way2self.in.ua Open in urlscan Pro
2a03:f480:1:26::70 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://way2self.in.ua/
Submission: On March 16 via api (March 16th 2022, 7:53:29 am UTC) from GB — Scanned from GB

Summary HTTP 188 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 42 IPs in 10 countries across 35 domains to perform 188 HTTP transactions. The main IP is 2a03:f480:1:26::70, located in Estonia and belongs to PAGM-AS, EE. The main domain is way2self.in.ua.

This is the only time way2self.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a03:f480:1:2... 2a03:f480:1:26::70	198068 (PAGM-AS) (PAGM-AS)
7	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
7	62.76.25.28 62.76.25.28	61400 (NETRACK-AS) (NETRACK-AS)
12 24	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
1	185.230.90.30 185.230.90.30	56485 (THEHOST-AS) (THEHOST-AS)
1	92.223.84.84 92.223.84.84	199524 (GCORE) (GCORE)
1	185.233.39.242 185.233.39.242	200000 (UKRAINE-AS) (UKRAINE-AS)
1 2	2606:4700:303... 2606:4700:3035::6815:3460	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.202.113.101 116.202.113.101	24940 (HETZNER-AS) (HETZNER-AS)
1	178.172.137.201 178.172.137.201	12406 (BN-AS Bel...) (BN-AS Belarussian data communication service provider.)
1	2606:4700:303... 2606:4700:3033::ac43:9890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.109.27.135 62.109.27.135	29182 (THEFIRST-AS) (THEFIRST-AS)
1	95.216.99.229 95.216.99.229	24940 (HETZNER-AS) (HETZNER-AS)
1	81.90.181.184 81.90.181.184	50340 (SELECTEL-MSK) (SELECTEL-MSK)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	79.171.117.17 79.171.117.17	64494 (VARITI-AS) (VARITI-AS)
3	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	109.248.237.52 109.248.237.52	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1 3	193.176.1.9 193.176.1.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::11 2a02:2638:1::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
22	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	154.47.36.96 154.47.36.96	174 (COGENT-174) (COGENT-174)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	109.248.237.36 109.248.237.36	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	142.251.36.34 142.251.36.34	15169 (GOOGLE) (GOOGLE)
1	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
188	42

20 2a03:f480:1:26::70 (Estonia)

ASN198068 (PAGM-AS, EE)

way2self.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.way2self.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

pxxifc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.132.202.70 (Germany) 12 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

share.itraffic.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.230.90.30 (Kyiv, Ukraine)

ASN56485 (THEHOST-AS, UA)
PTR: s26.thehost.com.ua

dachnaideya.cx.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.84.84 (Luxembourg)

ASN199524 (GCORE, LU)

img-cdn.tinkoffjournal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.233.39.242 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: vps-37976.vps-default-host.net

bituk.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::6815:3460 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

podosinki.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.podosinki.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.113.101 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.101.113.202.116.clients.your-server.de

coincryptobase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.172.137.201 (Belarus)

ASN12406 (BN-AS Belarussian data communication service provider., BY)
PTR: 178-172-137-201.hosterby.com

sundays.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9890 (United States)

ASN13335 (CLOUDFLARENET, US)

buki-repetitor.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.27.135 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: anndielm.fvds.ru

kliningovyj-raj.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.99.229 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.99.216.95.clients.your-server.de

fainaidea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.90.181.184 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host-11f4a573.hostiman.com

tekhnotop.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)

leokross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.52 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

s.luxadv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.176.1.9 (Düsseldorf, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ip.stat.zevshost.net

100widgets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 154.47.36.96 (United States) 1 redirects

ASN174 (COGENT-174, US)

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 109.248.237.36 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

luxadv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.36.34 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams17s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.37 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

gmp.luxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	448 KB
31	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 csm.eu.criteo.net — Cisco Umbrella Rank: 7422 pix.eu.criteo.net — Cisco Umbrella Rank: 7328	193 KB
24	itraffic.su 12 redirects share.itraffic.su	11 KB
20	way2self.in.ua way2self.in.ua www.way2self.in.ua	578 KB
16	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	136 KB
9	gstatic.com www.gstatic.com fonts.gstatic.com	278 KB
7	yandex.ru 3 redirects informer.yandex.ru — Cisco Umbrella Rank: 54951 mc.yandex.ru — Cisco Umbrella Rank: 2926	5 KB
7	pxxifc.com pxxifc.com	132 KB
7	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	6 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9430	60 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	178 KB
4	luxadv.com s.luxadv.com — Cisco Umbrella Rank: 820599 luxadv.com — Cisco Umbrella Rank: 799015	35 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
3	100widgets.com 1 redirects 100widgets.com — Cisco Umbrella Rank: 199810	1 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 19319	711 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	82 KB
2	podosinki.su 1 redirects podosinki.su www.podosinki.su	39 KB
1	luxcdn.com gmp.luxcdn.com — Cisco Umbrella Rank: 764690
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 161831	413 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	58 KB
1	leokross.com leokross.com — Cisco Umbrella Rank: 394444
1	tekhnotop.ru tekhnotop.ru	30 KB
1	fainaidea.com fainaidea.com	39 KB
1	kliningovyj-raj.ru kliningovyj-raj.ru	64 KB
1	buki-repetitor.ru buki-repetitor.ru	58 KB
1	sundays.by sundays.by	71 KB
1	coincryptobase.com coincryptobase.com	24 KB
1	bituk.media bituk.media	82 KB
1	tinkoffjournal.ru img-cdn.tinkoffjournal.ru — Cisco Umbrella Rank: 616131	134 KB
1	cx.ua dachnaideya.cx.ua	65 KB
0	recreativ.ru Failed track.recreativ.ru Failed
188	35

	Domain	Requested by
24	share.itraffic.su	12 redirects way2self.in.ua
22	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
19	way2self.in.ua	way2self.in.ua
14	static.criteo.net	ads.eu.criteo.com
14	googleads.g.doubleclick.net	pagead2.googlesyndication.com way2self.in.ua googleads.g.doubleclick.net
14	pagead2.googlesyndication.com	way2self.in.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
13	pix.eu.criteo.net	ads.eu.criteo.com
7	pxxifc.com	way2self.in.ua pxxifc.com
7	fonts.googleapis.com	way2self.in.ua googleads.g.doubleclick.net cdnjs.cloudflare.com
6	mc.yandex.ru	3 redirects way2self.in.ua
6	fonts.gstatic.com	fonts.googleapis.com
5	www.googletagservices.com	googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	www.google.com	1 redirects way2self.in.ua googleads.g.doubleclick.net tpc.googlesyndication.com
3	luxadv.com	s.luxadv.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	100widgets.com	1 redirects way2self.in.ua 100widgets.com
3	www.gstatic.com	www.google.com googleads.g.doubleclick.net
2	cm.g.doubleclick.net	2 redirects
2	mc.webvisor.org	1 redirects way2self.in.ua
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.fr.eu.criteo.com	way2self.in.ua googleads.g.doubleclick.net
2	www.google-analytics.com	way2self.in.ua www.google-analytics.com
2	connect.facebook.net	way2self.in.ua connect.facebook.net
1	gmp.luxcdn.com	way2self.in.ua
1	adlmerge.com	s.luxadv.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.luxadv.com	way2self.in.ua
1	cdn.jsdelivr.net	way2self.in.ua
1	leokross.com	way2self.in.ua
1	informer.yandex.ru	way2self.in.ua
1	www.way2self.in.ua	way2self.in.ua
1	tekhnotop.ru	way2self.in.ua
1	fainaidea.com	way2self.in.ua
1	kliningovyj-raj.ru	way2self.in.ua
1	buki-repetitor.ru	way2self.in.ua
1	sundays.by	way2self.in.ua
1	coincryptobase.com	way2self.in.ua
1	www.podosinki.su	way2self.in.ua
1	podosinki.su	1 redirects
1	bituk.media	way2self.in.ua
1	img-cdn.tinkoffjournal.ru	way2self.in.ua
1	dachnaideya.cx.ua	way2self.in.ua
0	track.recreativ.ru Failed	way2self.in.ua
188	47

This site contains links to these domains. Also see Links.

Domain
www.way2self.in.ua
designprof.com.ua
annaputyatina.ru
vulkancasino.ua
uden-s.org
futbolok.net.ua
feeds.feedburner.com
luckyads.pro
pxxifc.com
metrika.yandex.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
dachnaideya.cx.ua R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.tinkoffjournal.ru Thawte RSA CA 2018	`2021-08-31` - `2022-08-31`	a year	crt.sh
way2self.in.ua R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh
bituk.media R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
coincryptobase.com Thawte RSA CA 2018	`2021-06-26` - `2022-07-10`	a year	crt.sh
sundays.by RapidSSL RSA CA 2018	`2020-04-30` - `2022-04-30`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-22` - `2022-06-21`	a year	crt.sh
kliningovyj-raj.ru R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
fainaidea.com fainaidea.com	`2022-03-12` - `2023-03-11`	a year	crt.sh
tekhnotop.ru R3	`2022-03-12` - `2022-06-10`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-23` - `2022-03-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
100widgets.com R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh

This page contains 18 frames:

Primary Page: http://way2self.in.ua/
Frame ID: 6C039D8829E1D61542E762364F4E68CF
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html
Frame ID: 6F16C84445F20A30BCEF52A3526FD7D1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&adk=1812271804&adf=3025194257&lmt=1647415686&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=http%3A%2F%2Fway2self.in.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1647417202808&bpp=2&bdt=638&idt=178&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4095755563836&frm=20&pv=2&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=192
Frame ID: A0DFD29231AA6B304EB733A946B80723
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210
Frame ID: 62DC3D20EDFA85AF0802A20191633CCB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=3376076128&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202813&bpp=1&bdt=644&idt=228&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=6691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ga02jM6brJ&p=http%3A//way2self.in.ua&dtd=231
Frame ID: 3FD7F7580D6A8F4AC190B858D9F353A4
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647417202813&bpp=1&bdt=644&idt=236&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=8YliiC21WV&p=http%3A//way2self.in.ua&dtd=237
Frame ID: B7CE2001B04FB2A0F8CDB6E206E21029
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647417202814&bpp=1&bdt=644&idt=245&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PJp4MgOdbW&p=http%3A//way2self.in.ua&dtd=247
Frame ID: D5A53FE16DE6B85C9DA156B4CAD5DB84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CpIWmc5cxYpO3B9S5YdKiltgNyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEtgFP0O3dxHyo4BthHHNr0yGJNan7Pud5qupUEzt-YcAx_H__JlxZSkCPfS7khFdpsnMkVtCMO9DVqIxc2ayiuVYG2qIYgmGdg1WRSWX5zzqRR00bvstyuvdo7SJr0WGeMwLlVqbFezpBmXWE25IHEq24LzUN8uhyRdWUWhSnlLXpTzp-FZpJkJmOdkTdINS-BpHTDHLcM7X-lkM-Nm1qgwtrUhc-Bo1OPX6xNXLj_FNwx04QQ8UHd4AG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=yJSvfr6j0lI&uach_m=[UACH]&cid=CAQSGwCNIrLMwZRhjSSudRWebIsD-64PvYvaQHsoJRgB
Frame ID: E6DCA51603ECC3A79F59925F8EBCF808
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGXcwAB25MKGFzUAAWRUlV_ul5ckYucS_eu0A&u=%7CjknDVb4xqJT4gj9xDFloA3hp7N9YZZJaUEYFOwNXjX0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsfk6rNy33hnOjOX7BUoUIDqOMM0GgL83epX5KgbcGvKrEGYA1OjwMQ5HuZQjPyuOgfOAFdKvI0L34YlLkU8ATEfZlwVtpJMTg-O2jpziq5icQIc4FJGvehNpMa76OrsW3A-f1DBJ7qgNrHCVYTKemiYo00HMRhQdR_12Bxh0laYxNZ_z0gtpAqfDsJlUOO6O73F6tiMcSv9OBMlU1EtJ93TVM9YaMzZjJuhbeW0lBm9Uu28V-56X9cbedECVx-7Tth0Skw_DBfflrFwzyxt3uFArDv_kUIWWue6bvE0fVhsd66RtBGWJhczYRAvKqgZ3U5kYLiuzpIVJpF-_9P5hqMpIMoJLXNE3bb4WWX_MvX7QekikDlLzHQEAfqs9r_GUBu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP9sIc5cxYpO3B9S5YdKiltgNyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEuQFP0O3dxHyo4BthHHNr0yGJNan7Pud5qupUEzt-YcAx_H__JlxZSkCPfS7khFdpsnMkVtCMO9DVqIxc2ayiuVYG2qIYgmGdg1WRSWX5zzqRR00bvstyuvdo7SJr0WGeMwLlVqbFezpBmXWE25IHEq24LzUN8uhyRdWUWhSnlLXpTzp-FZpJkJmOdkTdINS-BpGRDlNOtDpihfyiIs66vq2TWwM0sIdgJfwF_U9FDuxu61aV6UEUyEedzIAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3JvefxLyfBf-YjtqR7oZs6IahGLQ%26client%3Dca-pub-5667294504565912%26adurl%3D
Frame ID: DCEEC185BC295A5CB0991CF183BA9808
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=576&adk=3863261036&adf=3553832554&pi=t.aa~a.1376283375~rp.4&w=881&lmt=1647415686&nsk=ad52484e&rafmt=11&pwprc=5291598837&psa=1&ad_type=text_image&format=881x576&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&pra=3&wgl=1&fa=26&dt=1647417203510&bpp=1&bdt=1340&idt=1&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=zupKL72FIe&p=http%3A//way2self.in.ua&dtd=11
Frame ID: 86FBFCEBC5D184388ABBED347763850A
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1
Frame ID: FD0921439D03811ED931AB56F7CB3439
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGXcwAB5FQKGA8KAAwsWOMwT8iKqas5-OYPsQ&u=%7CjknDVb4xqJSkQRnVFNJcxLrq5Ht7i3CjOcAJv2lUssA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsf_cABLeKzTC-1BU02EsbSCtHZgvITaXE_bS--RvHQFo_Mj1JTiznRda7usUJKoMQeNNgC5qgz1XtkVJNHNckkYK60uSoFrXroMB9SLKc0l_8aUrvvT9ElDoNjz8PwEmeUIRvbAcpP3PpAnoYE1NcwDcV8-gx4zAgrEk3Zt7-UmrPVG272s5qCZ9iay6n34Ra1NePj92paTuSC1R5NW7u5CH7kJ2uT_hVvf17TfQL0YbzvSPkL6ZiiXwqskGtaibcDU3zCLddNhzNea74enyi3ng0Hh8uNezPOnIk6IoiqShAWrzQmXIK6OgGbjhIuZD-tyE0yw3maXetM107sk3_7sGPSauYXUUqzMccRF18Z24sXD0V8b1BBAvy1Fyb4TasZo3FYu-E91ybZAtjQptKY0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_u9Yc5cxYtTIB4qeYNjYsDjJntKxXPXalvdwwI23ARABIABglQKCARdjYS1wdWItNTY2NzI5NDUwNDU2NTkxMqAB1bbS6gPIAQmpAs-oIhDpZbI-qAMBqgS4AU_QCxVF3RXjvR5u_cnSXfEVvg8CBPYWTwGa2ARfcRGrzr_8yXiebLmhIw2LcA08gphPWyTw1pdmIDp48O1hFTi3q1oe6Fu85ohxRnFr0bLHsZ6OUsIpXEilIIY-kFMYzQfneiu2Lg0TJ3wJPU1TEQduqIiucxrVuR5G9pdQ6NbjQm_u53lRP3yLDv3A8gBticU44SElJSy5Ti0M9-gpRH1RMPZ5JnwqnhCOTfMR1ZWvCAz2gc8-tnaABsOj3oGygpW3RqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ZVyC6-KvRCcMpwHhwf3nTM1E8Fg%26client%3Dca-pub-5667294504565912%26adurl%3D
Frame ID: C4CE11712592D6395469B685465A80FF
Requests: 28 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js
Frame ID: 8FE489D1FB35D13D9B40345CE8B032A0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js
Frame ID: F68002E97744D2664A58FB77A00BF16F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3E9D82092BED603D50D394074E9D5376
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js
Frame ID: 3E7B9B0A538B2DA60C3084F1371D3FDE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 778A2A457A2DAF07D8048BE0FD556C3D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A69874D0AE836E38DBFDDA9A2372ADBF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Путь к истинной себе

