbG8uaW4udWEvIixudWxsLFtbOCwibVNhbVJKVnpSQjQiXSxbOSwiZW4tVVMiXSxbMTgsIltbWzBdXV0iXSxbMTksIjIiXSxbMTcsIlswXSJdXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c13b05fcefa6333a2430839536735c8a8184da7fad79be85d55f631bd082bd23

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QoVA3IwhwXQQ5XssZv3DZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:04:59 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1JBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4free38km0PHhwgcmJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQ0MDPQPz-AIDAJNFQHk"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-QoVA3IwhwXQQ5XssZv3DZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 sodar Show response
ep1.adtrafficquality.google/getconfig/ 17 KB
13 KB 184ms
93ms XHR
application/json 2607:f8b0:4006:817::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep1.adtrafficquality.google/getconfig/sodar?sv=200&tid=gda&tv=r20241107&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b768ee09743fac69f3cc13c8a3d709d44f22d541c8c2587c316de1d38c099539

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

timing-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 13095
date: Tue, 12 Nov 2024 21:05:00 GMT
x-xss-protection: 0
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="f.txt"
server: cafe

GET
H/1.1 200
OK icon.ico
bubelo.in.ua/ 3 KB
716 B 147ms
147ms Other
image/x-icon 91.196.0.18
HBUA-AS

General

Check archive.org

Show headers Download Go to

Full URL

http://bubelo.in.ua/icon.ico

Protocol

HTTP/1.1

Server

91.196.0.18 , Ukraine, ASN41550 (HBUA-AS, UA),

Reverse DNS

server18.hostbizua.kiev.ua

Software

nginx /

Resource Hash

8e335c476579535b40f118524d1253b21469e9f1cf404015b99e07eab84b10f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

Transfer-Encoding: chunked
Cache-Control: max-age=5184000
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ETag: W/"f60064-aae-539c717672dd0"
Connection: keep-alive
X-Content-Type-Options: nosniff
Expires: Sat, 11 Jan 2025 21:05:00 GMT
Date: Tue, 12 Nov 2024 21:05:00 GMT
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Aug 2016 07:55:37 GMT
Content-Type: image/x-icon
Vary: Accept-Encoding
Server: nginx
X-Nginx-Upstream-Cache-Status: STALE

GET
H2 200 sodar2.js Show response
ep2.adtrafficquality.google/sodar/ 18 KB
7 KB 207ms
65ms Script
text/javascript 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202411070101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: gzip
etag: "1727224258380615"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
x-content-type-options: nosniff
expires: Tue, 12 Nov 2024 21:05:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: private, max-age=3000
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 6445
x-xss-protection: 0
server: sffe

GET
H3 200 blog_ad Show response
fundingchoicesmessages.google.com/f/AGSKWxX7S0g5ff0jGRhqKDBQrpi3goRX1FDoJ2A8QgRzs6NfR5zZy-ayN4pJFKPg-HczmMMejXvl2W600WEuXBrCrZWDYkkHgZIVtxZgb9fGm5FUzlKG8UTUu_F21pM1FS3dYCX4Rz2aqCePorgQdkBNT90kixtcf... 54 B
108 B 75ms
73ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxX7S0g5ff0jGRhqKDBQrpi3goRX1FDoJ2A8QgRzs6NfR5zZy-ayN4pJFKPg-HczmMMejXvl2W600WEuXBrCrZWDYkkHgZIVtxZgb9fGm5FUzlKG8UTUu_F21pM1FS3dYCX4Rz2aqCePorgQdkBNT90kixtcfyLwEkSxyTNCc4JHNUkty7inTpXuflM-/_/blog_ad?/videoadv-/adsplupu./hads-/static.ads.

