ukr-mova.in.ua Open in urlscan Pro
2a00:7a60:0:1054::1 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ukr-mova.in.ua/
Effective URL:
https://ukr-mova.in.ua/
Submission: On August 11 via api (August 11th 2022, 2:45:33 am UTC) from GB — Scanned from GB

Summary HTTP 157 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 19 domains to perform 157 HTTP transactions. The main IP is 2a00:7a60:0:1054::1, located in Ukraine and belongs to UKRAINE-AS, UA. The main domain is ukr-mova.in.ua.
TLS certificate: Issued by R3 on July 12th 2022. Valid for: 3 months.

This is the only time ukr-mova.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	2a00:7a60:0:1... 2a00:7a60:0:1054::1	200000 (UKRAINE-AS) (UKRAINE-AS)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f00... 2a03:2880:f007:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
22	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f10... 2a03:2880:f107:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:223... 2600:9000:223c:5e00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
18	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	34.195.38.194 34.195.38.194	14618 (AMAZON-AES) (AMAZON-AES)
157	27

18 2a00:7a60:0:1054::1 (Ukraine) 1 redirects

ASN200000 (UKRAINE-AS, UA)

ukr-mova.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f007:8:face:b00c:0:1 (Vienna, Austria)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

sandbox-api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f107:83:face:b00c:0:25de (Vienna, Austria)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223c:5e00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.195.38.194 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-38-194.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ipds.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	criteo.net static.criteo.net — Cisco Umbrella Rank: 627 pix.eu.criteo.net — Cisco Umbrella Rank: 7159 csm.eu.criteo.net — Cisco Umbrella Rank: 7456	73 KB
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 124 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	524 KB
22	piano.io sandbox-api-esp.piano.io — Cisco Umbrella Rank: 692195	54 KB
18	ukr-mova.in.ua 1 redirects ukr-mova.in.ua	665 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 55	114 KB
7	google.com 2 redirects apis.google.com — Cisco Umbrella Rank: 161 adservice.google.com — Cisco Umbrella Rank: 98 www.google.com — Cisco Umbrella Rank: 10	73 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13161 ads.eu.criteo.com — Cisco Umbrella Rank: 7034 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11084 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9488	117 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	173 KB
3	gstatic.com www.gstatic.com	14 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67	3 KB
2	adrta.com 1 redirects adrta.com — Cisco Umbrella Rank: 1633 ipds.adrta.com — Cisco Umbrella Rank: 4304	889 B
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1464	1 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8117	914 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2742	363 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	88 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	29 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	647 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	71 KB
157	19

	Domain	Requested by
22	sandbox-api-esp.piano.io	ukr-mova.in.ua sandbox-api-esp.piano.io
21	tpc.googlesyndication.com	googleads.g.doubleclick.net ukr-mova.in.ua tpc.googlesyndication.com pagead2.googlesyndication.com
18	pix.eu.criteo.net	ads.eu.criteo.com
18	ukr-mova.in.ua	1 redirects ukr-mova.in.ua
14	static.criteo.net	ads.eu.criteo.com
14	pagead2.googlesyndication.com	ukr-mova.in.ua pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com ukr-mova.in.ua googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	sandbox-api-esp.piano.io googleads.g.doubleclick.net
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
2	apis.google.com	ukr-mova.in.ua apis.google.com
2	connect.facebook.net	ukr-mova.in.ua connect.facebook.net
1	ipds.adrta.com	ads.eu.criteo.com
1	adrta.com	1 redirects
1	rtb.nl.eu.criteo.com	ukr-mova.in.ua
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	code.jquery.com	sandbox-api-esp.piano.io
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	connect.facebook.net
1	www.googletagmanager.com	ukr-mova.in.ua
157	28

This site contains links to these domains. Also see Links.

Domain
itunes.apple.com
play.google.com
www.facebook.com
www.instagram.com
twitter.com

Subject Issuer	Validity	Valid
www.ukr-mova.in.ua R3	`2022-07-12` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-20` - `2022-08-18`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
piano.io Cloudflare Inc ECC CA-3	`2022-04-27` - `2023-04-26`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-07-22` - `2022-10-19`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-12` - `2022-09-12`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://ukr-mova.in.ua/
Frame ID: A60387E5B99716FB935346817ED5E2E9
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html
Frame ID: 89CE5E0568220100DFF7CB30DCFA3869
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&adk=1812271804&adf=3025194257&lmt=1660185928&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fukr-mova.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927703&bpp=2&bdt=595&idt=310&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5908460104185&frm=20&pv=2&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=323
Frame ID: 149569CC1E83ACB1175CAD079655979B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927705&bpp=2&bdt=596&idt=325&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gyuuJgRmMo&p=https%3A//ukr-mova.in.ua&dtd=330
Frame ID: 536E91FF5EFA52BA7A01F22593DFB592
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927707&bpp=1&bdt=599&idt=331&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Par4vG9Pj6&p=https%3A//ukr-mova.in.ua&dtd=334
Frame ID: 52185D904F586090984CCB7262760A25
Requests: 1 HTTP requests in this frame

Frame: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
Frame ID: 65880DDEA3B888A1A1F27B2915BE2D86
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/index.html
Frame ID: 60942C360D4C5AB3AA0983AC28D6E4D2
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CAkyESG30Ypr4Coui7_UP8qK_0A7Q6LbQaLr-hJOHD64CEAEg7YqoJ2CVAqAB7vOijAPIAQmpAg5FjA0nSLE-qAMByANIqgTlAU_Q50Igc2Rhu0_2a3KshD9ToLec42uZWxJEjBDuNKoIxWB_540E4gsP3fbgBtRS3rVtKqIpPUIFxPiM3lrDusaN05EPZgltGUF3d9DtW2EvbzNL8zoXzSAnmwUbJIzJ3CRzC4PY2ClBZBomtsnXhg1RAsT0853ZLyioDL9uKoCchqlqAfqVsA5LOK4cjZjmhkqMPp6-Tadc02vSwmFVZSg-FQJzWy7JlLohiJ2Ir1hea63F0274FIPbhPujFrfKiY73mXVGcJKj7LXuWwGJqG62QQ9seZ8wB-xnGjr0XUIs9gjcUwfABP7JkIfGAZIFBAgEGAGSBQQIBRgEoAYugAf6i91zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1c8C0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNjUwMzQ4ODk1NDk5MTQ5MBgA&sigh=oVz0gGDknOc&uach_m=[UACH]&template_id=419
Frame ID: 34B61D0694D6F755AABE61FF8249F03E
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC2GEIu8VKAA0w9VgI-IWJP1Ravj4Q6w&u=%7CwqIxbPs5WaLCckdF9d3IMRtcgfShb1%2BTXeKeQexjKT8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGyKI8YUoHRYndYRUGBTZZjZET-wX_6TnO_E2ANgzO-KZrYazzqdk9qxSAgcYTbXth6_OPSIbHia13BJbpSJSEIfz6EMEIK79R0XbADVvSvE1WuSMUGz5OMpknyh-3mGasz-wa9qKH8ZgI_SvPhDdRg4qnFwL2SkIvi1Wf4MmAard1aa-wvCHgkj9wdXB2ISzaIQqxkJqU9Zlv8sEt6yuGxFqx7H1lQsTJhp3U_Kq9_0lPNY0x7UVr1TFdbkfCTY8gM3RBCGZVh7b4ijfV1lMU4yB25CTIlli3n1DAR74jLF9FEAiG2L3D0NOpoFA9xB9e5jvA4wNCqc6WhouRw5OtdNgZM1Cg5k0_ECFiLK7PEoGZly-C-AUDMgQM7ZigwYorsktcl78-kAQOcCecMa6d91A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9-bnSG30YuGwC8qK7_UP9eG0sAfJntKxXI3w4taTAcCNtwEQASAAYJUCggEXY2EtcHViLTY1MDM0ODg5NTQ5OTE0OTCgAdW20uoDyAEJqQIORYwNJ0ixPqgDAaoEwgFP0Ev0-bgnvitD6MRXoyOfHQ8_O5qf85QYU0jFtMld5zCr83Q0jf_i0L7K3kjz2LctQPoaxkcDeylquhskFY1Ask81L66IbAoS7990X5RTCoGZq7zQQeDJfLucJi-neFWubhFuNojKZ8Ko2RQ6YyUQYU5YBbHupsfurSmLgokG_LxXFzTuAhyhGpBBG_B1jntLgetOMZE4BYKAFPHnc0mTkEejvq29BzUW3O3RDs13PbfMrH84jVyjguNfyWLQ9fdu_4AGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pxQ-RclnfUbCjh_CiQUrGTf-XJw%26client%3Dca-pub-6503488954991490%26adurl%3D
Frame ID: 597AD5B524248B3655F3A75B95CCC5B8
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Frame ID: 070C2D345454AF64FFB8C57D3B011A86
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Frame ID: 04A7297BD5EF917E96982EDB136BEAD8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: ED906670D2AEF74A7F7ED87654946EEC
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC43kIu_-uAAFqrW0qeqh9n23uO4S2sA&u=%7CwqIxbPs5WaJKnq5%2BTgpMd8eRScH09ZcwgiUICHRw86M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGynjMt37eyyUNDguC3QXKNEALy3uVHQ6_V2jPVlpxNGUwv0npLgTONQTj2TucHpjZ1F7snEJ6hcBGj9oc1e3CBTNDoX3lS4gPMS4ScqTxl9sOjLzEHL-6CUHHlaxajHmSXJc3_4gqV5GBTAHZqnt-shPi_KsUeZUPFpfTuOqrbhwkLoe1XW8xKNUeqiIqN4em0OK6x-WUjr11J7YZYR6wokUeXOrganGWATW-jdAM06AMWxfpCca6r29ZAxw09FLEFred78O24KSTYJQoxj9IwaxrTpvkRitPKoqTp5t3DFPVmuq4k5oxMKMqvLavbeUy17a7blz3oHn1sHGGZENaYNl5_lT7-lGy_-fzkm2P6bJsBC6NWIc-y8n3HIf2qCVJ3jmod5Mzu031GdC2zttS_JA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg3aaSG30YvnGC67_7_UPrdWFyAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjUwMzQ4ODk1NDk5MTQ5MKAB1bbS6gPIAQmpAof4zBPWSLE-qAMBqgTCAU_QeT1FotEVVqbH8mYxmCnVW9zXl5x9B-MBO0iVwBKVYsMmyQqnsZMUPQydK-DkubH62GyjKw0el246Kq7hNboPyKpgnItaE5hmcN9E6njHt24RTpd28UiXYfBRhaFU5hso-ZDGgJ0gvKECJKefTuRpPfHl55tujbjdXO-HjDx3dvQNjNNowu7ORyFGQgSC3cIg7e1oEaZnhPB7YmnI1-6yWLVZO9mSFJI9whjE55aDvDXBHiJVVz94A5h4epjLsk_DgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3NTl_9UaL6GWzcmqdfBSIvznnHkw%26client%3Dca-pub-6503488954991490%26adurl%3D
Frame ID: 9C38EF168AB949AD6DCDB2EE451D72CB
Requests: 22 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 554DA2236D8115616E58B5081762A992
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DD52E47396BD52A0FD54F0367180A4DE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js
Frame ID: F0E40FF1C88A8915F533C36BD8852A51
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08B96A8D0758C1B910604BA80CF96218
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9BD90302612165CF97B6F94E5E231091
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Лепетун допоможе вам вивчити українську мову швидко і весело | Мова – ДНК нації

Page URL History Show full URLs

http://ukr-mova.in.ua/ HTTP 301
https://ukr-mova.in.ua/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

157
Requests

99 %
HTTPS

81 %
IPv6

19
Domains

28
Subdomains

27
IPs

6
Countries

2002 kB
Transfer

4630 kB
Size

9
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://itunes.apple.com/app/id1061415385