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

188
Requests

69 %
HTTPS

48 %
IPv6

35
Domains

47
Subdomains

42
IPs

10
Countries

2841 kB
Transfer

5338 kB
Size

23
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.way2self.in.ua/
Title: Главная

Search URL Search Domain Scan URL

URL: https://designprof.com.ua/ru/uslugi/proekt-pod-klyuch/
Title: https://designprof.com.ua/ru/uslugi/proekt-pod-klyuch

Search URL Search Domain Scan URL

URL: https://annaputyatina.ru/uslugi/psiholog-konfliktolog-dlya-biznesa/
Title: услугами бизнес-психолога.

Search URL Search Domain Scan URL

URL: https://vulkancasino.ua/ru/category/allgames
Title: https://vulkancasino.ua/ru/category/allgames

Search URL Search Domain Scan URL

URL: https://uden-s.org/
Title: обогреватель

Search URL Search Domain Scan URL

URL: https://futbolok.net.ua/
Title: https://futbolok.net.ua/

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/way2self

Search URL Search Domain Scan URL

URL: http://luckyads.pro/?utm_source=websites&utm_medium=teasers&utm_content=logo

Search URL Search Domain Scan URL

URL: https://pxxifc.com/v4/click?media=428872&c=mAY-HV1KlKW2EVSxneGbdaD2SGlsOYaaiSYroMkWSYXlfMNJMp77QjqufhbIqi0hnNFIBHgpv12qi8OygQsm-jSCSgz6MVePzg-p3pMrDwp81NFmxb19In1O_xkG-ba7YOHM9C83z8O24j6lTVTpq_AHOCfWX4xSHRnH0VUZ8xpovJdIuHigK8Ax41QxTC60K5TuQ_Dw8hD8LHz5rCuQjgEzD4xxiEHARS3jP9hUOYhbR8qL1F7pNFH8slrmdmAnnOIxFLuc1licSXJvmWKKwRoC4lXCTZBN_kjMtqkl8MfqtTIyi9ojegeLjqp4XQyTzUyXqEdVzFYS8y864mj8qtbGzPa2POGCQ_H3N36fesokp5fiEiApVn0oSANWBITdrpYrY-Gekliy-OCvhsfj7VyHkYHWvYLhFyBB-J-nj7uMLhaiIH9JQbKNwwLc57LnYXgjJirWCCWKiklt0zjzD-Wm6ayO0RcGFHmf4QEfNzFISMwAGSaXWs68qSVN_nXg6nvQGhfFl-hme1WnKDhyixb8JUqyf5NJH86v1-xl
Title: 6 часов 40 минут назад Паразиты вылезут роем, а папилломы отпадут разом, для этого нужно добавить в воду две обычных... Читать далее 482 118 332

Search URL Search Domain Scan URL

URL: https://pxxifc.com/v4/click?media=428871&c=mAY-HA4_GbWMSS1YC2lg95fvREjrPZaXt9nBO-y2EAfZDrQeA6bGpMYljuK-7jfnxR1rl9qxWw1GJUlivsJHe0P3DpZUuwUbhAzztyFRnSkoMPvVW3DfoPOiFySugRRDnGt1CR_d79PvDtpIK8H08tvdSF3pG1C6eQexOGPlFSI3s150d5BqKccIbIRGDe1nlWiYNYxcRWYgitEjkm8D16w_r4iggx4CTlVbd6L4azz6vNLInhyL-eYhdltOskrYdkHt2cD0IJrevUdCn-Lkzh69cHljIAKA0tfGgz-0yz35kpPoHr6Q7qHaXFXH49EtaGPMhNUCKTdLHb-zNu00Yo1FzEIUhZmTReVYk8C9V7Tnm-PodM5WBhv4wIRQXhj3ZcslYd0CIlI4w9szO_b6eixFQE3EkJmbtMUuyBSXQYnUotJunSU-uDvJuAFIRMyIZdeavo-oxXiO2Mzsr0HZ-iEQPzkALlXSax3ZnU6HYznZAQBvubTv8hdFB1hmgHDqElxzBgWUXh4LFy41Eo7ZH0jTQIaVsXCUwgNd5cF7
Title: 9 часов 51 минут назад Почему аптеки молчат? За ночь из вас выйдет целый ком паразитов, если выпить залпом дешевый ... Читать далее 394 173 107

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=33112108&from=informer

Search URL Search Domain Scan URL

URL: http://www.way2self.in.ua/politika-konfidentsialnosti
Title: Узнать подробности

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1

Request Chain 22

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1

Request Chain 24

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1

Request Chain 26

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1

Request Chain 28

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1

Request Chain 29

https://podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg HTTP 301
http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg

Request Chain 30

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1

Request Chain 32

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1

Request Chain 34

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1

Request Chain 36

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1

Request Chain 38

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1

Request Chain 40

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1

Request Chain 42

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1

Request Chain 51

http://connect.facebook.net/ru_RU/sdk.js HTTP 307
https://connect.facebook.net/ru_RU/sdk.js

Request Chain 53

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 63

http://100widgets.com/js_data.php?id=278 HTTP 301
https://100widgets.com/js_data.php?id=278

Request Chain 88

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A144445799927%3Ahid%3A194702864%3Az%3A0%3Ai%3A20220316075323%3Aet%3A1647417204%3Ac%3A1%3Arn%3A652673160%3Arqn%3A1%3Au%3A1647417204991747448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647417201938%3Ads%3A49%2C85%2C95%2C86%2C0%2C0%2C%2C387%2C11%2C%2C%2C%2C703%3Aco%3A0%3Ast%3A1647417204&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A144445799927%3Ahid%3A194702864%3Az%3A0%3Ai%3A20220316075323%3Aet%3A1647417204%3Ac%3A1%3Arn%3A652673160%3Arqn%3A1%3Au%3A1647417204991747448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647417201938%3Ads%3A49%2C85%2C95%2C86%2C0%2C0%2C%2C387%2C11%2C%2C%2C%2C703%3Aco%3A0%3Ast%3A1647417204&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 89

https://mc.yandex.ru/watch/33112108?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A495284593138%3Ahid%3A194702864%3Az%3A0%3Ai%3A20220316075323%3Aet%3A1647417204%3Ac%3A1%3Arn%3A210533161%3Arqn%3A1%3Au%3A1647417204991747448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647417201938%3Ads%3A49%2C85%2C95%2C86%2C0%2C0%2C%2C387%2C11%2C%2C%2C%2C703%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647417204%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A495284593138%3Ahid%3A194702864%3Az%3A0%3Ai%3A20220316075323%3Aet%3A1647417204%3Ac%3A1%3Arn%3A210533161%3Arqn%3A1%3Au%3A1647417204991747448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647417201938%3Ads%3A49%2C85%2C95%2C86%2C0%2C0%2C%2C387%2C11%2C%2C%2C%2C703%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647417204%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 128

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9579.E0zbcZ2Huj1LhzCPUG5dp5wcUOfKb0ZCSeDoCpVafp1JOxJMlJcyUhecxnyGH0px.kIEmT9T8C8YamvOBhe5v-jLuum4%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9579.XzIOK0e2O_DrlnlGouDMp-XRCkJA4Bn052czDAuFjqHiRigdXHYCAMSof9PJV5PgAM0jHU2PQ8b9wATDGr5tQoo8SEyn1Nv9t3XVMjmmIvw%2C.2Uo06E1EEXEpDhUWspN1T-Wc364%2C

Request Chain 167

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 177

http://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm&psid=7075603014602404577&google_hm=NzA3NTYwMzAxNDYwMjQwNDU3Nw&_lxrnd_=720476421 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm=&psid=7075603014602404577&google_hm=NzA3NTYwMzAxNDYwMjQwNDU3Nw&_lxrnd_=720476421&psid=7075603014602404577&_lxrnd_=720476421 HTTP 302
https://gmp.luxcdn.com/tr/?psid=7075603014602404577&_lxrnd_=720476421&psid=7075603014602404577&_lxrnd_=720476421&google_gid=CAESEN4qcRE1pbO-YMZp-GFJsOc&google_cver=1

188 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
way2self.in.ua/ 95 KB
22 KB 229ms
95ms Document
text/html 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 5c8af399a12f28c36938648be0431364025c6ebc9b1cf71e9f2db60916c65e9a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Server: nginx/1.16.1
Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 22375
Connection: keep-alive
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=3, must-revalidate
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2022 07:28:06 GMT

GET
H/1.1 200
OK styles.css
way2self.in.ua/wp-content/plugins/contact-form-7/includes/css/ 1 KB
761 B 153ms
85ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:53:00 GMT
Server: nginx/1.16.1
ETag: W/"5e15fadc-44f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK cli-style.css
way2self.in.ua/wp-content/plugins/cookie-law-info/css/ 2 KB
948 B 166ms
83ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/cookie-law-info/css/cli-style.css?ver=1.5.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e54b12f091001a29558f0c4c6e33fe512f71ba0215fc6630f6afc159f2ba40a1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:46 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbfa-8ca"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK wpfront-scroll-top.css
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/css/ 113 B
365 B 166ms
84ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.css?ver=1.4.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4ea65470b3930c46d36c89f4f3db45b677fb3c15b820de53959ce66ad4112d59