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.en_US.mSamRJVzRB4.es5.O/d=1/exm=kernel_loader,loader_js_executable,web_iab_tcf_v2_signal_executable/ed=1/rs=AJlcJMwSsCP_WBQRDXXbOXaWLbPhnXn1aA/m=ad_blocking_detection_executable

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef9ac3cf69cd70c8c07e5d9dc8a05ef3e58bbed5c241c8cee07d8a5a912f7d23

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b_8ziF-mcnmTzGgMiK3cUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmLw1pBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4_rSe38km8OPrgfeMShpJ-YXxyfl5JUWZSaUl-UVpyWmpxalFZalF8UYGRiaGhoYGegbm8QUGAKvhQOc"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-b_8ziF-mcnmTzGgMiK3cUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 show_companion_ad.js Show response
pagead2.googlesyndication.com/pagead/ 40 KB
15 KB 43ms
42ms Script
text/javascript 2607:f8b0:4006:823::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_companion_ad.js?fcd=true

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04689be6e51eaf5c62cfd08d22bdf26c823a42918d34226ebb16934742f36397

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: br
etag: 1072231445585862297
age: 2487
x-content-type-options: nosniff
expires: Tue, 12 Nov 2024 21:23:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
date: Tue, 12 Nov 2024 20:23:33 GMT
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=3600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 15116
x-xss-protection: 0
server: cafe

POST
H3 204 AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 67ms
65ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7zkydxdQud8A0SFzN64gSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://bubelo.in.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH403p-J5vAjLX73zIquSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDINAzMIsvMAAAS5YpIw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-7zkydxdQud8A0SFzN64gSw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://bubelo.in.ua
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 59ms
58ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-J7ZltJPBjHNZH3lNjZ2PSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://bubelo.in.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH403p-J5vAhQf72piUXJLyC-OT8_NKUvNKdBNTinVB7KLMpNKS_CIUdmoZSEVOfnp6Zl56vJGBkYkhEOgZmMUXGAAATcIpJw"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-J7ZltJPBjHNZH3lNjZ2PSQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://bubelo.in.ua
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 66ms
64ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-XYWtOcbuUGsa67tG0UyHSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://bubelo.in.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw0ZBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH403p-J5vAiQtrpzMpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDINAzMIsvMAAASqkpGA"
content-security-policy: script-src 'report-sample' 'nonce-XYWtOcbuUGsa67tG0UyHSA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://bubelo.in.ua
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 69ms
67ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rWuEjD9Y8O8tnetirg8SgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://bubelo.in.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmLw1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH403p-J5vAhG8vZzApuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDINAzMIsvMAAAVjEpQg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-rWuEjD9Y8O8tnetirg8SgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://bubelo.in.ua
content-length: 0
x-xss-protection: 0
server: ESF

GET
H3 200 AGSKWxUFHAIo3dHx4Hs1Y2yQ2GqtZYWU4phoqAifnVJJzuG6ee1WcqwwvIk_7K_SNM3-j3l7wksQbbK2iE8YqQLzsOMWWvUhbWW3tP01EUJwbiNUhmS6CmA3pe3MLMqe2wMyGbZeFFiF1g== Show response
fundingchoicesmessages.google.com/f/ 3 KB
2 KB 90ms
89ms Script
application/javascript 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUFHAIo3dHx4Hs1Y2yQ2GqtZYWU4phoqAifnVJJzuG6ee1WcqwwvIk_7K_SNM3-j3l7wksQbbK2iE8YqQLzsOMWWvUhbWW3tP01EUJwbiNUhmS6CmA3pe3MLMqe2wMyGbZeFFiF1g==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNzMxNDQ1NTAwLDU1MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzcsOSw2XSxudWxsLDIsbnVsbCwiZW4iLG51bGwsbnVsbCxudWxsLG51bGwsbnVsbCwxXSwiaHR0cDovL2J1YmVsby5pbi51YS8iLG51bGwsW1s4LCJtU2FtUkpWelJCNCJdLFs5LCJlbi1VUyJdLFsxOCwiW1tbMF1dXSJdLFsxOSwiMiJdLFsxNywiWzBdIl1dXQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d4ca6108127d5ad8a18998cc3ff96c0495549db0c66e526bd25b744decb967c0