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=ukr.mova

Search URL Search Domain Scan URL

URL: https://www.facebook.com/mova.ukr

Search URL Search Domain Scan URL

URL: https://www.instagram.com/mova.ukr/

Search URL Search Domain Scan URL

URL: https://twitter.com/Mova_ukr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ukr-mova.in.ua/ HTTP 301
https://ukr-mova.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 90

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 121

https://adrta.com/i?cb=62f46d486ba31ba41bd121fdf661e103&clid=co&paid=co&avid=1906&caid=330128&plid=11195731&publisherId=141479&kv1=1005X124&kv2=https://googleads.g.doubleclick.net/&kv3=25074c64-8015-404d-9c6c-3b60c67bca62&kv4=2a01:4a0:2c::&kv7=317&kv11=62f46d486ba31ba41bd121fdf661e103&kv12=1129804&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web HTTP 302
https://ipds.adrta.com/i?__x=NGCIPNEIIFCHQBEBJGGGIJNKKLFGILQPNOQAGKKHHMLQHOIMJBHIPKLJIKLLKKOKLEKLMBILLEFPLNIQJNG@JGNOPMHHEMJJKQIGLFOBFMNFGMJQINKPHAE@HBE&cb=62f46d486ba31ba41bd121fdf661e103&clid=co&paid=co&avid=1906&caid=330128&plid=11195731&publisherId=141479&kv1=1005X124&kv2=https://googleads.g.doubleclick.net/&kv3=25074c64-8015-404d-9c6c-3b60c67bca62&kv4=2a01:4a0:2c::&kv7=317&kv11=62f46d486ba31ba41bd121fdf661e103&kv12=1129804&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web

Request Chain 139

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

157 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ukr-mova.in.ua/
Redirect Chain

http://ukr-mova.in.ua/
https://ukr-mova.in.ua/

17 KB
6 KB

366ms
193ms

Document
text/html

2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 33b4f03d738897ec3fe24789b72c8b745fb531bb32c520ec215f7ed99823ed45

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: br
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:45:27 GMT
pragma: no-cache
server: nginx
x-page-speed: on
x-ray: p1053:0.104/wn658:0.100/wa658:D=98566

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Thu, 11 Aug 2022 02:45:26 GMT
Location: https://ukr-mova.in.ua/
Server: nginx
x-ray: p1053:0.000/wn658:0.000/

GET
H2 200 jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js Show response
ukr-mova.in.ua/assets/templates/js/ 91 KB
32 KB 170ms
169ms Script
application/javascript 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: on
x-ray: p1053:0.000/p1053:0.000/wn16980:0.000/wn658:0.000/
content-encoding: gzip
x-original-content-length: 93107
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
date: Thu, 11 Aug 2022 02:45:27 GMT
last-modified: Sun, 24 Jul 2022 05:39:44 GMT
accept-ranges: bytes
content-length: 32695
expires: Mon, 24 Jul 2023 05:39:44 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
71 KB 202ms
69ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RGJRK45Q0D

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16d93c65e24944f1e99a7941b083c17d16040dd30aa4ff43b1275cd5285b7d33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:27 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72323
x-xss-protection: 0
expires: Thu, 11 Aug 2022 02:45:27 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 168 KB
57 KB 220ms
90ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72881fc18d040cbefcdf21a2784deb99c9ca201a0e7bd9ce0f243814356aedb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57364
x-xss-protection: 0
server: cafe
etag: 9207402896294993482
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 02:45:27 GMT

GET
H2 200 A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
ukr-mova.in.ua/assets/components/minifyx/cache/ 216 KB
30 KB 168ms
167ms Stylesheet
text/css 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 5ff4df129472ce117df4b51bb3cd58f6ea514d85a63ff77a5df4c5d20ce5cd2b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: on
x-ray: p1053:0.000/p1053:0.000/wn658:0.000/
content-encoding: gzip
x-original-content-length: 221389
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Thu, 11 Aug 2022 02:45:27 GMT
last-modified: Wed, 10 Aug 2022 09:01:31 GMT
accept-ranges: bytes
content-length: 30292
expires: Thu, 10 Aug 2023 09:01:31 GMT

GET
H2 200 A.mova.css.pagespeed.cf.hW0QbgvBSY.css
ukr-mova.in.ua/assets/components/ajaxform/css/ 504 B
545 B 85ms
84ms Stylesheet
text/css 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0c3b4742a2f051d5b4563017922c6a5a812a94176b935ec0ef0e7692310b6561

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: on
x-ray: p1053:0.000/p1053:0.010/wn16980:0.000/wn658:0.000/
content-encoding: gzip
x-original-content-length: 565
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
date: Thu, 11 Aug 2022 02:45:27 GMT
last-modified: Wed, 10 Aug 2022 19:21:39 GMT
accept-ranges: bytes
content-length: 243
expires: Thu, 10 Aug 2023 19:21:39 GMT

GET
H2 200 Mova_533.png
ukr-mova.in.ua/assets/uploads/images/ 170 KB
170 KB 86ms
85ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/uploads/images/Mova_533.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 65f64c32be0b31cf5b3e60f6fe16fe0545e49375c5486490d10da3be8c823184

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.000/wn658:0.000/
last-modified: Tue, 15 Mar 2022 13:05:57 GMT
server: nginx
etag: "62308f35-2a640"
content-type: image/png
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 173632
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 Mova_226.png
ukr-mova.in.ua/assets/uploads/images/ 199 KB
199 KB 158ms
157ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/uploads/images/Mova_226.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c316d6d358f31acc381a8e2e9f393030a3c36e5a8c8f8ccf1eb785179d387d02

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.000/wn658:0.000/
last-modified: Thu, 11 Jun 2015 19:51:49 GMT
server: nginx
etag: "5579e6d5-31b50"
content-type: image/png
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 203600
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 Vprava_19.png
ukr-mova.in.ua/assets/uploads/images/exercise/ 143 KB
143 KB 158ms
158ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/uploads/images/exercise/Vprava_19.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1a642d998a7bb9a6451c45ec09b036fd3e9a9503a50543aff9d662abe3ef98ca

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.000/wn658:0.000/
last-modified: Wed, 19 Jan 2022 14:17:45 GMT
server: nginx
etag: "61e81d89-23c20"
content-type: image/png
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 146464
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 minifyx,_cache,_scripts_85e1a56646.min.js+ajaxform,_js,_default.js.pagespeed.jc.sl3QhsaXLy.js Show response
ukr-mova.in.ua/assets/components/ 83 KB
23 KB 85ms
85ms Script
application/javascript 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/minifyx,_cache,_scripts_85e1a56646.min.js+ajaxform,_js,_default.js.pagespeed.jc.sl3QhsaXLy.js
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: faf82bdf4232c3b4b2e84f909652553508b656cd578b2160415e6bd8afbe7bbb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-page-speed: on
date: Thu, 11 Aug 2022 02:45:27 GMT
content-encoding: gzip
x-original-content-length: 86428
server: nginx
etag: W/"0"
vary: Accept-Encoding
content-type: application/javascript
x-ray: p1053:0.000/
cache-control: max-age=31536000
last-modified: Wed, 03 Aug 2022 02:43:02 GMT
accept-ranges: bytes
content-length: 23634
expires: Thu, 03 Aug 2023 02:43:02 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 220ms
69ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2fb61125a902c8a1609a609a8f13e2fdd9c4d68c340466130d9f47eabc663555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: glaeUG6jvJK5LAKupjAkJA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 0ju+gonwgnuiftYOFjHulDJy4GcKSNPfyHGffIDCq5uOZxtVhIkzd2fx86bT+HaJ3YxkARTfrZh9OAWsY9yxeg==
x-fb-trip-id: 720026100
x-fb-content-md5: 832ffff99d86c12cb7a158dea3534883
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Thu, 11 Aug 2022 02:45:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "a32045f12f6960817dfea38709a1778f"
timing-allow-origin: *
expires: Thu, 11 Aug 2022 03:04:28 GMT

GET
H2 200 plusone.js Show response
apis.google.com/js/ 52 KB
21 KB 204ms
62ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js?onload=onLoadCallback

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd9abc866479138018002b892027bfaf3fa51047dd604e50ae847835c063a75b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20364
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
date: Thu, 11 Aug 2022 02:45:27 GMT
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "fc45f73e716f4065"
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 11 Aug 2022 02:45:27 GMT

GET
H2 200 jquery.jgrowl.min.css
ukr-mova.in.ua/assets/components/ajaxform/css/lib/ 2 KB
2 KB 86ms
85ms Stylesheet
text/css 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/ajaxform/css/lib/jquery.jgrowl.min.css
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ad118ef2963bf326fac31ad81d3aea7efd26a2c9027eafa4bfd18b09f13fd687

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/assets/components/ajaxform/css/A.mova.css.pagespeed.cf.hW0QbgvBSY.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.000/wn658:0.000/
last-modified: Wed, 08 Nov 2017 08:09:22 GMT
server: nginx
etag: "5a02bbb2-6af"
content-type: text/css
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 1711
expires: Sat, 10 Sep 2022 02:45:27 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
346 B 191ms
61ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RGJRK45Q0D&gtm=2oe880&_p=820306952&cid=1270722294.1660185927&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660185927&sct=1&seg=0&dl=https%3A%2F%2Fukr-mova.in.ua%2F&dt=%D0%9B%D0%B5%D0%BF%D0%B5%D1%82%D1%83%D0%BD%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%B2%D0%B0%D0%BC%20%D0%B2%D0%B8%D0%B2%D1%87%D0%B8%D1%82%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%83%20%D0%BC%D0%BE%D0%B2%D1%83%20%D1%88%D0%B2%D0%B8%D0%B4%D0%BA%D0%BE%20%D1%96%20%D0%B2%D0%B5%D1%81%D0%B5%D0%BB%D0%BE%20%7C%20%D0%9C%D0%BE%D0%B2%D0%B0%20%E2%80%93%20%D0%94%D0%9D%D0%9A%20%D0%BD%D0%B0%D1%86%D1%96%D1%97&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RGJRK45Q0D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:27 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ukr-mova.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Bg.png
ukr-mova.in.ua/assets/templates/images/ 5 KB
5 KB 93ms
93ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/templates/images/Bg.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1492f13f86dec17d82703c69f04876ac6d2eb57f331b8319076590cef2d6a4ec

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.001/wn658:0.000/
last-modified: Sun, 04 Jan 2015 11:46:42 GMT
server: nginx
etag: "54a92822-12c4"
content-type: image/png
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 4804
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 Mova.png
ukr-mova.in.ua/assets/templates/images/ 6 KB
6 KB 155ms
154ms Image
image/png 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ukr-mova.in.ua/assets/templates/images/Mova.png
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 76e8afd1a54e3c4a9a0e604b4766afe94381eb62ad8bff5b3c641e7a970f0e66

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.001/wn658:0.000/
last-modified: Wed, 10 Dec 2014 19:11:12 GMT
server: nginx
etag: "54889ad0-17c3"
content-type: image/png
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 6083
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 PragmaticaC.woff
ukr-mova.in.ua/assets/templates/fonts/ 15 KB
15 KB 154ms
154ms Font
font/woff 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/fonts/PragmaticaC.woff
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 11237bed4d1fa875bf345142d50731137039190b47aa457efd5c6c0aeec93755

Request headers

Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.001/wn658:0.000/
last-modified: Wed, 10 Dec 2014 19:11:06 GMT
server: nginx
etag: "54889aca-3bf4"
content-type: font/woff
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 15348
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 icomoon.woff
ukr-mova.in.ua/assets/templates/fonts/ 8 KB
8 KB 154ms
154ms Font
font/woff 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/fonts/icomoon.woff?-sm9jq8
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 025d6947e5924707bf0315200f65bd967680ba42e5c8e6b6948fa9405ccdf9d8