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:26 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbe6-71"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK quads.css
way2self.in.ua/wp-content/plugins/quick-adsense-reloaded/assets/css/ 218 B
432 B 167ms
84ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/quick-adsense-reloaded/assets/css/quads.css?ver=1.4.7
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ee98562eed7d7a378016b2d3f26f8dd8242440049855b277341248a0b42e5291

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:53:05 GMT
Server: nginx/1.16.1
ETag: W/"5e15fae1-da"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
way2self.in.ua/wp-content/themes/smartline-lite/ 43 KB
11 KB 170ms
86ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/style.css?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b91d3b081a858473f2923c4a8e4a3ec66216b151194ded0cc4fc3b12a94e53ad

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 16:08:45 GMT
Server: nginx/1.16.1
ETag: W/"5ebaca0d-abb6"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK genericons.css
way2self.in.ua/wp-content/themes/smartline-lite/css/genericons/ 27 KB
17 KB 171ms
87ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/css/genericons/genericons.css?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 041d0bfd5e5587f4e66e409ad9205d2ed8ead9582e3afb98611044380816108e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:27:57 GMT
Server: nginx/1.16.1
ETag: W/"5e16030d-6c59"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK css
fonts.googleapis.com/ 5 KB
1 KB 117ms
63ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

734944665ce14cd73676823ba2f40328031c9e1d3f118b2efb8e8d9e3cde7df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Wed, 16 Mar 2022 07:53:22 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 16 Mar 2022 07:53:22 GMT

GET
H/1.1 200
OK jquery.js Show response
way2self.in.ua/wp-includes/js/jquery/ 94 KB
38 KB 239ms
87ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-includes/js/jquery/jquery.js?ver=1.11.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:29:16 GMT
Server: nginx/1.16.1
ETag: W/"5e16035c-176e9"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate.min.js Show response
way2self.in.ua/wp-includes/js/jquery/ 7 KB
3 KB 250ms
83ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:29:16 GMT
Server: nginx/1.16.1
ETag: W/"5e16035c-1c20"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK cookielawinfo.js Show response
way2self.in.ua/wp-content/plugins/cookie-law-info/js/ 7 KB
2 KB 250ms
83ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/cookie-law-info/js/cookielawinfo.js?ver=1.5.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 17830f4c96e1949e1d48c60c12ce45533ed0276f1310ebc083acc2c59a280af3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:45 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbf9-1cbe"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK wpfront-scroll-top.js Show response
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/js/ 3 KB
1 KB 251ms
83ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.js?ver=1.4.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a5ac529d240812c2725fdb0d65eeb2863c8523a42a9a684068b1620071a9b3af

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:19 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbdf-d6e"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK navigation.js Show response
way2self.in.ua/wp-content/themes/smartline-lite/js/ 4 KB
2 KB 256ms
85ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/js/navigation.js?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 429a39b5d5be375d2ef17c332187e24d6a34dfdc2f3ea1b3d39d892d423e449d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:27:54 GMT
Server: nginx/1.16.1
ETag: W/"5e16030a-f39"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 222ms
98ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a8f0811b2a405ccd7eb97f17a76475f6a21ee3e8d4ae71c70edeb8ed411b7a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53806
x-xss-protection: 0
server: cafe
etag: 4974433918652685428
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 07:53:22 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
53 KB 136ms
77ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62c1d2d7f52a3be9a85805bd51f23876208cff50d4e881419bd3f6ea482d25dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 1192442862506462092
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 53804
X-XSS-Protection: 0
Expires: Wed, 16 Mar 2022 07:53:22 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 181ms
63ms Script
text/javascript 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efe60d3132396e59045e15ed5c74035c98ac27b363af49041b12706746af8b52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Wed, 16 Mar 2022 07:53:22 GMT

GET
H/1.1 200
OK pykwb612g.php Show response
pxxifc.com/1wyl71192vilm0py03h8q/876/vuq876/ 58 KB
19 KB 370ms
90ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/1wyl71192vilm0py03h8q/876/vuq876/pykwb612g.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 10:10:17 GMT
Server: nginx/1.14.2
ETag: "6229ce89-4b07"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19207

GET
H/1.1 200
OK 0y3qh8768uvq876pkyjo.php Show response
pxxifc.com/z7y1l7192lvip0m/ 58 KB
19 KB 370ms
90ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/z7y1l7192lvip0m/0y3qh8768uvq876pkyjo.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 10:10:17 GMT
Server: nginx/1.14.2
ETag: "6229ce89-4b07"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19207

GET
H/1.1 200
OK 768quv678ykpjh.php Show response
pxxifc.com/k1i1l7912/ivl/0mp3y0h8q/ 58 KB
19 KB 371ms
90ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/k1i1l7912/ivl/0mp3y0h8q/768quv678ykpjh.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 10:10:17 GMT
Server: nginx/1.14.2
ETag: "6229ce89-4b07"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19207

GET
H/1.1 200
OK pky7sdz.php Show response
pxxifc.com/ghx1l7/219lvipm0/0y3q8h768vuq/876/ 58 KB
19 KB 373ms
91ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/ghx1l7/219lvipm0/0y3q8h768vuq/876/pky7sdz.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 10:10:17 GMT
Server: nginx/1.14.2
ETag: "6229ce89-4b07"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19207

GET
H/1.1 200
OK logo2-1340-350.jpg
way2self.in.ua/wp-content/uploads/2015/10/ 69 KB
69 KB 87ms
85ms Image
image/jpeg 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/uploads/2015/10/logo2-1340-350.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8572c258d3889163b189d01120b0f12cb115cdab19cc9e278d2b192625cf9fe9

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Last-Modified: Wed, 08 Jan 2020 16:14:55 GMT
Server: nginx/1.16.1
ETag: "5e15ffff-11381"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70529

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1

325 B
529 B

180ms
61ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1
Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 psdpi-678x381.jpg
dachnaideya.cx.ua/wp-content/uploads/2019/10/ 65 KB
65 KB 362ms
167ms Image
image/jpeg 185.230.90.30
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dachnaideya.cx.ua/wp-content/uploads/2019/10/psdpi-678x381.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.230.90.30 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s26.thehost.com.ua
Software: nginx /
Resource Hash: 27008ef6af777bd6183b0d9c556e6a354eb66d5fa6cf3c899a36c34fc0511c6a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:22 GMT
last-modified: Thu, 24 Feb 2022 22:59:41 GMT
server: nginx
accept-ranges: bytes
etag: "62180ddd-1025c"
content-length: 66140
content-type: image/jpeg

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1

325 B
529 B

181ms
61ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 Zw
img-cdn.tinkoffjournal.ru/i/S-cjY9Q2Ct0NcyUocj3rNXrVRZrM2o15-uUt1Fu4x_Y/w:1200/aHR0cHM6Ly9pbWct/Y2RuLnRpbmtvZmZq/b3VybmFsLnJ1Ly0v/bWFpbl9fX195YXpo/cHNpaG9sb2cuYnZ3/Y254NW5uNWdlLmpw/ 133 KB
134 KB 350ms
148ms Image
image/webp 92.223.84.84
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cdn.tinkoffjournal.ru/i/S-cjY9Q2Ct0NcyUocj3rNXrVRZrM2o15-uUt1Fu4x_Y/w:1200/aHR0cHM6Ly9pbWct/Y2RuLnRpbmtvZmZq/b3VybmFsLnJ1Ly0v/bWFpbl9fX195YXpo/cHNpaG9sb2cuYnZ3/Y254NW5uNWdlLmpw/Zw
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.84.84 , Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: db8d470fcb7b5fe2a19a10083ea345b5e9f5e92bf3d62465fac44c73ef703449

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id: m9p-up-gc41
date: Wed, 16 Mar 2022 07:53:22 GMT
server: nginx
x-proxy-cache-status: HIT
etag: 4010c6145daa3bbb837fefc43ab3ef768122390a7f78e74e151edf9c97739643
vary: Accept
content-type: image/webp
cache-control: max-age=157680000
x-envoy-upstream-service-time: 251
content-disposition: inline; filename="main____yazhpsiholog.bvwcnx5nn5ge.webp"
accept-ranges: bytes
content-length: 136650
cache: MISS
x-request-id: 2d76c12c-5ecc-4f93-b3f4-f47c4dfb5088
expires: Mon, 15 Mar 2027 07:53:22 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1

325 B
529 B

181ms
61ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK Screenshot_12.jpg
way2self.in.ua/wp-content/uploads/2022/02/ 284 KB
284 KB 340ms
170ms Image
image/jpeg 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://way2self.in.ua/wp-content/uploads/2022/02/Screenshot_12.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 550ac245106b0935f2d104288a7d91bf63c38cf89e938ccbd19080f3ee22a727

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Last-Modified: Sun, 20 Feb 2022 06:42:13 GMT
Server: nginx/1.16.1
ETag: "6211e2c5-46e71"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290417

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1

325 B
529 B

142ms
59ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK photo_2021-09-19_01-02-50-1024x505.jpg
bituk.media/wp-content/uploads/2021/09/ 81 KB
82 KB 413ms
85ms Image
image/jpeg 185.233.39.242
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bituk.media/wp-content/uploads/2021/09/photo_2021-09-19_01-02-50-1024x505.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.233.39.242 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: vps-37976.vps-default-host.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b3f6c6b1ecd1c79b3289035b660e537b8010d86ae9d5663b93d80019e6061716

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Last-Modified: Sat, 18 Sep 2021 22:02:00 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "144e1-5cc4c327a2600"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 83169

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1

325 B
529 B

59ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

4ef42a42c182f1c8b6c93ba43ead1a45.jpg
www.podosinki.su/wp-content/uploads/4/e/f/
Redirect Chain

https://podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg

38 KB
39 KB

360ms
95ms

Image
image/jpeg

2606:4700:3035::6815:3460
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3035::6815:3460 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5026639059f689fcceeddefe8af1a6e26e5642a0fe1efaf02db641d97ca5b1f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 38811
Last-Modified: Mon, 14 Mar 2022 13:30:30 GMT
Server: cloudflare
ETag: "622f4376-979b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Km4FD95ya5RPyg1CsyWEDJcflPHnQwCFDaC5mzMo7chh8yhFrVz1sBMYI255fKYh3dLjWjn50tzGU5Rq%2B8bn0Zp4hLPBSh2agg1nD3vagV%2BqkADGr26rbcUF%2FX%2BoQupjF1w7p6elQi%2BqpvSIxDAi"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Referer: http://way2self.in.ua/
Accept-Ranges: bytes
CF-RAY: 6ecbea312b2176fb-LHR

Redirect headers

date: Wed, 16 Mar 2022 07:53:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IS2wH%2BHYDRHKLU1WPPK%2BHR3AtXKFul3wmm%2Bo1Ph1tM5h%2FoSc6LJ%2Fyy2hLWYpHayIHbcrQREbesWsBpzdzcJDzyZgXp7fzbRb%2FO9qo2wFDUT805Qo%2Bo9zGTf7%2B7Z%2Bj5YX7piTLmnPBP9Vqng%3D"}],"group":"cf-nel","max_age":604800}
location: http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
cache-control: max-age=3600
cf-ray: 6ecbea2f3b6b4078-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Wed, 16 Mar 2022 08:53:23 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1

325 B
529 B

59ms
59ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
Date: Wed, 16 Mar 2022 07:53:22 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 4(2).jpeg
coincryptobase.com/storage/journal/December2020/ 24 KB
24 KB 198ms
58ms Image
image/jpeg 116.202.113.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coincryptobase.com/storage/journal/December2020/4(2).jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.113.101 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.101.113.202.116.clients.your-server.de
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: a6acbcf8b6f128cd689868adc2787451f6114be57992ace33b325235ba24d207

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Thu, 17 Dec 2020 12:24:36 GMT
server: nginx/1.16.1 (Ubuntu)
etag: "5fdb4e04-5e63"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24163
expires: Thu, 16 Mar 2023 07:53:23 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1

325 B
529 B

58ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 vybrat-obogrevatel-1.jpg
sundays.by/images/stati/ 71 KB
71 KB 453ms
105ms Image
image/jpeg 178.172.137.201
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sundays.by/images/stati/vybrat-obogrevatel-1.jpg

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.172.137.201 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-137-201.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

c571c146ca5e8750a690ee9e2fe076f51e37aebcfbc50171d5f85d66e355a6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 07:14:50 GMT
server: nginx/1.16.1
etag: "5ecb706a-11baa"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 72618
expires: Fri, 15 Apr 2022 07:53:23 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1

325 B
529 B

58ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 15979239853711.jpg
buki-repetitor.ru/data/files/news/ 57 KB
58 KB 288ms
67ms Image
image/jpeg 2606:4700:3033::ac43:9890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buki-repetitor.ru/data/files/news/15979239853711.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 154d6b9ef9acb788970a8dd3ea34b2e752356cb3dccf87f69f5dcaaf6547ef99