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eDoZh_zAGRkSa7BzJkmqNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: http://bubelo.in.ua/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: application/javascript; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorServingWebSwitchboardHttp/web-reports?context=eJzjytDikmJw1ZBikPj6kkkNiJ3SZ7AGAHHrzXOsk4E46d951gIgdte6yOoPxIYKl1jtgdix6BKrJxCr9lxiNQbi--susT4H4iKJK6wNQHy76QrrYyBm-HqFlQOIhXg4_rSe38km0PFr5gImJY2k_ML45Py8kqLMpNKS_KK05LTU4tSistSieCMDIxNDQ0MDPQPz-AIDAIBLQAE"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-eDoZh_zAGRkSa7BzJkmqNg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
timing-allow-origin: *
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxUfw79j_RguWTLPWBtLeeV-c2qgOYgCjUelV16zj4-7lx_7Y9vRJ1GuJIYFKAC_4as0KHMiajLIMzaoabaL_FtwoLfsFWqRGMwYTREXclFFIOpfVBB1PqHZ3I4IPejtgjVBX9d0gw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 52ms
52ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUfw79j_RguWTLPWBtLeeV-c2qgOYgCjUelV16zj4-7lx_7Y9vRJ1GuJIYFKAC_4as0KHMiajLIMzaoabaL_FtwoLfsFWqRGMwYTREXclFFIOpfVBB1PqHZ3I4IPejtgjVBX9d0gw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Tij88HyxLDQekHbOirlpIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://bubelo.in.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmJw0gDi9BmsQUDsrnWR1R-IGb5eYeUAYiEejj-t53eyCcyYfewAk5JLUn5hfHJ-XklqXoluYkqxLohdlJlUWpJfhMJOLQOpyMlPT8_MS483MjAyMQQCPQOz-AIDADuQKOs"
content-security-policy: script-src 'report-sample' 'nonce-Tij88HyxLDQekHbOirlpIQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://bubelo.in.ua
content-length: 0
x-xss-protection: 0
server: ESF

POST
H3 204 AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw== Show response
fundingchoicesmessages.google.com/el/ 0
28 B 54ms
54ms XHR
text/html 2607:f8b0:4006:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxWNRAWb_6WR0i7XMO23KNBFWo9MqxORHrK8gaURG2CR3zpUxMq8oYXUHPnVZtwSLhiwi-DTe-SBTnoEiAvtk0kE-R11aUHoYap1GazqqU-eJ7cJPfbl0l8LiCciUEmJZBdAZbfjiw==

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:806::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C5f8KNaHZE5dImKhaTcM1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: http://bubelo.in.ua/

Response headers

access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 12 Nov 2024 21:05:00 GMT
content-type: text/html; charset=utf-8
x-frame-options: SAMEORIGIN
reporting-endpoints: default="/_/ContributorLoggingHttp/web-reports?context=eJzjUtDikmII1pBicEqfwRoExO5aF1n9gZjh6xVWDiAW4uH403p-J5vAjIsbDzIpuSTlF8Yn5-eVpOaV6CamFOuC2EWZSaUl-UUo7NQykIqc_PT0zLz0eCMDIxNDINAzMIsvMAAATOcpHg"
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-C5f8KNaHZE5dImKhaTcM1w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport/allowlist
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-opener-policy: same-origin
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
access-control-allow-origin: http://bubelo.in.ua
content-length: 0
x-xss-protection: 0
server: ESF

GET
H2 200 runner.html
ep2.adtrafficquality.google/sodar/sodar2/232/ Frame 1126 0
0 130ms
40ms Document
text/html 2607:f8b0:4006:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ep2.adtrafficquality.google/sodar/sodar2/232/runner.html

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2001 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 357
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3000
content-encoding: gzip
content-length: 5005
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 20:59:03 GMT
expires: Tue, 12 Nov 2024 21:49:03 GMT
last-modified: Mon, 23 Sep 2024 18:12:21 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe
www.google.com/recaptcha/api2/ Frame 7547 0
0 173ms
60ms Document
text/html 2607:f8b0:4006:81e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: ep2.adtrafficquality.google
URL: https://ep2.adtrafficquality.google/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zCojtn8q02QPwSs2vEBISg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://bubelo.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-zCojtn8q02QPwSs2vEBISg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Tue, 12 Nov 2024 21:05:00 GMT
expires: Tue, 12 Nov 2024 21:05:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET sodar
ep1.adtrafficquality.google/pagead/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5K7SQZ8B42