Request headers

Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.001/wn658:0.000/
last-modified: Tue, 23 May 2017 20:22:06 GMT
server: nginx
etag: "592499ee-1e10"
content-type: font/woff
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 7696
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 PragmaticaLightC.woff
ukr-mova.in.ua/assets/templates/fonts/ 15 KB
15 KB 154ms
154ms Font
font/woff 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/fonts/PragmaticaLightC.woff
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 62c1857dee37b756c49089ed0d15e32fbd1bae2cf3d581fc924ff695dc206e0d

Request headers

Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.001/wn658:0.000/
last-modified: Wed, 10 Dec 2014 19:11:08 GMT
server: nginx
etag: "54889acc-3cd8"
content-type: font/woff
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 15576
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 sdk.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 166ms
59ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:27 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 46762
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 12 Jul 2022 16:46:21 GMT
server: cloudflare
etag: W/"1bbec-181f34df348"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da29f9ac0769e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:27 GMT

GET
H2 200 icomoon-soc.woff
ukr-mova.in.ua/assets/templates/fonts/ 2 KB
2 KB 135ms
135ms Font
font/woff 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/templates/fonts/icomoon-soc.woff?-sm9jq8
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 94dc26972578717e2b66d6e19d4384d3a202ac8f638f5c4f6c795ce2219049c4

Request headers

Referer: https://ukr-mova.in.ua/assets/components/minifyx/cache/A.styles_9809d659cf.min.css.pagespeed.cf.RL0Khtwe2k.css
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.000/wn658:0.000/
last-modified: Tue, 23 May 2017 20:25:25 GMT
server: nginx
etag: "59249ab5-830"
content-type: font/woff
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
accept-ranges: bytes
content-length: 2096
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 jquery.form.min.js Show response
ukr-mova.in.ua/assets/components/ajaxform/js/lib/ 14 KB
5 KB 123ms
123ms Script
application/javascript 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/ajaxform/js/lib/jquery.form.min.js
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: dec02000effb475b67302569444c69f36700bdaad525f95956a2ba3873361f6d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.002/wn658:0.000/
content-encoding: br
last-modified: Wed, 08 Nov 2017 08:09:22 GMT
server: nginx
etag: W/"5a02bbb2-3983"
content-type: application/javascript
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H2 200 jquery.jgrowl.min.js Show response
ukr-mova.in.ua/assets/components/ajaxform/js/lib/ 5 KB
2 KB 123ms
122ms Script
application/javascript 2a00:7a60:0:1054::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ukr-mova.in.ua/assets/components/ajaxform/js/lib/jquery.jgrowl.min.js
Requested by: Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:1054::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9fdc13189ace49bfcaf1cedffaec9e88aba48b26210730af49cd1893f270ac98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p1053:0.001/wn658:0.000/
content-encoding: br
last-modified: Wed, 08 Nov 2017 08:09:22 GMT
server: nginx
etag: W/"5a02bbb2-1572"
content-type: application/javascript
cache-control: max-age=2592000
date: Thu, 11 Aug 2022 02:45:27 GMT
expires: Sat, 10 Sep 2022 02:45:27 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 302 KB
86 KB 139ms
68ms Script
application/x-javascript 2a03:2880:f007:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=0f1e0b0084625c062d5dfed46312f3fc

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f007:8:face:b00c:0:1 Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d14344dba462f8e66fdee868f6bbf7fa18dce506c91856d3d30a3d332af5d6aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://ukr-mova.in.ua/
Origin: https://ukr-mova.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: BNDF2LIz0jT3YAdFxm4lCg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87848
x-fb-rlafr: 0
x-fb-debug: kWBRW725Ml8+OAgW3YuN1Q4hEl0+WFQMJFUkZ3k+Ctm2JDQSfbFJXaZoqNk9JKrR6lKfAQ+V30BvvwmgLBbj5g==
x-fb-content-md5: 35f2a8eb7d5c0a70823540caa6771b01
x-frame-options: DENY
date: Thu, 11 Aug 2022 02:45:27 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "4433625248a3847026483632bcdb7972"
timing-allow-origin: *
priority: u=3,i
expires: Thu, 10 Aug 2023 19:41:42 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S0MFEB7Jrgw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rrjPu-arphKs_q6oTtOBLYqL7zQ/ 149 KB
51 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.S0MFEB7Jrgw.O/m=plusone/rt=j/sv=1/d=1/ed=1/rs=AHpOoo_rrjPu-arphKs_q6oTtOBLYqL7zQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js?onload=onLoadCallback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6b2b25a142371787833c80f00e0dd0f1fd3b680b56fb7bc18b8af9de6fbbb80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 11:12:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51969
x-xss-protection: 0
last-modified: Wed, 06 Jul 2022 15:25:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 11:12:08 GMT

GET
H3 200 584 Show response
sandbox-api-esp.piano.io/publisher/fusion/lucid/data/ 4 KB
2 KB 329ms
283ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/publisher/fusion/lucid/data/584?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfafb3754fac3da8becfd248f7142dc0cdcb641b75a19ffbc828519b5509eb5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"e1c-ghWgSn9E81nmxrekgoAFBWE21wQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-allow-credentials: true
cf-ray: 738da2a1bd09405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 584
sandbox-api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 220ms
170ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/publisher/fusion/lucid/data/584?email=&visitor=&stored_visitor=&pnespid=

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 738da2a05c5f73df-LHR
date: Thu, 11 Aug 2022 02:45:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/ 340 KB
120 KB 188ms
80ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32c6350e7fe7ffbdec82903dcfa6ecde66ca3a41eeda310457256257a69a58a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122756
x-xss-protection: 0
server: cafe
etag: 3526963378579199442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 02:45:27 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/ Frame 89CE 10 KB
5 KB 183ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220808/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 15316
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 22:30:11 GMT
etag: 8616628553774171045
expires: Wed, 24 Aug 2022 22:30:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 253ms
103ms Fetch
text/plain 2a03:2880:f107:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=391185391051135&input_token&origin=1&redirect_uri=https%3A%2F%2Fukr-mova.in.ua%2F&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=0f1e0b0084625c062d5dfed46312f3fc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f107:83:face:b00c:0:25de Vienna, Austria, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: hgAprcv/oH3eMGrizBpheKK9pSESsx/EdYbuIfnHJUnaoMnD9b9xom0PZkftUjU0BJFJ97NDir/mvsX+y1trdA==
fb-s: unknown
date: Thu, 11 Aug 2022 02:45:28 GMT
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
647 B 274ms
63ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ukr-mova.in.ua&callback=_gfp_s_&client=ca-pub-6503488954991490

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6503488954991490&plah=ukr-mova.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

8f3bcb545333028b45ebf3608187dc6e82547dce571c9405f88076209b9e6365

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 205ms
63ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ukr-mova.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 192ms
62ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ukr-mova.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1495 180 KB
48 KB 467ms
358ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&adk=1812271804&adf=3025194257&lmt=1660185928&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fukr-mova.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927703&bpp=2&bdt=595&idt=310&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5908460104185&frm=20&pv=2&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=323

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

546fff1bb0ec12d2f26259f5e7c85eb5d537de5797f36576b0c510a37f53f784

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 49241
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:45:28 GMT
expires: Thu, 11 Aug 2022 02:45:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 536E 22 KB
9 KB 521ms
421ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927705&bpp=2&bdt=596&idt=325&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gyuuJgRmMo&p=https%3A//ukr-mova.in.ua&dtd=330

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b6fa723806d220c25210375a516f78077d39bfbdf393aaffeb393afec9dcb01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9688
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:45:28 GMT
expires: Thu, 11 Aug 2022 02:45:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5218 134 KB
43 KB 441ms
346ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927707&bpp=1&bdt=599&idt=331&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Par4vG9Pj6&p=https%3A//ukr-mova.in.ua&dtd=334

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65b6d60cbfdddcf08b43fa6e48c40e8934285e6426fdcc5b9e5add221df10d52

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJq8isTivfkCFQvRuwgdctEP6g&gqi=SG30YvSmCsLC3gP4xrPgBQ&layout=/sadbundle/%24csp%253Der3%24/18181414932278739764/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 43901
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJq8isTivfkCFQvRuwgdctEP6g&gqi=SG30YvSmCsLC3gP4xrPgBQ&layout=/sadbundle/%24csp%253Der3%24/18181414932278739764/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:45:28 GMT
expires: Thu, 11 Aug 2022 02:45:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iframeResizer.min.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 56ms
55ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vx.1.97.9-5621eff&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 33347
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"2e2f-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a38e79405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 state-machine.min.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 99ms
98ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vx.1.97.9-5621eff&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 33347
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"f2a-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a38e7a405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 displayer.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 57ms
56ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vx.1.97.9-5621eff&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 33347
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"8abb-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a38e7b405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 displayer.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/widgets/sticky_bottom/ 2 KB
1 KB 99ms
98ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/sticky_bottom/displayer.js?v=vx.1.97.9-5621eff&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a21f2c87fdaa803b3f6b750d7131ead9732d9214d1c555b873dfd5ff02d2001d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 33347
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"135a-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a38e7c405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 displayer.js Show response
sandbox-api-esp.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/ 5 KB
3 KB 56ms
55ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/vx/widgets/rec_onsite_embedded/displayer.js?v=vx.1.97.9-5621eff&p=700

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 33347
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"3b47-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a38e7d405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 1981 Show response
sandbox-api-esp.piano.io/publisher/unattended/ Frame 6588 7 KB
3 KB 155ms
154ms Document
text/html 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5bab81d6e9b50d4005ae3bff1c1cbad0e52856db8a8af00f21ee1c72f0ef2571

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: sandbox-api-esp.piano.io
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=31536000 public
cf-cache-status: DYNAMIC
cf-ray: 738da2a42ed2405e-LHR
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 11 Aug 2022 02:45:28 GMT
etag: W/"1def-ueI5ia0JKXdTLuMUamki3zEH68Y"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 11 Aug 2023 02:45:28 GMT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
x-cache-status: HIT

GET
H3 200 styles.css
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/ Frame 6588 3 KB
2 KB 55ms
54ms Stylesheet
text/css 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/styles.css?v=vx.1.97.9-5621eff

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5e5c5a378ee4fa9b338c69434dc4b624749b170c0a09bbe8d8c1d14e2391335

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 26708
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"123a-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a53f6d405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 styles.css
sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/ Frame 6588 2 KB
2 KB 58ms
56ms Stylesheet
text/css 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/styles.css?v=vx.1.97.9-5621eff

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

90532202ccd82df3cbc1db9c4aa50fd85dc2bc50dcbe39f37c36da16889d3009

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 33346
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"ab7-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: text/css; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a53f73405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H2 200 jquery-2.2.0.min.js Show response
code.jquery.com/ Frame 6588 84 KB
29 KB 171ms
47ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.0.min.js
Requested by: Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-14e55"
vary: Accept-Encoding
x-hw: 1660185928.dop040.lo4.t,1660185928.cds291.lo4.hn,1660185928.cds254.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29875

GET
H3 200 state-machine.min.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/lib/state-machine/ Frame 6588 4 KB
2 KB 56ms
54ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/lib/state-machine/state-machine.min.js

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 47511
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 14:05:37 GMT
server: cloudflare
etag: W/"f2a-1825ee05768"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a53f74405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 iframeResizer.contentWindow.min.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/lib/iframeResizer/ Frame 6588 12 KB
5 KB 56ms
55ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/lib/iframeResizer/iframeResizer.contentWindow.min.js

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7e8e00881d1c861282dfedc25dab47cb9140df10ad6221367451780907e47fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 47511
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 26 Jul 2022 12:59:07 GMT
server: cloudflare
etag: W/"3411-1823a96f178"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a53f76405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 form.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/ Frame 6588 8 KB
3 KB 58ms
57ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/form.js?v=vx.1.97.9-5621eff

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19a9fc41a0e356987fe32c9ada7bd7fcd26b21436d18e94229d1b58f4cef50a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 33347
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"3a15-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a53f77405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 200 form.js Show response
sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/ Frame 6588 2 KB
1 KB 62ms
61ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/sticky_bottom/form.js?v=vx.1.97.9-5621eff