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58308
last-modified: Thu, 20 Aug 2020 11:46:25 GMT
server: cloudflare
etag: "5f3e6291-e3c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dn0mkFvgJ3KteiaDBVmgQp4nsSXO%2B7kkYnPJ7d569EhipIyPV28WQAg8%2BnplHihD34ITkWIno12GtWICyC6UP7K7PPhae01ELmXK0zSzJzvFxxFotY5mAZnQ6177RjhPTlGex3d6why%2FLO1mx7ubSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6ecbea30493974e1-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1

325 B
529 B

59ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1
Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK %D0%9A%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B0-1-%D0%9C%D1%8B%D1%82%D1%8C%D0%B5-%D1%85%D0%BE%D0%BB%D0%BE%D0%B4%D0%B8%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0.jpg
kliningovyj-raj.ru/wp-content/uploads/2019/09/ 64 KB
64 KB 904ms
179ms Image
image/jpeg 62.109.27.135
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliningovyj-raj.ru/wp-content/uploads/2019/09/%D0%9A%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B0-1-%D0%9C%D1%8B%D1%82%D1%8C%D0%B5-%D1%85%D0%BE%D0%BB%D0%BE%D0%B4%D0%B8%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.109.27.135 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: anndielm.fvds.ru
Software: nginx/1.16.1 /
Resource Hash: 2a4b85ca6dd780bb8c0251e81cb94d07a11333c041f1e64bbe95b7a945383b53

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Last-Modified: Thu, 27 Feb 2020 06:23:53 GMT
Server: nginx/1.16.1
ETag: "5e576079-10057"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65623
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1

325 B
529 B

59ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1
Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 %D0%A0%D0%B8%D1%81%D1%83%D0%BD%D0%BE%D0%BA1.jpg
fainaidea.com/wp-content/uploads/2016/03/ 39 KB
39 KB 329ms
158ms Image
image/jpeg 95.216.99.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fainaidea.com/wp-content/uploads/2016/03/%D0%A0%D0%B8%D1%81%D1%83%D0%BD%D0%BE%D0%BA1.jpg

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.216.99.229 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.229.99.216.95.clients.your-server.de

Software

nginx/1.14.1 /

Resource Hash

5343d3e721695927d444d88f94ffa3c0711ec7cd144cb010d8fc32f987ee3794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Tue, 29 Mar 2016 14:19:27 GMT
server: nginx/1.14.1
etag: "56fa8eef-9ad9"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39641
expires: Thu, 16 Mar 2023 07:53:23 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1

325 B
529 B

58ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1
Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 naturalnaja-kosmetika-dlja-uhoda-za-kozhej-lica-1-1024x576.jpg
tekhnotop.ru/wp-content/uploads/2019/12/ 29 KB
30 KB 440ms
187ms Image
image/jpeg 81.90.181.184
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tekhnotop.ru/wp-content/uploads/2019/12/naturalnaja-kosmetika-dlja-uhoda-za-kozhej-lica-1-1024x576.jpg

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.90.181.184 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

host-11f4a573.hostiman.com

Software

nginx/1.20.1 /

Resource Hash

9f0290c06f2c6f64d0ee106a94fa8b5416ae10ca75e8d90ed3cdc8e0890af8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Thu, 05 Nov 2020 07:31:33 GMT
server: nginx/1.20.1
etag: "5fa3aa55-75fd"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
content-length: 30205
x-xss-protection: 1; mode=block
expires: Mon, 21 Mar 2022 07:53:23 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1

325 B
529 B

59ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1
Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK Holod-kak-umenshit-negativnoe-vliyanie-na-immunitet.jpeg
way2self.in.ua/wp-content/uploads/2021/01/ 87 KB
88 KB 89ms
88ms Image
image/jpeg 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://way2self.in.ua/wp-content/uploads/2021/01/Holod-kak-umenshit-negativnoe-vliyanie-na-immunitet.jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 79eb2eb16e9551b79e36e2e0ca5bc7baa2db0840a73d298918b95389e5d28900

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Last-Modified: Thu, 21 Jan 2021 10:28:47 GMT
Server: nginx/1.16.1
ETag: "6009575f-15d20"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89376

GET
H/1.1 200
OK rss-icon-1.png
www.way2self.in.ua/wp-content/uploads/2015/11/ 20 KB
20 KB 236ms
83ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.way2self.in.ua/wp-content/uploads/2015/11/rss-icon-1.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fa299f977b0c6d1ae285d7dc7d4b17876f8b6ddc063eefa410dc1d0fd1116908

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Last-Modified: Wed, 08 Jan 2020 16:10:30 GMT
Server: nginx/1.16.1
ETag: "5e15fef6-4f20"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20256

GET
H2 200 3_0_B9ECFFFF_99CCFFFF_0_pageviews
informer.yandex.ru/informer/33112108/ 1 KB
2 KB 268ms
78ms Image
image/png 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/33112108/3_0_B9ECFFFF_99CCFFFF_0_pageviews

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0799ff9c9d79d1697e478cdfd1eef0ab653be77f2384dce5c708f7ac576cc5d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Wed, 16-Mar-2022 07:53:23 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1466
x-xss-protection: 1; mode=block
expires: Wed, 16-Mar-2022 07:53:23 GMT

GET
H/1.1 200
OK 2.png
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/images/icons/ 5 KB
5 KB 90ms
90ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/images/icons/2.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3a8d61ec4f9d08132d1e4d1dcd8fbf220c50d294ce07242737bc315562f2880d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Last-Modified: Wed, 08 Jan 2020 15:57:21 GMT
Server: nginx/1.16.1
ETag: "5e15fbe1-136f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4975

GET
H/1.1 200
OK jquery.form.min.js Show response
way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/ 15 KB
7 KB 86ms
85ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:52:58 GMT
Server: nginx/1.16.1
ETag: W/"5e15fada-3b90"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK scripts.js Show response
way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/ 11 KB
4 KB 86ms
85ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7b9c44cf87a0ef3fb6de18543dc2d3bf2864b52d385f4bdcf1834ae3df4c44a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:52:58 GMT
Server: nginx/1.16.1
ETag: W/"5e15fada-2d41"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 502
Bad Gateway LQ.js
leokross.com/_yMj/ 0
0 114ms
53ms Script
text/html 79.171.117.17
VARITI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leokross.com/_yMj/LQ.js
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ 357 KB
141 KB 170ms
53ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 10:21:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77497
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143659
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 05:02:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 10:21:46 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/sdk.js
https://connect.facebook.net/ru_RU/sdk.js

3 KB
2 KB

170ms
54ms

Script
application/x-javascript

2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3d9bbdd5d648c50edcc5137d4170d1a4b3dbea2d3aa208e3fcc30d223fbacfb3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 91Gnmeab/qRHmCO/dXoRfg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Wed, 16 Mar 2022 08:09:21 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: i8DtI6dDutSW/TztT9GwNHS8NauFXFklV42MzQHj70/7ZwqaQo6WRFqInJkZlbJcU+Tl07CnK5n1lnV5EeoUjA==
x-fb-trip-id: 686109401
x-fb-content-md5: 6a582401dde7b484b5df477b2f50677d
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Wed, 16 Mar 2022 07:53:23 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "e32638a512bca9b3e647c464de7985d5"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

Redirect headers

Location: https://connect.facebook.net/ru_RU/sdk.js#xfbml=1&version=v2.6&appId=957403467676178
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 138 KB
58 KB 148ms
57ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcf0a15d58ec1ff3c24a98a256f779944de437b2baefd7529bcb4f916570740b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 36844
x-jsd-version: 1.222.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA, cache-lcy19280-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"229a4-vvyGe1h1GveLVR3H+jgTFyH4DGc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ecbea31fdb77190-LHR

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

172ms
53ms

Script
text/javascript

2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6517
date: Wed, 16 Mar 2022 06:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 16 Mar 2022 08:04:46 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK background.png
way2self.in.ua/wp-content/themes/smartline-lite/images/ 3 KB
3 KB 85ms
85ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/images/background.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 97212b12104c856919d44f21b8cbecd7397e7ef9e698fa6a14b692a5408c302a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:22 GMT
Last-Modified: Wed, 08 Jan 2020 16:27:55 GMT
Server: nginx/1.16.1
ETag: "5e16030b-aee"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2798

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyCkIT4ttDfCmxA.woff2
fonts.gstatic.com/s/raleway/v26/ 21 KB
22 KB 108ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyCkIT4ttDfCmxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a442100377d2c7c94c3608a7a785ec70c87b849c6c1faf78757939f9d4c970ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 00:30:18 GMT
X-Content-Type-Options: nosniff
Age: 112984
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 21688
X-XSS-Protection: 0
Last-Modified: Thu, 03 Feb 2022 00:15:38 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Wed, 15 Mar 2023 00:30:18 GMT

GET
H/1.1 200
OK raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXXp1veQ.woff2
fonts.gstatic.com/s/bitter/v25/ 16 KB
16 KB 107ms
54ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/bitter/v25/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXXp1veQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9928921bcce9e4f9c2596d8e2fd221b690dc553d495379ba0fe3096defc8005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 15:56:54 GMT
X-Content-Type-Options: nosniff
Age: 143788
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15896
X-XSS-Protection: 0
Last-Modified: Thu, 03 Feb 2022 00:33:41 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Tue, 14 Mar 2023 15:56:54 GMT

GET
H/1.1 200
OK raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLzOXXp1veSRBw.woff2
fonts.gstatic.com/s/bitter/v25/ 10 KB
11 KB 107ms
54ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/bitter/v25/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLzOXXp1veSRBw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6831904cf2298ee15feee85c0b196c0d88093c1cd8ed30706006b0016a7401e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 19:20:31 GMT
X-Content-Type-Options: nosniff
Age: 563571
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 10176
X-XSS-Protection: 0
Last-Modified: Thu, 03 Feb 2022 00:31:37 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 09 Mar 2023 19:20:31 GMT

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v26/ 41 KB
42 KB 108ms
55ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 01:06:51 GMT
X-Content-Type-Options: nosniff
Age: 24391
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 42336
X-XSS-Protection: 0
Last-Modified: Thu, 03 Feb 2022 00:16:25 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 16 Mar 2023 01:06:51 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK lb212289_3.js Show response
s.luxadv.com/t/ 81 KB
34 KB 278ms
111ms Script
application/javascript 109.248.237.52
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s.luxadv.com/t/lb212289_3.js?rt=72026520056
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 109.248.237.52 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 270307c80dde50ae8f690c7a3b2b8597d98623311f93681ab5189e179df61402

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:24:49 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2019 21:06:26 GMT
Server: nginx
ETag: W/"5da4e352-145e6"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Connection: keep-alive
Expires: Wed, 16 Mar 2022 07:25:49 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
105 KB 91ms
91ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5667294504565912&plah=way2self.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4990d3e0028e6fbbb2a40f6413bd248421fad4d0f9542e49ebaf9e6da2e5583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107539
x-xss-protection: 0
server: cafe
etag: 1435358337055914698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 07:53:22 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/ Frame 6F16 10 KB
5 KB 171ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220314/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Mar 2022 00:33:15 GMT
expires: Wed, 30 Mar 2022 00:33:15 GMT
cache-control: public, max-age=1209600
age: 26407
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

js_data.php Show response
100widgets.com/
Redirect Chain

http://100widgets.com/js_data.php?id=278
https://100widgets.com/js_data.php?id=278

306 B
733 B

178ms
60ms

Script
text/html

193.176.1.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://100widgets.com/js_data.php?id=278
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 193.176.1.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ip.stat.zevshost.net
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash: cfd76f8f2b5ed21afc907b2a26e5a1bad5664c9e6deaac474b7e6790354bd282

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.16.1
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Location: https://100widgets.com/js_data.php?id=278
Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
647 B 207ms
63ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=way2self.in.ua&callback=_gfp_s_&client=ca-pub-5667294504565912

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5667294504565912&plah=way2self.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

8e3c6e248982891ab792ecb1863b9b3f040cfb76cd6213748cb423d580b4c323

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 183ms
65ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
63ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fway2self.in.ua%2F&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A0DF 128 KB
36 KB 431ms
368ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&adk=1812271804&adf=3025194257&lmt=1647415686&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=http%3A%2F%2Fway2self.in.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1647417202808&bpp=2&bdt=638&idt=178&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=4095755563836&frm=20&pv=2&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=192

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a33dc1826561a14af9a87d79e04d9b9d3680e3315576632976051b7d81fce7d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:53:23 GMT
server: cafe
content-length: 36663
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:53:23 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 62DC 24 KB
10 KB 643ms
601ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42ac47f3a798fe75fec61a395982ba9d6634e591b87ff15a3eef84c29e3dc47b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:53:23 GMT
server: cafe
content-length: 10148
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:53:23 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3FD7 83 KB
29 KB 530ms
512ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=3376076128&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202813&bpp=1&bdt=644&idt=228&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=6691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ga02jM6brJ&p=http%3A//way2self.in.ua&dtd=231