Domain: ep1.adtrafficquality.google
URL: https://ep1.adtrafficquality.google/pagead/sodar?id=sodar2&v=232&t=2&li=gda_r20241107&jk=3395884966666782&bg=!4-Cl4K_NAAYQZ9WPMGc7ADQBe5WfOLRMC3oxWczn4J2DQR4IfwZWDRDlWLjyv3mRQXdRfvW4frzQ_Nsc2pjA8JQtZMPdAgAAAFlSAAAABGgBB34ANmEG2OsTpy-3Nvdb5vg5RToPSTldz0EMCMk5wHRmBv17NaqEDxIUmdgolGQGMpcYCUbl7HswHJkCkFjEvdOHnQAdAk9RFVTKc0Km5GJIrqFj_5q9urwvQXv0AS1GGRCoIjGYDLKeNZdsjLqMZUZbO9AiyY8ymnS1PBt6ejRF4z-GyEOJbqbmDznaa44jKGMVtUbSYdbW_dIJ0tiSLfCdfa-wkeWpqMW5ou_X0p9ouuO3ZvYZ1_cyxbow9dlhUCcPH-c45TkORp3uR7bkvzrcthWQSdI8Kz6Xcanbus4eWyps3TeS2wr73Pi86n3W77AI9y6RkT9IJvZnRAtBBd61WtGNaWjh1bi7nfhrW2rAUDBZ0CGXcfOVzaIQYSWjIz2iKRWUuEMLB5R_suHCtoxwG3d2CxmSp3OP0VOjE7aVMWtWGphOIVdhCShNUbmx9ZslNZLx6akRUw99D87dxrmcf3Y8CyktU1NQMjdPEKLrEz-8cctGWWFfyitAhjtBq1dMcrFpGwEPSI9EJZ_Ibk8I7qxSLTa5IZN2k7aNn2FjZnp2tZmYdZo_NqdyoS0kkzShntQM8XAMMlafW6pG40t4KeA81w-0hopw-LjYbdL9rZ6finAWmtj__lWDeIkApzLgk9n06vnCbqwCUCsZcW6bSvLdHs6WC26LVJ-OOmMLmxlcCL25j92u3omZomz0fGPb42I89WaGWmK81rdBQE8otMtZSdONPxyDmQrr4oKn7qqOrrafGwpSGKVEPIaPz6g3nhsmtT8gG0SjWKLCiqby3G0LmI-lJa-U1BryCPet8yzUGcjd78UWHl2WSFEEp-Cbt8hqTNAkdn_1-AZoVpNMUuAv0XvXz3E7V0DE6-To-jhKJVtD2jrnauEWOMMZU-H_RKYNUOYENDdH3nMzrTM3dIp8FPC-vYWeNUGb-MAq90iG243_ExtEVQGF