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323e72bcc317bd42257844c45b1631b698ee06f75eed96b1bd6538ad10fb2052

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: HIT
age: 33347
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"f7c-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a53f79405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6588 2 KB
1 KB 190ms
62ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sandbox-api-esp.piano.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 02:39:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 02:45:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 02:45:28 GMT

POST
H3 200 700 Show response
sandbox-api-esp.piano.io/tracker/lucid/visit/ 65 B
638 B 193ms
193ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/tracker/lucid/visit/700?story_url=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=91aiwpf1vm5d8wpn

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1361b5e594568f2f6182216c45cff802af823190f3106b82820007e54a7c5770

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
etag: W/"41-W+MwdNm8KyzRKQFv09SJWj+Q6/0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-allow-credentials: true
cf-ray: 738da2a6484b405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 700
sandbox-api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 166ms
166ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/tracker/lucid/visit/700?story_url=https%3A%2F%2Fukr-mova.in.ua%2F&visitor=91aiwpf1vm5d8wpn

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 738da2a53f8373df-LHR
date: Thu, 11 Aug 2022 02:45:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 700 Show response
sandbox-api-esp.piano.io/push/sdk/event/ 39 B
586 B 170ms
170ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/push/sdk/event/700

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-allow-credentials: true
cf-ray: 738da2a6585b405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H3 200 700
sandbox-api-esp.piano.io/push/sdk/event/ Frame 0
0 161ms
160ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/push/sdk/event/700

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 738da2a55f9a73df-LHR
date: Thu, 11 Aug 2022 02:45:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

OPTIONS
H3 200 700
sandbox-api-esp.piano.io/push/sdk/event/ Frame 0
0 201ms
201ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/push/sdk/event/700

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ukr-mova.in.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://ukr-mova.in.ua
access-control-max-age: 36000
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 738da2a55f9b73df-LHR
date: Thu, 11 Aug 2022 02:45:28 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains

POST
H3 200 700 Show response
sandbox-api-esp.piano.io/push/sdk/event/ 39 B
586 B 166ms
166ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/push/sdk/event/700

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/assets/templates/js/jquery-1.10.2.min.js.pagespeed.jm.ZzSiN_5Whq.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://ukr-mova.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
vary: X-HTTP-Method-Override
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39
server: cloudflare
etag: W/"27-ZRtc8GKflOIDdJdAqG9vuofWUr0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://ukr-mova.in.ua
access-control-allow-credentials: true
cf-ray: 738da2a6987c405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 536E 3 KB
1 KB 253ms
108ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927705&bpp=2&bdt=596&idt=325&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gyuuJgRmMo&p=https%3A//ukr-mova.in.ua&dtd=330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 02:12:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 536E 140 KB
43 KB 76ms
63ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:45:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 536E 17 KB
8 KB 199ms
54ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:23:53 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/ Frame 6094 120 KB
22 KB 239ms
113ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/index.html

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1438f25896068663f848fdb2c7bc8bc4efdacc23fab9ca491461cbc1a7b6466a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 511088
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 21401
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 05 Aug 2022 04:47:20 GMT
expires: Sat, 05 Aug 2023 04:47:20 GMT
last-modified: Mon, 22 Nov 2021 21:17:48 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 34B6 0
0 100ms
100ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAkyESG30Ypr4Coui7_UP8qK_0A7Q6LbQaLr-hJOHD64CEAEg7YqoJ2CVAqAB7vOijAPIAQmpAg5FjA0nSLE-qAMByANIqgTlAU_Q50Igc2Rhu0_2a3KshD9ToLec42uZWxJEjBDuNKoIxWB_540E4gsP3fbgBtRS3rVtKqIpPUIFxPiM3lrDusaN05EPZgltGUF3d9DtW2EvbzNL8zoXzSAnmwUbJIzJ3CRzC4PY2ClBZBomtsnXhg1RAsT0853ZLyioDL9uKoCchqlqAfqVsA5LOK4cjZjmhkqMPp6-Tadc02vSwmFVZSg-FQJzWy7JlLohiJ2Ir1hea63F0274FIPbhPujFrfKiY73mXVGcJKj7LXuWwGJqG62QQ9seZ8wB-xnGjr0XUIs9gjcUwfABP7JkIfGAZIFBAgEGAGSBQQIBRgEoAYugAf6i91zqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1c8C0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItNjUwMzQ4ODk1NDk5MTQ5MBgA&sigh=oVz0gGDknOc&uach_m=[UACH]&template_id=419

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927707&bpp=1&bdt=599&idt=331&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Par4vG9Pj6&p=https%3A//ukr-mova.in.ua&dtd=334
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 02:45:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Aug 2022 02:45:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 34B6 23 KB
10 KB 185ms
61ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927707&bpp=1&bdt=599&idt=331&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Par4vG9Pj6&p=https%3A//ukr-mova.in.ua&dtd=334

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:46:45 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 34B6 3 KB
1 KB 235ms
111ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 02:12:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34B6 140 KB
43 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:45:28 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 34B6 17 KB
7 KB 195ms
72ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:23:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 536E 0
0 98ms
97ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cmq0PSG30YuGwC8qK7_UP9eG0sAfJntKxXI3w4taTAcCNtwEQASAAYJUCggEXY2EtcHViLTY1MDM0ODg5NTQ5OTE0OTCgAdW20uoDyAEJqQIORYwNJ0ixPqgDAaoEvwFP0Ev0-bgnvitD6MRXoyOfHQ8_O5qf85QYU0jFtMld5zCr83Q0jf_i0L7K3kjz2LctQPoaxkcDeylquhskFY1Ask81L66IbAoS7990X5RTCoGZq7zQQeDJfLucJi-neFWubhFuNojKZ8Ko2RQ6YyUQYU5YBbHupsfurSmLgokG_LxXFzTuAhyhGpBBG_B1jntLgetOMZE4BYLCFtB19MYPg_g_qg5tOpPu1fnbuMdZJTV4ZEKef-O9rvvaY-bDSoAGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNjUwMzQ4ODk1NDk5MTQ5MBgA&sigh=J3ztec-c1PI&uach_m=[UACH]&cid=CAQSGwCsnQUxUE4OC72tSIY6mANg5Vo1I3xKdi_YaxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927705&bpp=2&bdt=596&idt=325&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gyuuJgRmMo&p=https%3A//ukr-mova.in.ua&dtd=330
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 02:45:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 11 Aug 2022 02:45:28 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 536E 0
0 217ms
62ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kpCTFMz6ROQImAKdg2ICAgAAANqw0-t8Sodvlro1-BBHbfRiWNwrryf9LiC0nhwAEgAA&wp=YvRtSAAC2GEIu8VKAA0w9VgI-IWJP1Ravj4Q6w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 299049
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 597A 208 KB
58 KB 308ms
155ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC2GEIu8VKAA0w9VgI-IWJP1Ravj4Q6w&u=%7CwqIxbPs5WaLCckdF9d3IMRtcgfShb1%2BTXeKeQexjKT8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGyKI8YUoHRYndYRUGBTZZjZET-wX_6TnO_E2ANgzO-KZrYazzqdk9qxSAgcYTbXth6_OPSIbHia13BJbpSJSEIfz6EMEIK79R0XbADVvSvE1WuSMUGz5OMpknyh-3mGasz-wa9qKH8ZgI_SvPhDdRg4qnFwL2SkIvi1Wf4MmAard1aa-wvCHgkj9wdXB2ISzaIQqxkJqU9Zlv8sEt6yuGxFqx7H1lQsTJhp3U_Kq9_0lPNY0x7UVr1TFdbkfCTY8gM3RBCGZVh7b4ijfV1lMU4yB25CTIlli3n1DAR74jLF9FEAiG2L3D0NOpoFA9xB9e5jvA4wNCqc6WhouRw5OtdNgZM1Cg5k0_ECFiLK7PEoGZly-C-AUDMgQM7ZigwYorsktcl78-kAQOcCecMa6d91A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9-bnSG30YuGwC8qK7_UP9eG0sAfJntKxXI3w4taTAcCNtwEQASAAYJUCggEXY2EtcHViLTY1MDM0ODg5NTQ5OTE0OTCgAdW20uoDyAEJqQIORYwNJ0ixPqgDAaoEwgFP0Ev0-bgnvitD6MRXoyOfHQ8_O5qf85QYU0jFtMld5zCr83Q0jf_i0L7K3kjz2LctQPoaxkcDeylquhskFY1Ask81L66IbAoS7990X5RTCoGZq7zQQeDJfLucJi-neFWubhFuNojKZ8Ko2RQ6YyUQYU5YBbHupsfurSmLgokG_LxXFzTuAhyhGpBBG_B1jntLgetOMZE4BYKAFPHnc0mTkEejvq29BzUW3O3RDs13PbfMrH84jVyjguNfyWLQ9fdu_4AGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pxQ-RclnfUbCjh_CiQUrGTf-XJw%26client%3Dca-pub-6503488954991490%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a71f0780c5ab66bcb4601f96e60315a177b67c3a7f241660dbe5b9292d244148

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:45:28 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=HTUWUBr5X-5lt4FJPrpbDN7Xs9kXzgfpf70vu3n-j3IgPNOEERIwZSv9oo7BIDYtpbrWXWUuSpw6AR_BqSiSMhd9ZbFF6nltsWjbQ04bIHQdkRbumXLq6NmWn4DvjJ21ptYRPMe6-jEYRST0WSMEg4kxyVL8mivvccrVPiR4-gTyL4eiJhhMQ4iMN-2TJB1MihFKmvmCPHgwinHMZuuh3gGpgwqHr43QDMNpKOqYf4b06bmgLaLQNa435rwVAsD7tn8hjQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 99805810
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/ 150 KB
53 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208040101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e919e172348a1495c1a1aae092525c23364469ec6b663b8b36706c34114e93a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54600
x-xss-protection: 0
server: cafe
etag: 5486024112318129278
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 11 Aug 2022 02:45:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
86ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=8%2C1&c=ca-pub-6503488954991490&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 icomoon.woff
sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/fonts/ Frame 6588 3 KB
2 KB 61ms
61ms Font
application/font-woff 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://sandbox-api-esp.piano.io/public/sdk/v04/widgets/base/fonts/icomoon.woff?vx.1.97.9-5621eff

Requested by

Host: sandbox-api-esp.piano.io
URL: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://sandbox-api-esp.piano.io/publisher/unattended/1981?wv=50&v=vx.1.97.9-5621eff
Origin: https://sandbox-api-esp.piano.io
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 24147
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-max-age: 36000
strict-transport-security: max-age=86400; includeSubDomains
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 15:58:20 GMT
server: cloudflare
etag: W/"b70-182887a6960"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/font-woff
access-control-allow-origin: https://sandbox-api-esp.piano.io
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 738da2a6b891405e-LHR
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Fri, 11 Aug 2023 02:45:28 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 90ms
89ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=8%2C1&c=ca-pub-6503488954991490&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 174ms
64ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=ukr-mova.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 172ms
63ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ukr-mova.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/ Frame 070C 10 KB
4 KB 54ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 5476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 01:14:12 GMT
etag: 8616628553774171045
expires: Thu, 25 Aug 2022 01:14:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/ Frame 04A7 10 KB
4 KB 54ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 5476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4412
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 01:14:12 GMT
etag: 8616628553774171045
expires: Thu, 25 Aug 2022 01:14:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 536E 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebbc9c5f62caef01c11dd139d367fc7d9def5efee0fed2692a8c0cbf4ca8b846