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a3def7f9a27e845979af3e7c0543d2c68f1def9f0a4170aff70215eca18a491

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:53:23 GMT
server: cafe
content-length: 29996
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:53:23 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B7CE 30 KB
11 KB 372ms
360ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647417202813&bpp=1&bdt=644&idt=236&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=8YliiC21WV&p=http%3A//way2self.in.ua&dtd=237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c32ac75fbb0b160a61a5d36832809c3ba63e6e2ec42abfaf89ab85dc58ec1ec4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:53:23 GMT
server: cafe
content-length: 10922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:53:23 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D5A5 436 B
235 B 354ms
352ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647417202814&bpp=1&bdt=644&idt=245&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=PJp4MgOdbW&p=http%3A//way2self.in.ua&dtd=247

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47ce3c24868b765fc95084c48865eb57cb2432ccc2e5f7f59b2ea60f1efac459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:53:23 GMT
server: cafe
content-length: 212
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:53:23 GMT
cache-control: private

GET
H/1.1 200
OK render Show response
pxxifc.com/v1/ 28 KB
9 KB 212ms
122ms XHR
text/html 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/v1/render?surfer_uuid=04943e53-cb7c-4165-8adb-5de1c71652ca&referrer=http%3A%2F%2Fway2self.in.ua%2F&page_load_uuid=bc547968-6be1-4c4e-a6d9-4ae2967acffb&page_depth=1&uvptmxwaesl=3a7530d7-59f4-4c35-b15c-08fd30e13d70&block_uuid=3a7530d7-59f4-4c35-b15c-08fd30e13d70&refresh_depth=1&safari_multiple_request=555
Requested by: Host: pxxifc.com
URL: http://pxxifc.com/z7y1l7192lvip0m/0y3qh8768uvq876pkyjo.php
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 412f00c3a725fbbf769e7e3d92ff6ac33e5a430d3070d488aa52793b7855cbf2

Request headers

Referer: http://way2self.in.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
Date: Wed, 16 Mar 2022 07:53:23 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, must-revalidate
Connection: keep-alive
expires: -1

GET
H/1.1 200
OK d03623166292984f.jpeg
pxxifc.com/.cdn/3a8241/e45ee7/f614bfcda31c46d08f6a9bf1e2df5c49/ 21 KB
22 KB 93ms
93ms Image
image/jpeg 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pxxifc.com/.cdn/3a8241/e45ee7/f614bfcda31c46d08f6a9bf1e2df5c49/d03623166292984f.jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 10ec92c208b6fc37debc72d7ccf07fea520d7e251be06b022e3982bfb5707ff6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Last-Modified: Wed, 16 Mar 2022 04:23:05 GMT
Server: nginx/1.14.2
ETag: "62316629-55ee"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 21998

GET
H/1.1 200
OK d03623165b1d55d6.jpeg
pxxifc.com/.cdn/3a8241/e45ee7/8bd72072bcde4c638c25faca6b6433c5/ 25 KB
25 KB 92ms
90ms Image
image/jpeg 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pxxifc.com/.cdn/3a8241/e45ee7/8bd72072bcde4c638c25faca6b6433c5/d03623165b1d55d6.jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: e6e1284d2ce667924893626aacaef2c5443004df198d4748acee01e633caba95

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Last-Modified: Wed, 16 Mar 2022 04:21:05 GMT
Server: nginx/1.14.2
ETag: "623165b1-631b"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 25371

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 179ms
63ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6636658309daf40633373d068662f1e248e0e5cc0131786b436074456cb88ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:55:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:53:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E6DC 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpIWmc5cxYpO3B9S5YdKiltgNyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEtgFP0O3dxHyo4BthHHNr0yGJNan7Pud5qupUEzt-YcAx_H__JlxZSkCPfS7khFdpsnMkVtCMO9DVqIxc2ayiuVYG2qIYgmGdg1WRSWX5zzqRR00bvstyuvdo7SJr0WGeMwLlVqbFezpBmXWE25IHEq24LzUN8uhyRdWUWhSnlLXpTzp-FZpJkJmOdkTdINS-BpHTDHLcM7X-lkM-Nm1qgwtrUhc-Bo1OPX6xNXLj_FNwx04QQ8UHd4AG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=yJSvfr6j0lI&uach_m=[UACH]&cid=CAQSGwCNIrLMwZRhjSSudRWebIsD-64PvYvaQHsoJRgB

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647417202813&bpp=1&bdt=644&idt=236&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=8YliiC21WV&p=http%3A//way2self.in.ua&dtd=237
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:53:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame E6DC 0
0 203ms
63ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEuGBMNACmAKdg2ICAgAAAMsdJY3uoi0fFTyPnBBylzFi77-l28BxKncHI2YAEg&wp=YjGXcwAB25MKGFzUAAWRUlV_ul5ckYucS_eu0A

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 223616
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DCEE 42 KB
17 KB 255ms
122ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGXcwAB25MKGFzUAAWRUlV_ul5ckYucS_eu0A&u=%7CjknDVb4xqJT4gj9xDFloA3hp7N9YZZJaUEYFOwNXjX0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsfk6rNy33hnOjOX7BUoUIDqOMM0GgL83epX5KgbcGvKrEGYA1OjwMQ5HuZQjPyuOgfOAFdKvI0L34YlLkU8ATEfZlwVtpJMTg-O2jpziq5icQIc4FJGvehNpMa76OrsW3A-f1DBJ7qgNrHCVYTKemiYo00HMRhQdR_12Bxh0laYxNZ_z0gtpAqfDsJlUOO6O73F6tiMcSv9OBMlU1EtJ93TVM9YaMzZjJuhbeW0lBm9Uu28V-56X9cbedECVx-7Tth0Skw_DBfflrFwzyxt3uFArDv_kUIWWue6bvE0fVhsd66RtBGWJhczYRAvKqgZ3U5kYLiuzpIVJpF-_9P5hqMpIMoJLXNE3bb4WWX_MvX7QekikDlLzHQEAfqs9r_GUBu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP9sIc5cxYpO3B9S5YdKiltgNyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEuQFP0O3dxHyo4BthHHNr0yGJNan7Pud5qupUEzt-YcAx_H__JlxZSkCPfS7khFdpsnMkVtCMO9DVqIxc2ayiuVYG2qIYgmGdg1WRSWX5zzqRR00bvstyuvdo7SJr0WGeMwLlVqbFezpBmXWE25IHEq24LzUN8uhyRdWUWhSnlLXpTzp-FZpJkJmOdkTdINS-BpGRDlNOtDpihfyiIs66vq2TWwM0sIdgJfwF_U9FDuxu61aV6UEUyEedzIAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3JvefxLyfBf-YjtqR7oZs6IahGLQ%26client%3Dca-pub-5667294504565912%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647417202813&bpp=1&bdt=644&idt=236&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=8YliiC21WV&p=http%3A//way2self.in.ua&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

69af8f03fec4fb309175f207aa80356766125f5fdfdcd65a34ce077e1dc2486b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 16 Mar 2022 07:53:22 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=rzkGhSqA4OtIDfUAIezHYtOFNUHlaCk10hTo7NsfWAIXWSczpbv9j8ELzUpCfY0xac2IP9Ta5Vyhsu7UnzkhmLqLjeUhPboSn5ns6eyiDN8OHnRaSbr7sB6OgwvfIVjlz4WJorx9BMIiNKiFpkaZij6WGI4hO8Qg3icxpj1p-xrTSQ-VU8lX4CrmVWuemoFUcnLoieEwxleYuNLezF7vq9d1iXka66RknK1TNGbFHaMuDvH9BPA5IaIDybwy9z4qAhb11Q"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 10012815
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame E6DC 2 KB
1 KB 201ms
58ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:48:03 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E6DC 117 KB
36 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame E6DC 15 KB
7 KB 196ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:50:07 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 151 KB
54 KB 94ms
94ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a95e6d36b8b30fe8fc06e6c77cfd7490c714a01bbf1fddb0eedff7cb2f2bd3b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55005
x-xss-protection: 0
server: cafe
etag: 2652472673925589557
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 126ms
62ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 129ms
65ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 86FB 105 KB
39 KB 313ms
313ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=576&adk=3863261036&adf=3553832554&pi=t.aa~a.1376283375~rp.4&w=881&lmt=1647415686&nsk=ad52484e&rafmt=11&pwprc=5291598837&psa=1&ad_type=text_image&format=881x576&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&pra=3&wgl=1&fa=26&dt=1647417203510&bpp=1&bdt=1340&idt=1&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=zupKL72FIe&p=http%3A//way2self.in.ua&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97489a066c570fc26deaa9bb249abb85eec1125074225455320dffd095708a95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 16 Mar 2022 07:53:23 GMT
server: cafe
content-length: 40005
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:53:23 GMT
cache-control: private

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 281 KB
80 KB 110ms
54ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=78d0f97dfa3957998a9cc987156b587f

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b217f97e7f97b281bb08025dadf7837e95fa946130f023e517727fea164cac4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: MvHNRWudPtStF/H+bIY/rA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Thu, 16 Mar 2023 07:08:08 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 81673
x-fb-rlafr: 0
x-fb-debug: V4KjdbUxxHkEiAhtepo4IiBZccjfoVHTC27KNlv7duI3scM+jqcYT7qr1EPqgYr3uQmlm5nwnAvG0QhXgQ98XQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: b036c32cefd2d259798c5bf555d8ecec
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:53:23 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "05b11f848e62ef3da7f360089d0cfa02"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala...

174 B
312 B

79ms
79ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A144445799927%3Ahid%3A194702864%3Az%3A0%3Ai%3A20220316075323%3Aet%3A1647417204%3Ac%3A1%3Arn%3A652673160%3Arqn%3A1%3Au%3A1647417204991747448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647417201938%3Ads%3A49%2C85%2C95%2C86%2C0%2C0%2C%2C387%2C11%2C%2C%2C%2C703%3Aco%3A0%3Ast%3A1647417204&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

69173170d4def371a7052bebb9decbec783ef216326ccd2a88e522aed39cced6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 16-Mar-2022 07:53:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 174
x-xss-protection: 1; mode=block
expires: Wed, 16-Mar-2022 07:53:23 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 16-Mar-2022 07:53:23 GMT
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A144445799927%3Ahid%3A194702864%3Az%3A0%3Ai%3A20220316075323%3Aet%3A1647417204%3Ac%3A1%3Arn%3A652673160%3Arqn%3A1%3Au%3A1647417204991747448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647417201938%3Ads%3A49%2C85%2C95%2C86%2C0%2C0%2C%2C387%2C11%2C%2C%2C%2C703%3Aco%3A0%3Ast%3A1647417204&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 16-Mar-2022 07:53:23 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/33112108/
Redirect Chain

https://mc.yandex.ru/watch/33112108?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

392 B
529 B

79ms
78ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A495284593138%3Ahid%3A194702864%3Az%3A0%3Ai%3A20220316075323%3Aet%3A1647417204%3Ac%3A1%3Arn%3A210533161%3Arqn%3A1%3Au%3A1647417204991747448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647417201938%3Ads%3A49%2C85%2C95%2C86%2C0%2C0%2C%2C387%2C11%2C%2C%2C%2C703%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647417204%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f80fa0ea09ea82e3451b6fd5071b77d4ee4433f2efe99fe9867303b809e43541

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:23 GMT
x-content-type-options: nosniff
last-modified: Wed, 16-Mar-2022 07:53:23 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 392
x-xss-protection: 1; mode=block
expires: Wed, 16-Mar-2022 07:53:23 GMT

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 16-Mar-2022 07:53:23 GMT
location: /watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A608%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A495284593138%3Ahid%3A194702864%3Az%3A0%3Ai%3A20220316075323%3Aet%3A1647417204%3Ac%3A1%3Arn%3A210533161%3Arqn%3A1%3Au%3A1647417204991747448%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647417201938%3Ads%3A49%2C85%2C95%2C86%2C0%2C0%2C%2C387%2C11%2C%2C%2C%2C703%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647417204%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 16-Mar-2022 07:53:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3FD7 7 KB
745 B 125ms
64ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=3376076128&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202813&bpp=1&bdt=644&idt=228&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=6691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ga02jM6brJ&p=http%3A//way2self.in.ua&dtd=231

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

913b157f2689c81cfbf6940661dad51919048b2af4edfd4b956eeda00850a42d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 06:33:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:53:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 3FD7 2 KB
984 B 62ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:45:58 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 3FD7 19 KB
8 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:46:51 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 3FD7 2 KB
1 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:48:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:48:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FD7 117 KB
36 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 3FD7 15 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:50:07 GMT