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bubelo.in.ua/	1970-01-21 10:19:01	Name: __gads Value: ID=c9f46e5197c84fac:T=1731445498:RT=1731445498:S=ALNI_MYYCXr3cCq0_zVi2FhPICmOr598xQ
.bubelo.in.ua/	1970-01-21 10:19:01	Name: __gpi Value: UID=00000db35974244a:T=1731445498:RT=1731445498:S=ALNI_MZmiht1JHzOZi-3DVlUm_5KZaj0jg
.bubelo.in.ua/	1970-01-21 05:16:37	Name: __eoi Value: ID=b1ebf835836ffdd0:T=1731445498:RT=1731445498:S=AA-AfjbXvU_o9GBs_2DF9QELmlGT
.doubleclick.net/	1970-01-21 10:33:25	Name: IDE Value: AHWqTUkQh_Dzx73tGG3CQhjMgwPQ-4BRMwOqaWDs6MvsyDqBEGBRRgjRIWNEMd3VLMs
.admaster.cc/	1970-01-21 09:43:01	Name: __mguid_ Value: 9e90f00b3389d4372hj5cn00m3exy1yr
gtracenep.admaster.cc/	1970-01-21 09:43:01	Name: cst_44 Value: ts=1731445499
gtracenep.admaster.cc/	1970-01-21 09:43:01	Name: cst_70 Value: ts=1731445499
gtracenep.admaster.cc/	1970-01-21 09:43:01	Name: cst_78 Value: ts=1731445499
.criteo.com/	1970-01-21 10:19:01	Name: receive-cookie-deprecation Value: 1
.googleadservices.com/	1970-01-21 03:07:01	Name: ar_debug Value: 1
.adnxs.com/	1970-01-21 10:33:25	Name: receive-cookie-deprecation Value: 1
.casalemedia.com/	1970-01-21 03:07:01	Name: CMPS Value: 025
.casalemedia.com/	1970-01-21 09:43:01	Name: CMID Value: ZzPC-NHM54UAAAOUAXx5HQAA
.casalemedia.com/	1970-01-21 03:07:01	Name: CMPRO Value: 1442
.bubelo.in.ua/	1970-01-21 09:43:01	Name: FCNEC Value: %5B%5B%22AKsRol8H2E0n2klKw3FKbYKHr9cbFPUiGyWMyY0Jd6hlZ3Bfo98treSCYKiBauN3xfy41QWl1132CYv76hcIUzHeXjlknRYcksodKVub5NVWfv7SiiBlEkHunE78LprG88T3jwGRx8CIc5K04D_aRD3hMH81J69gNA%3D%3D%22%5D%5D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bubelo.in.ua
ep1.adtrafficquality.google
ep2.adtrafficquality.google
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
www.bubelo.in.ua
www.google.com
www.googletagmanager.com
ep1.adtrafficquality.google
www.googletagmanager.com
2607:f8b0:4006:806::200e
2607:f8b0:4006:80b::2001
2607:f8b0:4006:80b::2002
2607:f8b0:4006:817::2002
2607:f8b0:4006:81e::2004
2607:f8b0:4006:823::2002
91.196.0.18
04689be6e51eaf5c62cfd08d22bdf26c823a42918d34226ebb16934742f36397
0a88d5979930c91a47ec62700ccace7a44c44ab70b304158ac2d0b503217bacb
158c28264f0da3ed0a58abb06f0bcb1a74d35216c4cbd3353fe716d688e82868
1e9e33f14835b6548c16e4da570b0b6fb38edf8ab151550e2bcbc6a924e629e6
255d63ebcdfbd3efc3c4977a5cdcaadd58bdfe0ea88650c4bf4110e9c7250d14
729cab5b8e992955c2049cb82226d5c6bba2bdeefc84718fddd6179e6a644145
89f3aa78252c919d3161a71c042f1183c5ec2318f46691dbd39de45fcf6a2a65
8e335c476579535b40f118524d1253b21469e9f1cf404015b99e07eab84b10f1
a4cb7d522b77053f7873a1185b690c5c9e52c4a7aca19bb5d8dcb251be96b41e
a9b476cbe934bdd70be21b40da2b3a093bbeb8c2456676e39732c4eaf36e3c7d
ab1236b4349b1ce590bf77d49ec22e8705ee71c3cbb147e5893c9d88d20cafe1
b1112544857fac27c94a6842b5a0c7d7bb6ab93273dc757b15f288afe65b05d5
b24c4c2ccc8d760a82bccf3b8765dcae11588a4b1f43976e04e0688b2cab36ff
b768ee09743fac69f3cc13c8a3d709d44f22d541c8c2587c316de1d38c099539
c13b05fcefa6333a2430839536735c8a8184da7fad79be85d55f631bd082bd23
d4ca6108127d5ad8a18998cc3ff96c0495549db0c66e526bd25b744decb967c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef9ac3cf69cd70c8c07e5d9dc8a05ef3e58bbed5c241c8cee07d8a5a912f7d23
ff3de130872fe0fb5b770dfa2bc9f0daf8ab320403a34a60d089436f08d24f99

bubelo.in.ua Open in urlscan Pro 91.196.0.18 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

36 Requests

72 %HTTPS

86 %IPv6

6 Domains

9 Subdomains

8 IPs

2 Countries

371 kBTransfer

1071 kBSize

15 Cookies

0 Outgoing links

Page URL History

Redirected requests

36 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bubelo.in.ua Open in urlscan Pro
91.196.0.18 Public Scan

Screenshot
Live screenshot

Full Image

36
Requests

72 %
HTTPS

86 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

371 kB
Transfer

1071 kB
Size

15
Cookies

36 HTTP transactions
0 data transactions