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED90 143 B
163 B 54ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=5558448768&adk=2712173870&adf=1733808768&pi=t.ma~as.5558448768&w=373&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=373x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927707&bpp=1&bdt=599&idt=331&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1124x280&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=951&ady=1041&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Par4vG9Pj6&p=https%3A//ukr-mova.in.ua&dtd=334
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:10:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 070C 4 KB
636 B 171ms
63ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 02:41:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 02:45:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 02:45:28 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 070C 205 B
742 B 184ms
54ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:15:25 GMT
x-content-type-options: nosniff
age: 5403
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Aug 2023 01:15:25 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 070C 604 B
694 B 184ms
55ms Image
image/png 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:15:40 GMT
x-content-type-options: nosniff
age: 1788
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 11 Aug 2023 02:15:40 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/ Frame 070C 19 KB
8 KB 192ms
80ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:31:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4457
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8392
x-xss-protection: 0
server: cafe
etag: 14983445617412810031
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:31:11 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 04A7 0
0 99ms
99ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRuO1SG30YvnGC67_7_UPrdWFyAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjUwMzQ4ODk1NDk5MTQ5MKAB1bbS6gPIAQmpAof4zBPWSLE-qAMBqgS_AU_QeT1FotEVVqbH8mYxmCnVW9zXl5x9B-MBO0iVwBKVYsMmyQqnsZMUPQydK-DkubH62GyjKw0el246Kq7hNboPyKpgnItaE5hmcN9E6njHt24RTpd28UiXYfBRhaFU5hso-ZDGgJ0gvKECJKefTuRpPfHl55tujbjdXO-HjDx3dvQNjNNowu7ORyFGQgSC3cIg7e1oEaZnhLJ5Q_tPWHKh5ylNmAmvsmo01hJy7bibPoEJI4Sn6CFUGx3S_ot0gAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTAzNDg4OTU0OTkxNDkwGAA&sigh=0FlE_eatlbU&uach_m=[UACH]&cid=CAQSGwCsnQUxlLFYlx1htU6gy6BInq5qIF7pfYUhURgB

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 11 Aug 2022 02:45:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 04A7 0
0 206ms
60ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kpCTFMz6RO0HfJ2DYgICAAAAqD5yz80wu4SWujX4EEht9GLroOY5bnQuR3NLHwASAAA&wp=YvRtSAAC43kIu_-uAAFqrW0qeqh9n23uO4S2sA

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
server: Kestrel
server-processing-duration-in-ticks: 180730
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9C38 213 KB
59 KB 178ms
177ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC43kIu_-uAAFqrW0qeqh9n23uO4S2sA&u=%7CwqIxbPs5WaJKnq5%2BTgpMd8eRScH09ZcwgiUICHRw86M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGynjMt37eyyUNDguC3QXKNEALy3uVHQ6_V2jPVlpxNGUwv0npLgTONQTj2TucHpjZ1F7snEJ6hcBGj9oc1e3CBTNDoX3lS4gPMS4ScqTxl9sOjLzEHL-6CUHHlaxajHmSXJc3_4gqV5GBTAHZqnt-shPi_KsUeZUPFpfTuOqrbhwkLoe1XW8xKNUeqiIqN4em0OK6x-WUjr11J7YZYR6wokUeXOrganGWATW-jdAM06AMWxfpCca6r29ZAxw09FLEFred78O24KSTYJQoxj9IwaxrTpvkRitPKoqTp5t3DFPVmuq4k5oxMKMqvLavbeUy17a7blz3oHn1sHGGZENaYNl5_lT7-lGy_-fzkm2P6bJsBC6NWIc-y8n3HIf2qCVJ3jmod5Mzu031GdC2zttS_JA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg3aaSG30YvnGC67_7_UPrdWFyAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjUwMzQ4ODk1NDk5MTQ5MKAB1bbS6gPIAQmpAof4zBPWSLE-qAMBqgTCAU_QeT1FotEVVqbH8mYxmCnVW9zXl5x9B-MBO0iVwBKVYsMmyQqnsZMUPQydK-DkubH62GyjKw0el246Kq7hNboPyKpgnItaE5hmcN9E6njHt24RTpd28UiXYfBRhaFU5hso-ZDGgJ0gvKECJKefTuRpPfHl55tujbjdXO-HjDx3dvQNjNNowu7ORyFGQgSC3cIg7e1oEaZnhPB7YmnI1-6yWLVZO9mSFJI9whjE55aDvDXBHiJVVz94A5h4epjLsk_DgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3NTl_9UaL6GWzcmqdfBSIvznnHkw%26client%3Dca-pub-6503488954991490%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2621c3b570bb8aef89aa21145cbe81fa192e339d269ca1da12d653cbddcc3bed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:45:28 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=8sJnsBr5X-5lt4FJhXGcktV-vweTEszi7_kp_qinF0O6yQOdPTeegxJUADOtxqWGmtZTAz93wTW2_nGr5JlJ81MLhOaNibGXMPlpWlwqWNjngMnwsC4VlSw9XEGi6R2ARI6Q0jTFXKbS4mpdk9UXMrq609G-fhoMDYs8sLq5oG_S4e6R6rNs5cndUExEr1_sRpmFaDw3CQybpF6OiyV4H4OpyVC29NDKlECKyQR0Zen1EfdDVqphJP3LUsyvMeYWQorL9w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 102961889
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 04A7 3 KB
1 KB 196ms
90ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1969
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 02:12:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04A7 140 KB
43 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:45:28 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 04A7 17 KB
7 KB 178ms
73ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4895
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:23:53 GMT

GET
DATA 200
OK truncated
/ Frame 34B6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1455e74c849c5515236b13c11686c0ab1a42b7a7457c675e498b465387d27a5b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6094 16 KB
6 KB 152ms
64ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 07:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68675
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Aug 2022 07:40:53 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6094 26 KB
10 KB 141ms
54ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 05:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77779
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 11 Aug 2022 05:09:09 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame ED90
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

70ms
70ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:45:29 GMT
expires: Thu, 11 Aug 2022 02:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:45:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 597A 2 KB
1 KB 310ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC2GEIu8VKAA0w9VgI-IWJP1Ravj4Q6w&u=%7CwqIxbPs5WaLCckdF9d3IMRtcgfShb1%2BTXeKeQexjKT8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGyKI8YUoHRYndYRUGBTZZjZET-wX_6TnO_E2ANgzO-KZrYazzqdk9qxSAgcYTbXth6_OPSIbHia13BJbpSJSEIfz6EMEIK79R0XbADVvSvE1WuSMUGz5OMpknyh-3mGasz-wa9qKH8ZgI_SvPhDdRg4qnFwL2SkIvi1Wf4MmAard1aa-wvCHgkj9wdXB2ISzaIQqxkJqU9Zlv8sEt6yuGxFqx7H1lQsTJhp3U_Kq9_0lPNY0x7UVr1TFdbkfCTY8gM3RBCGZVh7b4ijfV1lMU4yB25CTIlli3n1DAR74jLF9FEAiG2L3D0NOpoFA9xB9e5jvA4wNCqc6WhouRw5OtdNgZM1Cg5k0_ECFiLK7PEoGZly-C-AUDMgQM7ZigwYorsktcl78-kAQOcCecMa6d91A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9-bnSG30YuGwC8qK7_UP9eG0sAfJntKxXI3w4taTAcCNtwEQASAAYJUCggEXY2EtcHViLTY1MDM0ODg5NTQ5OTE0OTCgAdW20uoDyAEJqQIORYwNJ0ixPqgDAaoEwgFP0Ev0-bgnvitD6MRXoyOfHQ8_O5qf85QYU0jFtMld5zCr83Q0jf_i0L7K3kjz2LctQPoaxkcDeylquhskFY1Ask81L66IbAoS7990X5RTCoGZq7zQQeDJfLucJi-neFWubhFuNojKZ8Ko2RQ6YyUQYU5YBbHupsfurSmLgokG_LxXFzTuAhyhGpBBG_B1jntLgetOMZE4BYKAFPHnc0mTkEejvq29BzUW3O3RDs13PbfMrH84jVyjguNfyWLQ9fdu_4AGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pxQ-RclnfUbCjh_CiQUrGTf-XJw%26client%3Dca-pub-6503488954991490%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 597A 2 KB
1 KB 312ms
57ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 597A 308 B
636 B 358ms
104ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 597A 293 B
621 B 311ms
57ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 597A 43 B
348 B 193ms
56ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Dm14AiB1GfGKclueEhCYwN_E1ni5_0DGY_ZOXKNhNeqCAOOprGe0wJ3YPlgpBif1pjRqkJKp3GlDgARozj_seSIZMJOHtxIFB5D-8a36hbqShSkfNABkHnXZrhAQ00T4jEm1eBcwuT8J6xzFRxiy2ynadE_L834BIZQmIcGXEWQsP5MiZInspRNvEdYO3y95MI8opnNJIMUd6C8ZoSpQc1IOGvjORDd7bjCT87IBIjaPGJZaCe0sXycqh8VC8BWlsn_uUZGG_FjmXyiUaYOnxBj-5kuHL88zYnAehPgpDBBytFKnO_Sgl9a7JQgTNYjQ4lsQWJmK3lML3Uq9oTUisXfY3lZpt3AzMfsMruEbh_fvQQAWf10sQiAO5lDu28WIr3nKaO19kiE94KV-NA7bzexTcL7DpzkUSVaVfwvfxsPvSEJnIOk52pINVtaVsSLu2C_2Cg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:28 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1645117
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 597A 0
689 B 331ms
157ms Image
text/plain 2600:9000:223c:5e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1660185928
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC2GEIu8VKAA0w9VgI-IWJP1Ravj4Q6w&u=%7CwqIxbPs5WaLCckdF9d3IMRtcgfShb1%2BTXeKeQexjKT8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGyKI8YUoHRYndYRUGBTZZjZET-wX_6TnO_E2ANgzO-KZrYazzqdk9qxSAgcYTbXth6_OPSIbHia13BJbpSJSEIfz6EMEIK79R0XbADVvSvE1WuSMUGz5OMpknyh-3mGasz-wa9qKH8ZgI_SvPhDdRg4qnFwL2SkIvi1Wf4MmAard1aa-wvCHgkj9wdXB2ISzaIQqxkJqU9Zlv8sEt6yuGxFqx7H1lQsTJhp3U_Kq9_0lPNY0x7UVr1TFdbkfCTY8gM3RBCGZVh7b4ijfV1lMU4yB25CTIlli3n1DAR74jLF9FEAiG2L3D0NOpoFA9xB9e5jvA4wNCqc6WhouRw5OtdNgZM1Cg5k0_ECFiLK7PEoGZly-C-AUDMgQM7ZigwYorsktcl78-kAQOcCecMa6d91A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9-bnSG30YuGwC8qK7_UP9eG0sAfJntKxXI3w4taTAcCNtwEQASAAYJUCggEXY2EtcHViLTY1MDM0ODg5NTQ5OTE0OTCgAdW20uoDyAEJqQIORYwNJ0ixPqgDAaoEwgFP0Ev0-bgnvitD6MRXoyOfHQ8_O5qf85QYU0jFtMld5zCr83Q0jf_i0L7K3kjz2LctQPoaxkcDeylquhskFY1Ask81L66IbAoS7990X5RTCoGZq7zQQeDJfLucJi-neFWubhFuNojKZ8Ko2RQ6YyUQYU5YBbHupsfurSmLgokG_LxXFzTuAhyhGpBBG_B1jntLgetOMZE4BYKAFPHnc0mTkEejvq29BzUW3O3RDs13PbfMrH84jVyjguNfyWLQ9fdu_4AGx83PmN-e7an5AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2pxQ-RclnfUbCjh_CiQUrGTf-XJw%26client%3Dca-pub-6503488954991490%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:29 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: npzuPjyM5rS69e3YLoZt4mOeSCEVMJQnn0vfXyazxZlp_n6uQDCr4A==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 597A 12 KB
6 KB 282ms
108ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 554D 8 KB
893 B 65ms
64ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 11 Aug 2022 02:39:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 11 Aug 2022 02:45:29 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 11 Aug 2022 02:45:29 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 554D 2 KB
902 B 53ms
53ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:30:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 875
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 02:30:54 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/ Frame 554D 23 KB
9 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:46:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3524
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9660
x-xss-protection: 0
server: cafe
etag: 13823643058518418725
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:46:45 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 554D 3 KB
1 KB 70ms
68ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:12:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1970
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 02:12:39 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 554D 140 KB
43 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44011
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1659958456967243"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:45:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/ Frame 554D 17 KB
7 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220808/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 01:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4896
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7596
x-xss-protection: 0
server: cafe
etag: 12715132177492665634
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 25 Aug 2022 01:23:53 GMT