GET
H3 200 7a99daadf072127ada89333d533e295f.js Show response
www.gstatic.com/mysidia/ Frame 3FD7 28 KB
12 KB 116ms
54ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11822
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 23:17:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 22:32:37 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
177 B 79ms
78ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 16 Mar 2022 08:53:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3FD7 0
0 86ms
85ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czz3fc5cxYvnWB76QiM0PoPaByAO9u9bpaNqh-danDtrGt7jHKBABIJf9sCpglQKgAcCrr-oDyAEJqQLPqCIQ6WWyPqgDAcgDywSqBMcBT9AdLy17AcK7kLWz7cKxxEKTYzGUhgkPKGXeb6Ih9cJiKLuUWkKetxSkwWJhl4DFwJV1fUv-VJxCLuwejoMVoJvA99oiqrGcCPsMhqMmzMyyhl5daD_dzjnmxWE6aQWxv7Kx9-F0cESctvEKaZQGjDRaEfEVWurtPGdWKU7zvmNzpvrYngeuKqJ60bcpjsHDsHR00iYYkI7dwcqyjUUCXNofjXkvohS942LDiIxodmwxzKvzyUZu7qi1phTdnKeytWd0j2ACccAEsZ_egt0DiAXxse6xNJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYu2AYCgAeo1NAVqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ5scHoAjkEbAIAtIICQiA4YBwEAEYH4AKAcgLAdgTDYIUEBoOd2F5MnNlbGYuaW4udWGIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=f-45J8oGZOE&uach_m=[UACH]&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=3376076128&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202813&bpp=1&bdt=644&idt=228&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=6691&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ga02jM6brJ&p=http%3A//way2self.in.ua&dtd=231
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:53:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11691022299360076463/ Frame 3FD7 18 KB
18 KB 81ms
80ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11691022299360076463/downsize_200k_v1?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6783f995a99a145887cc8b968014b114e2d86a2910424fdd8cde586b97e416e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sun, 13 Mar 2022 23:10:19 GMT
x-content-type-options: nosniff
age: 204184
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18230
x-xss-protection: 0
last-modified: Wed, 28 Jul 2021 14:26:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Mar 2023 23:10:19 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/16974683443596446677/ Frame 3FD7 2 KB
2 KB 101ms
100ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16974683443596446677/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bdce8240faa329694e135c231ab826d85476a22e2bcde581b424edfde6f1d103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sat, 12 Mar 2022 23:00:29 GMT
x-content-type-options: nosniff
age: 291174
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1553
x-xss-protection: 0
last-modified: Wed, 27 May 2020 15:04:04 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 12 Mar 2023 23:00:29 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/ Frame FD09 10 KB
4 KB 54ms
54ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 16 Mar 2022 03:06:09 GMT
expires: Wed, 30 Mar 2022 03:06:09 GMT
cache-control: public, max-age=1209600
age: 17234
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 123ms
61ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2017990453&t=pageview&_s=1&dl=http%3A%2F%2Fway2self.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1966423284&gjid=890915889&cid=1586093619.1647417203&tid=UA-68999546-1&_gid=1383151289.1647417204&_r=1&_slc=1&z=2056908358

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://way2self.in.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://way2self.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame E6DC 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 32eeddbab9c7020f368b014cf95221d0f0749c743f642dbb7a64d1cb1e08e7bd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 62DC 2 KB
1 KB 116ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:49:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 62DC 15 KB
6 KB 131ms
69ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:50:44 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62DC 117 KB
36 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 62DC 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CA9DMc5cxYtTIB4qeYNjYsDjJntKxXPXalvdwwI23ARABIABglQKCARdjYS1wdWItNTY2NzI5NDUwNDU2NTkxMqAB1bbS6gPIAQmpAs-oIhDpZbI-qAMBqgS1AU_QCxVF3RXjvR5u_cnSXfEVvg8CBPYWTwGa2ARfcRGrzr_8yXiebLmhIw2LcA08gphPWyTw1pdmIDp48O1hFTi3q1oe6Fu85ohxRnFr0bLHsZ6OUsIpXEilIIY-kFMYzQfneiu2Lg0TJ3wJPU1TEQduqIiucxrVuR5G9pdQ6NbjQm_u53lRP3yLDv3A8gBty8cZc6aquT8G0jmvJ9WPvHRFOkBzCGSoKtiz6wGuy7m3jaZyknCABsOj3oGygpW3RqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=XSjn8cdDGqw&uach_m=[UACH]&cid=CAQSGwCNIrLMittRkfYiSQNHecf193bWT1V4fvLjAhgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:53:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 62DC 0
0 63ms
63ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UsPKC8z6RO4GmAKdg2ICAgAAAI2i1XSGhSf5FTyPnBBylzFiAQqh8N3tG43wJA0AEg&wp=YjGXcwAB5FQKGA8KAAwsWOMwT8iKqas5-OYPsQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
server: Kestrel
server-processing-duration-in-ticks: 284521
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C4CE 129 KB
43 KB 147ms
146ms Document
text/html 2a02:2638:1::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGXcwAB5FQKGA8KAAwsWOMwT8iKqas5-OYPsQ&u=%7CjknDVb4xqJSkQRnVFNJcxLrq5Ht7i3CjOcAJv2lUssA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsf_cABLeKzTC-1BU02EsbSCtHZgvITaXE_bS--RvHQFo_Mj1JTiznRda7usUJKoMQeNNgC5qgz1XtkVJNHNckkYK60uSoFrXroMB9SLKc0l_8aUrvvT9ElDoNjz8PwEmeUIRvbAcpP3PpAnoYE1NcwDcV8-gx4zAgrEk3Zt7-UmrPVG272s5qCZ9iay6n34Ra1NePj92paTuSC1R5NW7u5CH7kJ2uT_hVvf17TfQL0YbzvSPkL6ZiiXwqskGtaibcDU3zCLddNhzNea74enyi3ng0Hh8uNezPOnIk6IoiqShAWrzQmXIK6OgGbjhIuZD-tyE0yw3maXetM107sk3_7sGPSauYXUUqzMccRF18Z24sXD0V8b1BBAvy1Fyb4TasZo3FYu-E91ybZAtjQptKY0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_u9Yc5cxYtTIB4qeYNjYsDjJntKxXPXalvdwwI23ARABIABglQKCARdjYS1wdWItNTY2NzI5NDUwNDU2NTkxMqAB1bbS6gPIAQmpAs-oIhDpZbI-qAMBqgS4AU_QCxVF3RXjvR5u_cnSXfEVvg8CBPYWTwGa2ARfcRGrzr_8yXiebLmhIw2LcA08gphPWyTw1pdmIDp48O1hFTi3q1oe6Fu85ohxRnFr0bLHsZ6OUsIpXEilIIY-kFMYzQfneiu2Lg0TJ3wJPU1TEQduqIiucxrVuR5G9pdQ6NbjQm_u53lRP3yLDv3A8gBticU44SElJSy5Ti0M9-gpRH1RMPZ5JnwqnhCOTfMR1ZWvCAz2gc8-tnaABsOj3oGygpW3RqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ZVyC6-KvRCcMpwHhwf3nTM1E8Fg%26client%3Dca-pub-5667294504565912%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647415686&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647417202811&bpp=2&bdt=641&idt=206&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=zedcRFCZL8&p=http%3A//way2self.in.ua&dtd=210

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0a264600d83ffd1cfd71394e8a4dce3e7ea62f66e89326d3d3d80dfa634a0b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=PheSWiqA4OtIDfUABesbIB0WthdtYg4C4rdSt1PhyRWeJQG-iB0zkieBN9UAFgdhLgLxdRmmYtm9X6PA5wMx5IdyFrU9YvdYhEZDE41Bj7i4NHUVilhPUO4ucJyI2v7C9dCEZNGnkaDDocWKyZMjMwPtsSDOe4TKmG20oLW_05_wpiLD1r3HDvfKV6S9LN4NgWo2WDbuW5kPBIo5v7H7avtUkCuIxZa7Q3tCs-8LjQvGjidg2DZa2h7uw5kdefW-zfzfFQ"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 85163715
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3FD7 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b695d9830a2b48958c6d07e506491128bee7038ef2504d8e13b3035d5e8d3073

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DCEE 2 KB
1 KB 301ms
187ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGXcwAB25MKGFzUAAWRUlV_ul5ckYucS_eu0A&u=%7CjknDVb4xqJT4gj9xDFloA3hp7N9YZZJaUEYFOwNXjX0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsfk6rNy33hnOjOX7BUoUIDqOMM0GgL83epX5KgbcGvKrEGYA1OjwMQ5HuZQjPyuOgfOAFdKvI0L34YlLkU8ATEfZlwVtpJMTg-O2jpziq5icQIc4FJGvehNpMa76OrsW3A-f1DBJ7qgNrHCVYTKemiYo00HMRhQdR_12Bxh0laYxNZ_z0gtpAqfDsJlUOO6O73F6tiMcSv9OBMlU1EtJ93TVM9YaMzZjJuhbeW0lBm9Uu28V-56X9cbedECVx-7Tth0Skw_DBfflrFwzyxt3uFArDv_kUIWWue6bvE0fVhsd66RtBGWJhczYRAvKqgZ3U5kYLiuzpIVJpF-_9P5hqMpIMoJLXNE3bb4WWX_MvX7QekikDlLzHQEAfqs9r_GUBu&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCP9sIc5cxYpO3B9S5YdKiltgNyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQLPqCIQ6WWyPqgDAaoEuQFP0O3dxHyo4BthHHNr0yGJNan7Pud5qupUEzt-YcAx_H__JlxZSkCPfS7khFdpsnMkVtCMO9DVqIxc2ayiuVYG2qIYgmGdg1WRSWX5zzqRR00bvstyuvdo7SJr0WGeMwLlVqbFezpBmXWE25IHEq24LzUN8uhyRdWUWhSnlLXpTzp-FZpJkJmOdkTdINS-BpGRDlNOtDpihfyiIs66vq2TWwM0sIdgJfwF_U9FDuxu61aV6UEUyEedzIAG0ITHgMCYxZcCoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3JvefxLyfBf-YjtqR7oZs6IahGLQ%26client%3Dca-pub-5667294504565912%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame DCEE 2 KB
1 KB 168ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DCEE 308 B
636 B 171ms
59ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame DCEE 507 B
835 B 169ms
57ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame DCEE 43 B
347 B 204ms
59ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=CkMgVCC1FSYz-WCjs-znaKGb1tpTZ6-G22Ei82Tl-AASjT-I80QRiSO7_y7KkMpTMwuYUIT-WS9EiYGmsQws9y8oROpKm2KPcRG7IIOo1nzDd2aqfBsd0xePVqdfZdDCwz6Dm4axlqqdcoufrcjkYEPUmIpqUddHxRRqwA2_3kpGdLKrBWi-jnXt4RXsL0fkB8UBJ2BhbUhHBPw8XY3fxqTYoCvVCe1rcJKhPdLsj_3EaMIid2TUgSwVH-wt8YVefpwm4EU1HIvhL0i8vIOx8PESHjtlTp1EgxbcEyBYikHqTUxW2mrRQZgt2SnZc9oyJV9xmgPVYyRbV-xwZBjKIUHBOHofubkvhWglKJrC7bSc68fHwXRXGoYeyUKDRm0RZlILKmfwojF5QrKL1eZ1eT9M3d4layGN6Sf-W3MFHPcDewPtfxCxD5UCn2rmOoHt4vgaXA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:23 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2591982
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 5242c823800943149e8b78f3865de1ef_image_ad_336x280.jpeg
static.criteo.net/design/dt/90764/211109/ Frame DCEE 58 KB
58 KB 171ms
60ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/211109/5242c823800943149e8b78f3865de1ef_image_ad_336x280.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

2df0e8e6346213594aa9eb68c498aa103b536488e595986fa2bc8e80313b1a5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Tue, 09 Nov 2021 08:25:56 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "618a3094-e823"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 59427
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FD09 5 KB
677 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

def453926bf1e0d62bf8a4cf5c409dd333a049f547e470a509cc738bede438c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 07:38:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:53:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame FD09 2 KB
904 B 89ms
77ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:45:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 445
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:45:58 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame FD09 19 KB
8 KB 65ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:46:51 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame FD09 2 KB
1 KB 89ms
79ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:49:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD09 117 KB
36 KB 65ms
63ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame FD09 15 KB
6 KB 69ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:50:44 GMT

GET
H3 200 7a99daadf072127ada89333d533e295f.js Show response
www.gstatic.com/mysidia/ Frame FD09 28 KB
12 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 120046
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11822
x-xss-protection: 0
last-modified: Wed, 09 Mar 2022 23:17:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 22:32:37 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DCEE 0
127 B 159ms
48ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=rzkGhSqA4OtIDfUAIezHYtOFNUHlaCk10hTo7NsfWAIXWSczpbv9j8ELzUpCfY0xac2IP9Ta5Vyhsu7UnzkhmLqLjeUhPboSn5ns6eyiDN8OHnRaSbr7sB6OgwvfIVjlz4WJorx9BMIiNKiFpkaZij6WGI4hO8Qg3icxpj1p-xrTSQ-VU8lX4CrmVWuemoFUcnLoieEwxleYuNLezF7vq9d1iXka66RknK1TNGbFHaMuDvH9BPA5IaIDybwy9z4qAhb11Q&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 07:53:23 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DCEE 2 KB
1 KB 155ms
58ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DCEE 2 KB
1 KB 133ms
133ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H3 200 hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 8FE4 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 21:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13666
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 21:18:32 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9579.E0zbcZ2Huj1LhzCPUG5dp5wcUOfKb0ZCSeDoCpVafp1JOxJMlJcyUhecxnyGH0px.kIEmT9T8C8YamvOBhe5v-jLuum4%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9579.XzIOK0e2O_DrlnlGouDMp-XRCkJA4Bn052czDAuFjqHiRigdXHYCAMSof9PJV5PgAM0jHU2PQ8b9wATDGr5tQoo8SEyn1Nv9t3XVMjmmIvw%2C.2Uo06E1EEXEpDhUWspN1T-Wc36...

43 B
357 B

101ms
100ms

Image
image/gif

154.47.36.96
COGENT-174

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9579.XzIOK0e2O_DrlnlGouDMp-XRCkJA4Bn052czDAuFjqHiRigdXHYCAMSof9PJV5PgAM0jHU2PQ8b9wATDGr5tQoo8SEyn1Nv9t3XVMjmmIvw%2C.2Uo06E1EEXEpDhUWspN1T-Wc364%2C

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

154.47.36.96 , United States, ASN174 (COGENT-174, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:24 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9579.XzIOK0e2O_DrlnlGouDMp-XRCkJA4Bn052czDAuFjqHiRigdXHYCAMSof9PJV5PgAM0jHU2PQ8b9wATDGr5tQoo8SEyn1Nv9t3XVMjmmIvw%2C.2Uo06E1EEXEpDhUWspN1T-Wc364%2C
date: Wed, 16 Mar 2022 07:53:24 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK stat.js.php Show response
100widgets.com/ 0
199 B 59ms
59ms Script
application/javascript 193.176.1.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://100widgets.com/stat.js.php
Requested by: Host: 100widgets.com
URL: http://100widgets.com/js_data.php?id=278
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.176.1.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ip.stat.zevshost.net
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:23 GMT
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
DATA 200
OK truncated
/ Frame 62DC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70708a7d514e266724d0fb9c60de193b787e87150cc4db1225e8a425059ac8a0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame 86FB 10 KB
806 B 64ms
63ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300|Roboto:300,400,500,700&lang=de

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=576&adk=3863261036&adf=3553832554&pi=t.aa~a.1376283375~rp.4&w=881&lmt=1647415686&nsk=ad52484e&rafmt=11&pwprc=5291598837&psa=1&ad_type=text_image&format=881x576&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&pra=3&wgl=1&fa=26&dt=1647417203510&bpp=1&bdt=1340&idt=1&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=zupKL72FIe&p=http%3A//way2self.in.ua&dtd=11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84283b0271462df7595314fa8ab57070ed633174a851712bed2bfd8e6bd92117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 07:43:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:53:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 86FB 10 KB
806 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,700&text=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84283b0271462df7595314fa8ab57070ed633174a851712bed2bfd8e6bd92117

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 07:17:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:53:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 86FB 32 KB
13 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/m_js_controller_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c89c272c7d8ed523e0a0c8a042792c4dfca11e0c6439ecd254e0ccb482688f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:49:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 260
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13101
x-xss-protection: 0
server: cafe
etag: 12109718283923547003
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:49:03 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/ Frame 86FB 19 KB
8 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:46:51 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 86FB 2 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:49:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 208
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:49:56 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86FB 117 KB
36 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:53:23 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/ Frame 86FB 15 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220314/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:50:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 159
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 30 Mar 2022 07:50:44 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 86FB 0
0 125ms
61ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQs7Wao24KGIlJ5bz5RhQZauJ-3bOLdmPc2g-_3075Vxt-CPrk1TJ-REDRN_XoMNT6-YIyR
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=576&adk=3863261036&adf=3553832554&pi=t.aa~a.1376283375~rp.4&w=881&lmt=1647415686&nsk=ad52484e&rafmt=11&pwprc=5291598837&psa=1&ad_type=text_image&format=881x576&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&pra=3&wgl=1&fa=26&dt=1647417203510&bpp=1&bdt=1340&idt=1&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=zupKL72FIe&p=http%3A//way2self.in.ua&dtd=11
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C4CE 2 KB
1 KB 95ms
94ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjGXcwAB5FQKGA8KAAwsWOMwT8iKqas5-OYPsQ&u=%7CjknDVb4xqJSkQRnVFNJcxLrq5Ht7i3CjOcAJv2lUssA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsf_cABLeKzTC-1BU02EsbSCtHZgvITaXE_bS--RvHQFo_Mj1JTiznRda7usUJKoMQeNNgC5qgz1XtkVJNHNckkYK60uSoFrXroMB9SLKc0l_8aUrvvT9ElDoNjz8PwEmeUIRvbAcpP3PpAnoYE1NcwDcV8-gx4zAgrEk3Zt7-UmrPVG272s5qCZ9iay6n34Ra1NePj92paTuSC1R5NW7u5CH7kJ2uT_hVvf17TfQL0YbzvSPkL6ZiiXwqskGtaibcDU3zCLddNhzNea74enyi3ng0Hh8uNezPOnIk6IoiqShAWrzQmXIK6OgGbjhIuZD-tyE0yw3maXetM107sk3_7sGPSauYXUUqzMccRF18Z24sXD0V8b1BBAvy1Fyb4TasZo3FYu-E91ybZAtjQptKY0w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC_u9Yc5cxYtTIB4qeYNjYsDjJntKxXPXalvdwwI23ARABIABglQKCARdjYS1wdWItNTY2NzI5NDUwNDU2NTkxMqAB1bbS6gPIAQmpAs-oIhDpZbI-qAMBqgS4AU_QCxVF3RXjvR5u_cnSXfEVvg8CBPYWTwGa2ARfcRGrzr_8yXiebLmhIw2LcA08gphPWyTw1pdmIDp48O1hFTi3q1oe6Fu85ohxRnFr0bLHsZ6OUsIpXEilIIY-kFMYzQfneiu2Lg0TJ3wJPU1TEQduqIiucxrVuR5G9pdQ6NbjQm_u53lRP3yLDv3A8gBticU44SElJSy5Ti0M9-gpRH1RMPZ5JnwqnhCOTfMR1ZWvCAz2gc8-tnaABsOj3oGygpW3RqAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2ZVyC6-KvRCcMpwHhwf3nTM1E8Fg%26client%3Dca-pub-5667294504565912%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame C4CE 2 KB
1 KB 94ms
94ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C4CE 308 B
636 B 71ms
70ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame C4CE 507 B
835 B 72ms
71ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Sat, 11 Mar 2023 07:53:23 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame C4CE 43 B
347 B 60ms
60ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=9nJVQa8r3_PQqxSHAKBpfRzjr7s07evLKjbx4RC68OX-60Y2g7xALAYKEiBLJyv2j-eT95-AmEGk5UM7qC_jIbSGfTtvbU5QW7qCgT3I7v9WIwwd4h9lv_DWorFjCNhaam0N5eA_3vBYMHkfukBn-ryrs9MviPEx982s-CStrOWZmpA9LZFWjJVWS-MBIPDqTffEKTEVvOzwXCMSxPIkYm9KeSmFMvVC6CjJug2f7OHPysYu75iKmTXLcqrE7_UXHQkmoUT59G-A_hXFMIV2yvZQp1qGfCjqn3R3EqagbmI33K7uhxDU8tyKPXCc96Xqegx1xID3KqyrKgXfSVmYHxxPLsc8SEYc3EueaT2R2cvjP_iofT9qscwfeJ2kIkxoZgaaP0xqUxraJIjacEXK4BBC4195D2iI9i3Y8b6pc12e_ElLUXRlwRIU99xrMYYV8g2ixwBjFLouzQZl6mAX77O76YQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:23 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2431708
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js Show response
pagead2.googlesyndication.com/bg/ Frame F680 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 21:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13666
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 21:18:32 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C4CE 12 KB
5 KB 156ms
55ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 124950
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B21o5E1YjnHs9uUyVrW%2BOG5eBlvn024bCP3UteJZh9xrEXymKb98v%2Fq6mRe4XFgpJKfBcFWBJxqKKrIai%2FQtV%2BhHiSY6hsr514FZQGlR0uhRbz3QRbYOu85EjuVFUlqarhuDxlA4KsUGfAoXq1MUCT6B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ecbea35ac698e18-LHR
expires: Mon, 06 Mar 2023 07:53:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C4CE 12 KB
6 KB 54ms
54ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:24 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 8 KB
8 KB 182ms
56ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=55592&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F55592%2F181126%2F3e32775915934f4dbe6e5972c02f0e2f_samoon.png&v=3&w=196&s=EvDr3lPZKMR_76WT2mLleI8W

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ea6d4038f3e7890578d10ef56cbeff70b7274b31f1c0857573aada9dc58c7e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28930096
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7915
expires: Tue, 14 Feb 2023 04:01:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 14 KB
15 KB 254ms
129ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_871021-26118_6422_110.jpg&v=3&w=400&s=cM3Hb7B-VAQSDodGto3hDM40&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f8eb742ef3ade58a79b66d4ef9210dd98769adb25f83929d7600122013cd9130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=202965
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14822
expires: Fri, 18 Mar 2022 16:16:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 7 KB
7 KB 291ms
166ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_871059-26107_1102_110.jpg&v=3&w=400&s=bUfEKk4SFmDrOkqBemcJgld4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

77a420b5cfbd4fe93b9c0998f9063c8b41715ff38f43b23b61a19537003b3d90

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=132240
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6782
expires: Thu, 17 Mar 2022 20:37:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 5 KB
5 KB 295ms
171ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_880004-21014_6420_02.jpg&v=3&w=400&s=ZTCdxLzJGZGO0m2K8vrwxejT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6b5667cec51a0f5c658519d0153c4b97ad21b362007532e6a4cd320f3366876a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=562552
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5278
expires: Tue, 22 Mar 2022 20:09:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 5 KB
5 KB 254ms
130ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_810001-21000_1100_110.jpg&v=3&w=400&s=o3RFqr-jTBNpzTFL3klppJ0h&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6244f3cfcd398732878a39ded064ae929363a6a3e7ab85bf82be553aa5f98e8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=189336
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4980
expires: Fri, 18 Mar 2022 12:29:00 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 11 KB
11 KB 181ms
57ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_800004-23007_9702_110.jpg&v=3&w=400&s=yVeRiXscYKS-LUbDkhFWOmVM&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

28b8b834110b365952751725814eb819b2f1c80d0daeeaa5e737daa20cc44298

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=193432
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10888
expires: Fri, 18 Mar 2022 13:37:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 10 KB
10 KB 163ms
162ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_831004-26107_1102_110.jpg&v=3&w=400&s=hR-Z8MifbXH-6Ixn9ewKE2Jn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

510148802da7c7e6954decc944002291ce74be4e6c7ce00a69366fa8172a5611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=131593
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9902
expires: Thu, 17 Mar 2022 20:26:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 6 KB
6 KB 156ms
155ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_880002-21013_2050_110.jpg&v=3&w=400&s=6xkvUSX1GmV4HQpih3QnOtEb&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fb068ffdd9c31a508d131b647aff390a84ce6e8e36b747a32ff42ad0e736749f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=174653
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6230
expires: Fri, 18 Mar 2022 08:24:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 19 KB
19 KB 206ms
205ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_860014-21008_6422_110.jpg&v=3&w=400&s=9o5AGG3aFzCVxfYzVS3Oq3GJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c289fc406108cac75e6d8734f091ef3888f4955bc4ad2f0e42f7dc6fc97d41c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=202816
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 19320
expires: Fri, 18 Mar 2022 16:13:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 12 KB
13 KB 172ms
171ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_871023-26129_6422_110.jpg&v=3&w=400&s=uefwjmty-nVwgKq7RCib2iv-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b64c3dcf59748276c9650abe56dfb3a25947649a216646a26cee59c69180fb8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=462452
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12558
expires: Mon, 21 Mar 2022 16:20:56 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 4 KB
5 KB 187ms
186ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_820015-21453_9700_110.jpg&v=3&w=400&s=0k01J9vEbltGaKGjWYXKg3ML&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e799726df0d17e3865c6874570911d8eab19cbbe2a9cb063ede3655be10b12a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=120122
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4532
expires: Thu, 17 Mar 2022 17:15:25 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 5 KB
6 KB 205ms
204ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_971996-29251_7240_110.jpg&v=3&w=400&s=t9_fNqFXb0rcXQiwwd6xgGhC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