GET
H3 200 8b4497fa63e027c9bb788e6248932fc0.js Show response
www.gstatic.com/mysidia/ Frame 554D 32 KB
13 KB 164ms
54ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8b4497fa63e027c9bb788e6248932fc0.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 08 Aug 2022 14:00:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 218677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13370
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 21:59:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 14:00:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 7 KB
7 KB 301ms
56ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=WdRf6Q9mQAgL2zFfhMMUtchQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31037387
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6722
expires: Sat, 05 Aug 2023 08:15:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 3 KB
3 KB 354ms
109ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoStepStone-sucht-fur-das-Deutsche-Rote-Kreuz-295856DE-2203290822.gif%3Feb%3D1&v=3&w=800&s=VpvLKR3klboFeQeW28_GABdI&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1444194
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2742
expires: Sat, 27 Aug 2022 19:55:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 1 KB
1 KB 355ms
111ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBKA_Bundeskriminalamt_4558DE.gif%3Feb%3D1&v=3&w=800&s=DI0SONUVXrdIf4n2KRU4NSEh&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2081033
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Sun, 04 Sep 2022 04:49:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 2 KB
2 KB 363ms
120ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=850865
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sat, 20 Aug 2022 23:06:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 2 KB
3 KB 366ms
123ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FV%2FlogoVivantes-Klinikum-Neukolln-71801DE.gif%3Feb%3D1&v=3&w=800&s=ud18VkPcKg0YvObI5XVORgUb&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

23b62c9bd306043c81367161071aa27949409256cff8a85045502592a2fa4376

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1932597
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2342
expires: Fri, 02 Sep 2022 11:35:26 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 2 KB
2 KB 367ms
124ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoFraGround-Fraport-Ground-Services-GmbH-222375DE.gif%3Feb%3D1&v=3&w=800&s=p7imNlwxxrodxxqEMEPxBMSf&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=188931
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1960
expires: Sat, 13 Aug 2022 07:14:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 1 KB
2 KB 73ms
73ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=800&s=5ZBJ5qniP8NhN_Q2K8FX3HYz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=748764
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1382
expires: Fri, 19 Aug 2022 18:44:53 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 597A 0
128 B 191ms
56ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=HTUWUBr5X-5lt4FJPrpbDN7Xs9kXzgfpf70vu3n-j3IgPNOEERIwZSv9oo7BIDYtpbrWXWUuSpw6AR_BqSiSMhd9ZbFF6nltsWjbQ04bIHQdkRbumXLq6NmWn4DvjJ21ptYRPMe6-jEYRST0WSMEg4kxyVL8mivvccrVPiR4-gTyL4eiJhhMQ4iMN-2TJB1MihFKmvmCPHgwinHMZuuh3gGpgwqHr43QDMNpKOqYf4b06bmgLaLQNa435rwVAsD7tn8hjQ&sds=2&rev=82344&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:45:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 597A 2 KB
1 KB 56ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 597A 2 KB
1 KB 54ms
53ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9C38 2 KB
1 KB 170ms
56ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC43kIu_-uAAFqrW0qeqh9n23uO4S2sA&u=%7CwqIxbPs5WaJKnq5%2BTgpMd8eRScH09ZcwgiUICHRw86M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGynjMt37eyyUNDguC3QXKNEALy3uVHQ6_V2jPVlpxNGUwv0npLgTONQTj2TucHpjZ1F7snEJ6hcBGj9oc1e3CBTNDoX3lS4gPMS4ScqTxl9sOjLzEHL-6CUHHlaxajHmSXJc3_4gqV5GBTAHZqnt-shPi_KsUeZUPFpfTuOqrbhwkLoe1XW8xKNUeqiIqN4em0OK6x-WUjr11J7YZYR6wokUeXOrganGWATW-jdAM06AMWxfpCca6r29ZAxw09FLEFred78O24KSTYJQoxj9IwaxrTpvkRitPKoqTp5t3DFPVmuq4k5oxMKMqvLavbeUy17a7blz3oHn1sHGGZENaYNl5_lT7-lGy_-fzkm2P6bJsBC6NWIc-y8n3HIf2qCVJ3jmod5Mzu031GdC2zttS_JA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg3aaSG30YvnGC67_7_UPrdWFyAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjUwMzQ4ODk1NDk5MTQ5MKAB1bbS6gPIAQmpAof4zBPWSLE-qAMBqgTCAU_QeT1FotEVVqbH8mYxmCnVW9zXl5x9B-MBO0iVwBKVYsMmyQqnsZMUPQydK-DkubH62GyjKw0el246Kq7hNboPyKpgnItaE5hmcN9E6njHt24RTpd28UiXYfBRhaFU5hso-ZDGgJ0gvKECJKefTuRpPfHl55tujbjdXO-HjDx3dvQNjNNowu7ORyFGQgSC3cIg7e1oEaZnhPB7YmnI1-6yWLVZO9mSFJI9whjE55aDvDXBHiJVVz94A5h4epjLsk_DgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3NTl_9UaL6GWzcmqdfBSIvznnHkw%26client%3Dca-pub-6503488954991490%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9C38 2 KB
1 KB 218ms
104ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9C38 308 B
636 B 157ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9C38 293 B
621 B 205ms
103ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 9C38 43 B
347 B 58ms
57ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GP0v_KRIYb2R1_pVszN_nNZuML13aH01yIgcpEjXNbhWksSNjV0byHCO0eieUKxmOToMBFz7g7BOKrKH0R1RSCgPvgF51byl_yXUCA4vf7cKXamT8P7524StnSV9fmjUPky5ViwXRedbzjg-8Di5SEIxkuxNW3LBWnHZ18seTZhACjbQuNagZEiwYIbOp_Zhv1l_ud9AZikhlZIK4pClfz8XbVp560bihDe5zGD-75QVz49UWIf6luQmWTcaQK6-zCMrRHGNZLwlZYgLOOYglo2Tpi6OclsfuRAMJCcV29CoTq_BfE-mW2pJOWiBx1prWffEnJ0iZDNV2LipLe5MhHah6uwtVAiIpV40CwvLGWQiKfgNbjG2F3EaziA6Y61P86utySTGsUt8St1y81H2xQ1AET6idNpAf9l2SvwdIN6OouBw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:28 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3326537
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 9C38 0
689 B 189ms
167ms Image
text/plain 2600:9000:223c:5e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1660185927
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC43kIu_-uAAFqrW0qeqh9n23uO4S2sA&u=%7CwqIxbPs5WaJKnq5%2BTgpMd8eRScH09ZcwgiUICHRw86M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGynjMt37eyyUNDguC3QXKNEALy3uVHQ6_V2jPVlpxNGUwv0npLgTONQTj2TucHpjZ1F7snEJ6hcBGj9oc1e3CBTNDoX3lS4gPMS4ScqTxl9sOjLzEHL-6CUHHlaxajHmSXJc3_4gqV5GBTAHZqnt-shPi_KsUeZUPFpfTuOqrbhwkLoe1XW8xKNUeqiIqN4em0OK6x-WUjr11J7YZYR6wokUeXOrganGWATW-jdAM06AMWxfpCca6r29ZAxw09FLEFred78O24KSTYJQoxj9IwaxrTpvkRitPKoqTp5t3DFPVmuq4k5oxMKMqvLavbeUy17a7blz3oHn1sHGGZENaYNl5_lT7-lGy_-fzkm2P6bJsBC6NWIc-y8n3HIf2qCVJ3jmod5Mzu031GdC2zttS_JA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg3aaSG30YvnGC67_7_UPrdWFyAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjUwMzQ4ODk1NDk5MTQ5MKAB1bbS6gPIAQmpAof4zBPWSLE-qAMBqgTCAU_QeT1FotEVVqbH8mYxmCnVW9zXl5x9B-MBO0iVwBKVYsMmyQqnsZMUPQydK-DkubH62GyjKw0el246Kq7hNboPyKpgnItaE5hmcN9E6njHt24RTpd28UiXYfBRhaFU5hso-ZDGgJ0gvKECJKefTuRpPfHl55tujbjdXO-HjDx3dvQNjNNowu7ORyFGQgSC3cIg7e1oEaZnhPB7YmnI1-6yWLVZO9mSFJI9whjE55aDvDXBHiJVVz94A5h4epjLsk_DgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3NTl_9UaL6GWzcmqdfBSIvznnHkw%26client%3Dca-pub-6503488954991490%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:5e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:29 GMT
via: 1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: zhRr_spEgtYWzujA7DjX_CWzG6FAVdQDWEtrPMIAszrCfVdi5bH0Tg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2

200

i
ipds.adrta.com/ Frame 9C38
Redirect Chain

https://adrta.com/i?cb=62f46d486ba31ba41bd121fdf661e103&clid=co&paid=co&avid=1906&caid=330128&plid=11195731&publisherId=141479&kv1=1005X124&kv2=https://googleads.g.doubleclick.net/&kv3=25074c64-801...
https://ipds.adrta.com/i?__x=NGCIPNEIIFCHQBEBJGGGIJNKKLFGILQPNOQAGKKHHMLQHOIMJBHIPKLJIKLLKKOKLEKLMBILLEFPLNIQJNG@JGNOPMHHEMJJKQIGLFOBFMNFGMJQINKPHAE@HBE&cb=62f46d486ba31ba41bd121fdf661e103&clid=co&...

43 B
182 B

190ms
137ms

Image
image/gif

34.195.38.194
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ipds.adrta.com/i?__x=NGCIPNEIIFCHQBEBJGGGIJNKKLFGILQPNOQAGKKHHMLQHOIMJBHIPKLJIKLLKKOKLEKLMBILLEFPLNIQJNG@JGNOPMHHEMJJKQIGLFOBFMNFGMJQINKPHAE@HBE&cb=62f46d486ba31ba41bd121fdf661e103&clid=co&paid=co&avid=1906&caid=330128&plid=11195731&publisherId=141479&kv1=1005X124&kv2=https://googleads.g.doubleclick.net/&kv3=25074c64-8015-404d-9c6c-3b60c67bca62&kv4=2a01:4a0:2c::&kv7=317&kv11=62f46d486ba31ba41bd121fdf661e103&kv12=1129804&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YvRtSAAC43kIu_-uAAFqrW0qeqh9n23uO4S2sA&u=%7CwqIxbPs5WaJKnq5%2BTgpMd8eRScH09ZcwgiUICHRw86M%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6890FvekErGynjMt37eyyUNDguC3QXKNEALy3uVHQ6_V2jPVlpxNGUwv0npLgTONQTj2TucHpjZ1F7snEJ6hcBGj9oc1e3CBTNDoX3lS4gPMS4ScqTxl9sOjLzEHL-6CUHHlaxajHmSXJc3_4gqV5GBTAHZqnt-shPi_KsUeZUPFpfTuOqrbhwkLoe1XW8xKNUeqiIqN4em0OK6x-WUjr11J7YZYR6wokUeXOrganGWATW-jdAM06AMWxfpCca6r29ZAxw09FLEFred78O24KSTYJQoxj9IwaxrTpvkRitPKoqTp5t3DFPVmuq4k5oxMKMqvLavbeUy17a7blz3oHn1sHGGZENaYNl5_lT7-lGy_-fzkm2P6bJsBC6NWIc-y8n3HIf2qCVJ3jmod5Mzu031GdC2zttS_JA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCg3aaSG30YvnGC67_7_UPrdWFyAXJntKxXNWdkfdwwI23ARABIABglQKCARdjYS1wdWItNjUwMzQ4ODk1NDk5MTQ5MKAB1bbS6gPIAQmpAof4zBPWSLE-qAMBqgTCAU_QeT1FotEVVqbH8mYxmCnVW9zXl5x9B-MBO0iVwBKVYsMmyQqnsZMUPQydK-DkubH62GyjKw0el246Kq7hNboPyKpgnItaE5hmcN9E6njHt24RTpd28UiXYfBRhaFU5hso-ZDGgJ0gvKECJKefTuRpPfHl55tujbjdXO-HjDx3dvQNjNNowu7ORyFGQgSC3cIg7e1oEaZnhPB7YmnI1-6yWLVZO9mSFJI9whjE55aDvDXBHiJVVz94A5h4epjLsk_DgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3NTl_9UaL6GWzcmqdfBSIvznnHkw%26client%3Dca-pub-6503488954991490%26adurl%3D
Protocol: H2
Server: 34.195.38.194 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-38-194.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:29 GMT
cache-control: no-cache
server: nginx
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=NGCIPNEIIFCHQBEBJGGGIJNKKLFGILQPNOQAGKKHHMLQHOIMJBHIPKLJIKLLKKOKLEKLMBILLEFPLNIQJNG@JGNOPMHHEMJJKQIGLFOBFMNFGMJQINKPHAE@HBE&cb=62f46d486ba31ba41bd121fdf661e103&clid=co&paid=co&avid=1906&caid=330128&plid=11195731&publisherId=141479&kv1=1005X124&kv2=https://googleads.g.doubleclick.net/&kv3=25074c64-8015-404d-9c6c-3b60c67bca62&kv4=2a01:4a0:2c::&kv7=317&kv11=62f46d486ba31ba41bd121fdf661e103&kv12=1129804&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web
date: Thu, 11 Aug 2022 02:45:29 GMT
server: nginx
content-length: 0

GET
DATA 200
OK truncated
/ Frame 04A7 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc30e851a3d3597fb99c62f670fea0fce21323a342743affc724ca422a585d07

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD52 143 B
163 B 54ms
53ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2071
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:10:58 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9C38 12 KB
6 KB 123ms
58ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 3 KB
3 KB 277ms
116ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1444194
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2742
expires: Sat, 27 Aug 2022 19:55:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 1 KB
1 KB 273ms
112ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2081033
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1266
expires: Sun, 04 Sep 2022 04:49:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 2 KB
2 KB 288ms
127ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=850865
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sat, 20 Aug 2022 23:06:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 1 KB
2 KB 271ms
110ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=748764
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1382
expires: Fri, 19 Aug 2022 18:44:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 2 KB
2 KB 218ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=188931
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1960
expires: Sat, 13 Aug 2022 07:14:20 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 7 KB
7 KB 269ms
111ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=OSVWZlqsAEjHj4o1uxJfPYMJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31037387
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6722
expires: Sat, 05 Aug 2023 08:15:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 2 KB
2 KB 70ms
70ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoSaar-Stahlbau-GmbH-303245DE-2205131749.gif%3Feb%3D1&v=3&w=800&s=RA2Pw5sIcg3H3pVSaC1kkhRO&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b6c8ddc9a9c7e27fbae41d1a1f375f003293c8768f17a5a8cf71c69fb91bd029

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=606488
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2280
expires: Thu, 18 Aug 2022 03:13:37 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9C38 0
127 B 106ms
57ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=8sJnsBr5X-5lt4FJhXGcktV-vweTEszi7_kp_qinF0O6yQOdPTeegxJUADOtxqWGmtZTAz93wTW2_nGr5JlJ81MLhOaNibGXMPlpWlwqWNjngMnwsC4VlSw9XEGi6R2ARI6Q0jTFXKbS4mpdk9UXMrq609G-fhoMDYs8sLq5oG_S4e6R6rNs5cndUExEr1_sRpmFaDw3CQybpF6OiyV4H4OpyVC29NDKlECKyQR0Zen1EfdDVqphJP3LUsyvMeYWQorL9w&sds=2&rev=82344&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:45:28 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9C38 2 KB
1 KB 60ms
59ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9C38 2 KB
1 KB 56ms
56ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 06 Aug 2023 02:45:29 GMT

GET
H3 200 7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6094 36 KB
14 KB 55ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14169
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 13:08:52 GMT

GET
H3 200 Poster_BrunoWelz_70x100c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/ Frame 6094 80 KB
80 KB 62ms
60ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/Poster_BrunoWelz_70x100c.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02328d4b6141e1039c83a00e7c520c56aefaac1b83f672f88169c3676aa2f865

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 335970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82068
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 21:17:48 GMT
server: sffe
date: Sun, 07 Aug 2022 05:25:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 05:25:59 GMT

GET
H3 200 Logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/ Frame 6094 6 KB
6 KB 61ms
59ms Image
image/png 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/Logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b045d469c2bfa05c71375e4b89e9b8cdd6b96db206bc233ca0229b52671718b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 335970
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6435
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 21:17:48 GMT
server: sffe
date: Sun, 07 Aug 2022 05:25:59 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 05:25:59 GMT

GET
H3 200 01.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/ Frame 6094 41 KB
41 KB 75ms
73ms Image
image/jpeg 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18181414932278739764/01.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c13e876d66cdc4f142af20709dcb671be36ab51e8b9e45e3632672a611f11fbb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 298180
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42394
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 21:17:48 GMT
server: sffe
date: Sun, 07 Aug 2022 15:55:49 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 07 Aug 2023 15:55:49 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DD52
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

83ms
82ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220808/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:45:29 GMT
expires: Thu, 11 Aug 2022 02:45:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 11 Aug 2022 02:45:29 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 3 KB
3 KB 57ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1444194
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2742
expires: Sat, 27 Aug 2022 19:55:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 3 KB
3 KB 57ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1444194
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2742
expires: Sat, 27 Aug 2022 19:55:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 597A 2 KB
2 KB 56ms
56ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:27 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=850867
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sat, 20 Aug 2022 23:06:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9C38 2 KB
2 KB 57ms
56ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:28 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=850865
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sat, 20 Aug 2022 23:06:35 GMT

GET
H3 200 7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js Show response
pagead2.googlesyndication.com/bg/ Frame F0E4 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js

Requested by

Host: ukr-mova.in.ua
URL: https://ukr-mova.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48997
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14169
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 13:08:52 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 536E 42 B
64 B 197ms
87ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvmIMJ4O3ALhBy8NT_oaxOSW4BWmGSXhbGybafrCLA0IucYVpjvxUuySVE9wNmzIIt4LNqafOMoKYFmoI5Bu2WmekdU&sig=Cg0ArKJSzFQBHDO_SHCBEAE&id=lidar2&mcvt=1000&p=0,0,280,1124&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=829229000&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660185928036&rpt=673&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 125ms
69ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220808&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981e95aa3f1ed16a9669b794883d2c13e4de05ac13d6df1c374bbb3bffad5beb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11155
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34B6 42 B
64 B 130ms
125ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvowUl_79tVm1leabQxZ-CJd5-W_J1XuxD_Zba5SnnuIX9SQBlJxCAjoOzEowtCqVhZjLYysA6tFAJf60V5s4PJROGhykmxiwl1TMERGaLeAMHFD55aCOh15H_A_O4QaC1DXCNoQx5bCZHA&sai=AMfl-YQdhQY_VSdrQdPusvfnbVLN4xq9zoWbzJloMrZLnXDeIw-2R-MhzHRoYYoRihU4zR09HkusKtmMzMNI&sig=Cg0ArKJSzP8ToarEqELAEAE&id=lidar2&mcvt=1000&p=0,0,280,280&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20220808&bin=7&avms=nio&bs=0,0&mc=0.57&if=1&vu=1&app=0&itpl=2&adk=2712173870&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660185928506&rpt=308&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 11 Aug 2022 02:45:29 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08B9 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 34402
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 10 Aug 2022 17:12:08 GMT
expires: Thu, 10 Aug 2023 17:12:08 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9BD9 783 B
536 B 63ms
62ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d45f76226b7ba0438a1f11487b40336495905e4d961b7be0156c289c42cd850

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jF1Db0QWfyo34wGvkNpgWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ukr-mova.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-jF1Db0QWfyo34wGvkNpgWg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 11 Aug 2022 02:45:30 GMT
expires: Thu, 11 Aug 2022 02:45:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js Show response
pagead2.googlesyndication.com/bg/ Frame 08B9 36 KB
14 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7_ytIEpYWpd7XN7KxgxvHAG9q-1MjoUA1EpcWWHxRKk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 13:08:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14169
x-xss-protection: 0
last-modified: Fri, 29 Jul 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 10 Aug 2023 13:08:52 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9BD9 0
0 104ms
103ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220808&jk=1939545278357626&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 597A 0
127 B 57ms
56ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:45:29 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 08B9 0
10 B 54ms
53ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gzOjKw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 02:45:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 04A7 42 B
64 B 88ms
88ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstDmLUYfXj0ENlRCsRBhIdsNKaRwTPH_XBcK7rzaumOXIEGk50lsqQDDrIT0LtFOJx6A-jYEyndMpRMucZCDh8bFeg&sig=Cg0ArKJSzGRntFj9CbFcEAE&id=lidar2&mcvt=1008&p=0,0,124,1005&mtos=128,811,1008,1124,1240&tos=128,683,197,116,116&v=20220808&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1660185928746&rpt=195&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220808&jk=1939545278357626&bg=!UlGlURXNAAZGjrx1Zo47ACkAdvg8WmK71HiQfQDgeApCQN0dxYeLikkXX8JvXmudTzUZkvrgfCjJDwIAAABRUgAAAAJoAQeZAqj6QCO7V46VmNzfB1ItHfIWNBU84soTh-K54OHE_CBpG8WXBGySa3sMKIJC8croz7TGH60Qf2KJ3lJI3TQj-TNiCNmC_nBGuSpBm1lacyx1voZlYVXJjNuMPz0rkjHr_FpYh_DTfd5yF_CyRQIXghNy-ztLoy0LjyfAnnb5cQ2_sWXYJAfmuJAG-Ia1PZoYvYxM1PPYynGf0CdAm1q5iBCBG42NeLMJSHOSkxo5yk62FCYegecy31b_TXj8bWXFOj3wCj94FDQx1mTlzz7wmM37FsK7kaF0KE9T3kwjOhoMwlf7imibsKmcOQpQcZneKxCOwnoTQT07Nhj36pLavEZkBAfJh5pKMQW-tg4aFk-S090TSKGRjLbefQ22T1S76ZSv8i75iDTvyPJBA3XsGHC4aJqU-YrGQVFx-4GWPv7ykVDhGCcVwtLroGPAydHbL4p6FjyyMKN14jmVabSm3bu_vbVQyQ8zC83oKwqdoaGR84pcjtlMPRrS8c1VRed9nN2C03S9xuHPKobE8Hqn-v5KqF90wuY-E4fHbGlIXV_7c4ZbX7OVYj1ziPkCgMGQCmRIm9brSiDQVglUwd0Ht3fmfvUI2DGlwZxkxt5Kfdycef-YWi8Vlr0jOp5_3gcDqE-xR0Buqp29WauryV1S66QejeZjcscHBqsVLzqMwb7KblbbmwJ6g--goXOKAQtcKKA_LLBit0n8qsTEltF9kteQ9VxPLXU4qWHCVSPH8Lhvichg0gsBxp52WafA91BxZOS3w1XJjoUr4SCPBNJJLE2eTMwekozSKkUiU7ZZ08OJRiIgbUASbUvKrweyjatkDIPReo86g9272WoxcfTGj36aOosWQwlGYKRIFFRjVuQvd5xdC2JmGwm-MkUZogiGVKXCsZkxeEeBBQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 9C38 0
127 B 57ms
56ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 11 Aug 2022 02:45:30 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 170ms
61ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RGJRK45Q0D&gtm=2oe880&_p=820306952&cid=1270722294.1660185927&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1660185927&sct=1&seg=0&dl=https%3A%2F%2Fukr-mova.in.ua%2F&dt=%D0%9B%D0%B5%D0%BF%D0%B5%D1%82%D1%83%D0%BD%20%D0%B4%D0%BE%D0%BF%D0%BE%D0%BC%D0%BE%D0%B6%D0%B5%20%D0%B2%D0%B0%D0%BC%20%D0%B2%D0%B8%D0%B2%D1%87%D0%B8%D1%82%D0%B8%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%83%20%D0%BC%D0%BE%D0%B2%D1%83%20%D1%88%D0%B2%D0%B8%D0%B4%D0%BA%D0%BE%20%D1%96%20%D0%B2%D0%B5%D1%81%D0%B5%D0%BB%D0%BE%20%7C%20%D0%9C%D0%BE%D0%B2%D0%B0%20%E2%80%93%20%D0%94%D0%9D%D0%9A%20%D0%BD%D0%B0%D1%86%D1%96%D1%97&en=scroll&epn.percent_scrolled=90&_et=5
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RGJRK45Q0D
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ukr-mova.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 02:45:32 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ukr-mova.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
ukr-mova.in.ua/	1970-01-20 14:45:45	Name: PHPSESSID Value: 4329e0b2db076c9c77a79caf3f25385a
.ukr-mova.in.ua/	1970-01-20 14:45:45	Name: _ga_RGJRK45Q0D Value: GS1.1.1660185927.1.0.1660185927.0
.ukr-mova.in.ua/	1970-01-20 14:45:45	Name: _ga Value: GA1.1.1270722294.1660185927
ukr-mova.in.ua/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1660185928216%2C%22visitNumber%22%3A1%7D
ukr-mova.in.ua/	1970-01-20 13:55:21	Name: pnespsdk_visitor Value: 91aiwpf1vm5d8wpn
.ukr-mova.in.ua/	1970-01-20 14:31:21	Name: __gads Value: ID=461810e3b88a9c08-22c12dd8edcd00c4:T=1660185928:RT=1660185928:S=ALNI_Ma6l2Zb__K_TJvayaDG4_SLZgE37Q
.piano.io/	1970-01-20 05:09:47	Name: __cf_bm Value: tmXJLky8POQ.M3FWU3bDAKqxELbkFfI.hUS_D0tCLqM-1660185928-0-ASCnArTM1R/YcBL1XLzE12Ac+cNz395rYnH4JXDdEqu6ib/OQe8fmgUyEjVbM7wrr4XVk/ZLDOVBaqjhcPipw4k=
.doubleclick.net/	1970-01-20 14:31:21	Name: IDE Value: AHWqTUkFN2n-3-A4QZan9m1xu6YBhkOw9F-kIHzS8LsqU9yjtjj1fahGfasm0ARlxeo
.doubleclick.net/	1970-01-20 05:09:49	Name: DSID Value: NO_DATA

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	error	URL: https://ukr-mova.in.ua/ Message: Chrome currently does not support the Push API in incognito mode (https://crbug.com/401439). There is deliberately no way to feature-detect this, since incognito mode needs to be undetectable by websites.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6503488954991490&output=html&h=280&slotname=8023903966&adk=829229000&adf=683863926&pi=t.ma~as.8023903966&w=1124&fwrn=4&fwrnh=100&lmt=1660185928&rafmt=1&psa=0&format=1124x280&url=https%3A%2F%2Fukr-mova.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1660185927705&bpp=2&bdt=596&idt=325&shv=r20220808&mjsv=m202208040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5908460104185&frm=20&pv=1&ga_vid=1270722294.1660185927&ga_sid=1660185928&ga_hid=820306952&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=238&ady=10&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44763506%2C44761792%2C31067826&oid=2&pvsid=1939545278357626&tmod=528242302&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=gyuuJgRmMo&p=https%3A//ukr-mova.in.ua&dtd=330 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adrta.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
apis.google.com
cat.nl.eu.criteo.com
code.jquery.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
googleads.g.doubleclick.net
ipds.adrta.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
region1.google-analytics.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
sandbox-api-esp.piano.io
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
ukr-mova.in.ua
www.facebook.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.186.162
178.250.0.139
178.250.0.162
178.250.2.148
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
2600:9000:223c:5e00:1e:a43d:b640:93a1
2606:4700::6810:2a41
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:810::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:7a60:0:1054::1
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a03:2880:f007:8:face:b00c:0:1
2a03:2880:f107:83:face:b00c:0:25de
34.195.38.194
02328d4b6141e1039c83a00e7c520c56aefaac1b83f672f88169c3676aa2f865
025d6947e5924707bf0315200f65bd967680ba42e5c8e6b6948fa9405ccdf9d8
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c3b4742a2f051d5b4563017922c6a5a812a94176b935ec0ef0e7692310b6561
11237bed4d1fa875bf345142d50731137039190b47aa457efd5c6c0aeec93755
1361b5e594568f2f6182216c45cff802af823190f3106b82820007e54a7c5770
1438f25896068663f848fdb2c7bc8bc4efdacc23fab9ca491461cbc1a7b6466a
1455e74c849c5515236b13c11686c0ab1a42b7a7457c675e498b465387d27a5b
1492f13f86dec17d82703c69f04876ac6d2eb57f331b8319076590cef2d6a4ec
16d93c65e24944f1e99a7941b083c17d16040dd30aa4ff43b1275cd5285b7d33
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a9fc41a0e356987fe32c9ada7bd7fcd26b21436d18e94229d1b58f4cef50a7
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1a642d998a7bb9a6451c45ec09b036fd3e9a9503a50543aff9d662abe3ef98ca
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1b6fa723806d220c25210375a516f78077d39bfbdf393aaffeb393afec9dcb01
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
23b62c9bd306043c81367161071aa27949409256cff8a85045502592a2fa4376
2621c3b570bb8aef89aa21145cbe81fa192e339d269ca1da12d653cbddcc3bed
2b42f8e45feda368274a55106b7160fa7203de3e209e1cea0121fca6405ec797
2fb61125a902c8a1609a609a8f13e2fdd9c4d68c340466130d9f47eabc663555
313c92b6eab9e17856119beb0a1790ca754193d91c1e4e2ead32b8e976cc0a95
323e72bcc317bd42257844c45b1631b698ee06f75eed96b1bd6538ad10fb2052
32c6350e7fe7ffbdec82903dcfa6ecde66ca3a41eeda310457256257a69a58a2
33b4f03d738897ec3fe24789b72c8b745fb531bb32c520ec215f7ed99823ed45
3e9b735c5427ba143ec81be5b00b06b5902223a552d6ef8dd6f220351b2600ac
425df823965375faadbd0685af6b4540866f7c6ecf675e0919e37a806b6f6e55
45698cee6ddb267e99fa7694a91ce26750b717760331b6915228a635c2b4ce22
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d45f76226b7ba0438a1f11487b40336495905e4d961b7be0156c289c42cd850
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
546fff1bb0ec12d2f26259f5e7c85eb5d537de5797f36576b0c510a37f53f784
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5aeca3b44d1a071a3a4271a080470f383d077f1c0d1298845266e690449e6607
5b6725689f9ca035bdd1f325690447c2cab1e9a27c39b3a3a6d702ab888236ac
5bab81d6e9b50d4005ae3bff1c1cbad0e52856db8a8af00f21ee1c72f0ef2571
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
5ff4df129472ce117df4b51bb3cd58f6ea514d85a63ff77a5df4c5d20ce5cd2b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62c1857dee37b756c49089ed0d15e32fbd1bae2cf3d581fc924ff695dc206e0d
65b6d60cbfdddcf08b43fa6e48c40e8934285e6426fdcc5b9e5add221df10d52
65f64c32be0b31cf5b3e60f6fe16fe0545e49375c5486490d10da3be8c823184
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72881fc18d040cbefcdf21a2784deb99c9ca201a0e7bd9ce0f243814356aedb1
76e8afd1a54e3c4a9a0e604b4766afe94381eb62ad8bff5b3c641e7a970f0e66
7b045d469c2bfa05c71375e4b89e9b8cdd6b96db206bc233ca0229b52671718b
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
8a2f253ec609c302adb1b3c7ae3e02520fe888f9b71507e7b9d32fc65d59db12
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f3bcb545333028b45ebf3608187dc6e82547dce571c9405f88076209b9e6365
90532202ccd82df3cbc1db9c4aa50fd85dc2bc50dcbe39f37c36da16889d3009
94dc26972578717e2b66d6e19d4384d3a202ac8f638f5c4f6c795ce2219049c4
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
981e95aa3f1ed16a9669b794883d2c13e4de05ac13d6df1c374bbb3bffad5beb
9e919e172348a1495c1a1aae092525c23364469ec6b663b8b36706c34114e93a
9fdc13189ace49bfcaf1cedffaec9e88aba48b26210730af49cd1893f270ac98
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a21f2c87fdaa803b3f6b750d7131ead9732d9214d1c555b873dfd5ff02d2001d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6b2b25a142371787833c80f00e0dd0f1fd3b680b56fb7bc18b8af9de6fbbb80
a71f0780c5ab66bcb4601f96e60315a177b67c3a7f241660dbe5b9292d244148
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ad118ef2963bf326fac31ad81d3aea7efd26a2c9027eafa4bfd18b09f13fd687
b5e5c5a378ee4fa9b338c69434dc4b624749b170c0a09bbe8d8c1d14e2391335
b6c8ddc9a9c7e27fbae41d1a1f375f003293c8768f17a5a8cf71c69fb91bd029
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c13e876d66cdc4f142af20709dcb671be36ab51e8b9e45e3632672a611f11fbb
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c316d6d358f31acc381a8e2e9f393030a3c36e5a8c8f8ccf1eb785179d387d02
c7e8e00881d1c861282dfedc25dab47cb9140df10ad6221367451780907e47fb
d14344dba462f8e66fdee868f6bbf7fa18dce506c91856d3d30a3d332af5d6aa
d151abaa7946d205cc769fd84d0acaeec4b759872dc714b237435f10ece11d35
dc30e851a3d3597fb99c62f670fea0fce21323a342743affc724ca422a585d07
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
dec02000effb475b67302569444c69f36700bdaad525f95956a2ba3873361f6d
dfafb3754fac3da8becfd248f7142dc0cdcb641b75a19ffbc828519b5509eb5d
e29ffeda170cb0752b062928f22de04adc1c9177706f50b9c6a9c96dc706bf61
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b58a351151e4da3ebfac8c923fc7c19c7bbbd6696d716a2f3465bf869f1138
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
ebbc9c5f62caef01c11dd139d367fc7d9def5efee0fed2692a8c0cbf4ca8b846
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
effcad204a585a977b5cdecac60c6f1c01bdabed4c8e8500d44a5c5961f144a9
faf82bdf4232c3b4b2e84f909652553508b656cd578b2160415e6bd8afbe7bbb
fd9abc866479138018002b892027bfaf3fa51047dd604e50ae847835c063a75b
fee14c83de65cdc8454d15449343630a593fffaec3666fc71489d1f03a62f520

ukr-mova.in.ua Open in urlscan Pro 2a00:7a60:0:1054::1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

157 Requests

99 %HTTPS

81 %IPv6

19 Domains

28 Subdomains

27 IPs

6 Countries

2002 kBTransfer

4630 kBSize

9 Cookies

5 Outgoing links

Page URL History

Redirected requests

157 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ukr-mova.in.ua Open in urlscan Pro
2a00:7a60:0:1054::1 Public Scan

Screenshot
Live screenshot

Full Image

157
Requests

99 %
HTTPS

81 %
IPv6

19
Domains

28
Subdomains

27
IPs

6
Countries

2002 kB
Transfer

4630 kB
Size

9
Cookies

157 HTTP transactions
3 data transactions