99c81b189998d41c9c4c147d7896fcbaac098b3ea79c8378421578ebf20118ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:23 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=566305
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5574
expires: Tue, 22 Mar 2022 21:11:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C4CE 5 KB
5 KB 204ms
204ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=55592&q=80&r=0&u=https%3A%2F%2Fpic.gerryweber.com%2Fstatic%2F-%2Fpdmain%2F14_820048-28812_8979_110.jpg&v=3&w=400&s=UP6mY3mgL4Z1lCx7oHUNJTzE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fa146330a9152fe59f430f45e48e8cefbf3ff23be5f54884fdeb5e90cbb09af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:22 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=189335
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5254
expires: Fri, 18 Mar 2022 12:28:58 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C4CE 0
127 B 49ms
48ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=PheSWiqA4OtIDfUABesbIB0WthdtYg4C4rdSt1PhyRWeJQG-iB0zkieBN9UAFgdhLgLxdRmmYtm9X6PA5wMx5IdyFrU9YvdYhEZDE41Bj7i4NHUVilhPUO4ucJyI2v7C9dCEZNGnkaDDocWKyZMjMwPtsSDOe4TKmG20oLW_05_wpiLD1r3HDvfKV6S9LN4NgWo2WDbuW5kPBIo5v7H7avtUkCuIxZa7Q3tCs-8LjQvGjidg2DZa2h7uw5kdefW-zfzfFQ&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 07:53:23 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C4CE 2 KB
1 KB 54ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:24 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C4CE 2 KB
1 KB 54ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:24 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 11 Mar 2023 07:53:24 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15891753755999289104/ Frame 86FB 12 KB
12 KB 70ms
70ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15891753755999289104/downsize_200k_v1?sqp=4sqPyQSWAUKTAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8ISxABHQAAtEIgACgBMAY4A0CAwtcvSAFQAFgAYEtwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhoI2AIQtAEYASABLQAAAD8w2AI4tAFFAACAPw&rs=AOga4qleQEVUG5af6AeFs5bpP6gSe5k-UQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3bb28f30eb18fab73bbd75f9139a7cf1880516c3ef866860481b1df6bc9d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:24 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12247
x-xss-protection: 0
last-modified: Thu, 17 Oct 2019 14:54:15 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 16 Mar 2023 07:53:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 86FB 0
0 86ms
86ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKXW0c5cxYsrXI5PVYqX7n8AD1a_13WbXzcvyhA3b2R4QASCX_bAqYJUCoAGls8voAsgBBqkCz6giEOllsj6oAwHIA8sEqgTJAU_QU-FyFC0TZ1J1s4W0joa1XoEbL32PtvB2RsQtVN_DuJBZifdxGu1c-FDthKiUXkmFfAKsbe6ETcrqdogrB9ocl2Ye2SqfBIA3_pqHoTY_CexcRP3W62agSSFT-OJZFRcYADyeZ4x6F0zUrmdkL1zdrcnrgVz-UaeK073eX9BzorAuxTrH8_Hvsuotjj0JQJjf7OHRw20zGDUhUO9bc1lGrpCccX-PMtTogXaknpo76SPwbLmHOkQkZ1lGeWdAURw6WJsvRjriucAEhcjEgKYDiAW6kqeFLJIFBAgEGAGSBQQIBRgEoAY32AYCgAfDzLSXAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEJ7ICaAI5BGwCALSCAkIgOGAcBABGB-ACgHICwHYEwyCFBAaDndheTJzZWxmLmluLnVhiBQL0BUBmBYBgBcBshccChoIABIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=TtOItk8ZVIw&uach_m=[UACH]&template_id=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=576&adk=3863261036&adf=3553832554&pi=t.aa~a.1376283375~rp.4&w=881&lmt=1647415686&nsk=ad52484e&rafmt=11&pwprc=5291598837&psa=1&ad_type=text_image&format=881x576&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&pra=3&wgl=1&fa=26&dt=1647417203510&bpp=1&bdt=1340&idt=1&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=zupKL72FIe&p=http%3A//way2self.in.ua&dtd=11
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 16 Mar 2022 07:53:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E9D 143 B
163 B 53ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=576&adk=3863261036&adf=3553832554&pi=t.aa~a.1376283375~rp.4&w=881&lmt=1647415686&nsk=ad52484e&rafmt=11&pwprc=5291598837&psa=1&ad_type=text_image&format=881x576&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&pra=3&wgl=1&fa=26&dt=1647417203510&bpp=1&bdt=1340&idt=1&shv=r20220314&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=4095755563836&frm=20&pv=1&ga_vid=1586093619.1647417203&ga_sid=1647417203&ga_hid=2017990453&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=1437&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531398%2C44750773&oid=2&pvsid=3443489230047294&pem=451&tmod=576887081&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=zupKL72FIe&p=http%3A//way2self.in.ua&dtd=11

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Wed, 16 Mar 2022 07:03:19 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 3005
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 86FB 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 50fb67f7716c987510655e1acb89f5dda80d7465064533b7738a2abbf6f3b1c0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3E9D
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

108ms
108ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Mar 2022 07:53:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 16 Mar 2022 07:53:24 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 16 Mar 2022 07:53:24 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 3E7B 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 21:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38092
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13666
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 21:18:32 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C4CE 2 KB
514 B 62ms
62ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5fe833c23075cb21c9eef60d0e819155ad9521ffd91998d3ce116b669e946bcf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 07:15:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 16 Mar 2022 07:53:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 16 Mar 2022 07:53:24 GMT

GET
H2 200 jizaRExUiTo99u79D0KExcOPIDU.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame C4CE 11 KB
12 KB 169ms
53ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizaRExUiTo99u79D0KExcOPIDU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:30:39 GMT
x-content-type-options: nosniff
age: 562965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:30:39 GMT

GET
H2 200 jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2
fonts.gstatic.com/s/ptsans/v16/ Frame C4CE 11 KB
11 KB 172ms
62ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v16/jizfRExUiTo99u79B_mh0O6tLR8a8zI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 09 Mar 2022 19:30:39 GMT
x-content-type-options: nosniff
age: 562965
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11540
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 18:57:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 19:30:39 GMT

GET
H/1.1 200 / Show response
luxadv.com/multishows/618788/ 416 B
460 B 189ms
89ms Script
application/x-javascript 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://luxadv.com/multishows/618788/?rt=720436755&title=%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&f=__lxG212289__720396255&scr=1600x1200&wnd=1600x1200
Requested by: Host: s.luxadv.com
URL: http://s.luxadv.com/t/lb212289_3.js?rt=72026520056
Protocol: HTTP/1.1
Server: 109.248.237.36 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1fd8fca094d5a3d34ca92ef39bb23e590d24c46b1c0f43b4c03012a91fb60502

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:45:17 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8

GET
H/1.1 200 / Show response
adlmerge.com/md/ 305 B
413 B 104ms
50ms Script
text/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://adlmerge.com/md/?lxname=__lxG212289__720396255&lx_alg=15&lx_params=rt%3d720436755%26title%3d%25D0%259F%25D1%2583%25D1%2582%25D1%258C%2520%25D0%25BA%2520%25D0%25B8%25D1%2581%25D1%2582%25D0%25B8%25D0%25BD%25D0%25BD%25D0%25BE%25D0%25B9%2520%25D1%2581%25D0%25B5%25D0%25B1%25D0%25B5%26f%3d__lxG212289__720396255%26scr%3d1600x1200%26wnd%3d1600x1200&lx_ids=618788&&f=__lxG212289__720396255
Requested by: Host: s.luxadv.com
URL: http://s.luxadv.com/t/lb212289_3.js?rt=72026520056
Protocol: HTTP/1.1
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ed4be967abce899b14ac78757f44ff9afbf6dd72b005d2078078188a50ebe7b2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:53:24 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.16.0
Connection: keep-alive
ISEU: eu
Content-Type: text/javascript

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E6DC 42 B
64 B 136ms
75ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss5UsR15A2UGWMHhUbH4fR-tu-Z_sW-Qjpfy7Q8OgweUhOAvjb6cEXu892NkAbhpkmjwFlA5WsyxIUBu1Ls79Kg&sig=Cg0ArKJSzN39jQ7scYaKEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1545001857&rs=2&la=0&cr=0&vs=4&r=v&rst=1647417203447&rpt=135&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 / Show response
luxadv.com/multishows/618788/ 493 B
1 KB 96ms
95ms Script
text/javascript 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://luxadv.com/multishows/618788/?rt=720466658&title=%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&f=__lxG212289__720396255&scr=1600x1200&wnd=1600x1200&md=7075603014602404577
Requested by: Host: s.luxadv.com
URL: http://s.luxadv.com/t/lb212289_3.js?rt=72026520056
Protocol: HTTP/1.1
Server: 109.248.237.36 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 31483d9408f3ead4e15bee6cd96c950405a0786ddfda1d2cf2714cb4fa5524cf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:45:17 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
P3P: policyref="luxadv.com/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

POST
H2 200 all
csm.eu.criteo.net/ Frame DCEE 0
127 B 54ms
54ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 07:53:24 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2

403

/
gmp.luxcdn.com/tr/
Redirect Chain

http://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm&psid=7075603014602404577&google_hm=NzA3NTYwMzAxNDYwMjQwNDU3Nw&_lxrnd_=720476421
https://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm=&psid=7075603014602404577&google_hm=NzA3NTYwMzAxNDYwMjQwNDU3Nw&_lxrnd_=720476421&psid=7075603014602404577&_lxrnd_=720476421
https://gmp.luxcdn.com/tr/?psid=7075603014602404577&_lxrnd_=720476421&psid=7075603014602404577&_lxrnd_=720476421&google_gid=CAESEN4qcRE1pbO-YMZp-GFJsOc&google_cver=1

0
0

318ms
89ms

Image
text/html

109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gmp.luxcdn.com/tr/?psid=7075603014602404577&_lxrnd_=720476421&psid=7075603014602404577&_lxrnd_=720476421&google_gid=CAESEN4qcRE1pbO-YMZp-GFJsOc&google_cver=1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:25 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://gmp.luxcdn.com/tr/?psid=7075603014602404577&_lxrnd_=720476421&psid=7075603014602404577&_lxrnd_=720476421&google_gid=CAESEN4qcRE1pbO-YMZp-GFJsOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET mtch.php
track.recreativ.ru/ 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 62DC 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu94i8xXsd93E2YWDeHG7gEDve2jEuSpI1EGHDHH-VV5tU0sEgFMzy12Uk35XwifjVY7MyJTGl_-88vNfp_-hS6&sig=Cg0ArKJSzB2Lxk3qkzQcEAE&id=lidar2&mcvt=1000&p=0,0,280,878&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2007858151&rs=2&la=0&cr=0&vs=4&r=v&rst=1647417203022&rpt=841&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C4CE 0
127 B 48ms
48ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 16 Mar 2022 07:53:24 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 64ms
64ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 63ms
63ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 69ms
69ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220314&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b02ffbe0a3ec4b69978f826070ffa40e7a5b9efb2f19383e664faf36cf8afff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 16 Mar 2022 07:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10567
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 64ms
64ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 16 Mar 2022 07:53:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 778A 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Mar 2022 07:08:10 GMT
expires: Thu, 16 Mar 2023 07:08:10 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2715
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A698 783 B
536 B 64ms
63ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d0f473ae8ecc085384e7d3090079ef65abf167a60d1141b7a8ac69d6bd26902

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YMa+C7jGklYuM49gbCE4JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 16 Mar 2022 07:53:25 GMT
date: Wed, 16 Mar 2022 07:53:25 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-YMa+C7jGklYuM49gbCE4JA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js Show response
pagead2.googlesyndication.com/bg/ Frame 778A 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hm737X7NyeLn_y86DHPNXi0zOAiQK-KndTMCkSr2i9Q.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 21:18:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38093
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13666
x-xss-protection: 0
last-modified: Tue, 08 Mar 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 21:18:32 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A698 0
0 108ms
108ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220314&jk=3443489230047294&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 778A 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gEDFfQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 16 Mar 2022 07:53:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220314&jk=3443489230047294&bg=!lZalltLNAAZgliNcYJY7ACkAdvg8WiSs60C-jjtBlEQqeXzM0B5ww68B3aByIpOFwdd2ogCgD1xW9AIAAABLUgAAAAJoAQeZAqIdKU4xh_-WhYEVDPPp1Hksh2YKvFX-qrL-f8hi6P-oaBKBXhOT1CR_OjX7htJMZq7wb5XbjVRlZFhrZiT-H-yWZyE5cVrewiI_ewF4kfWHLuPRrE-ggc6xK0ujc43ZnY6LZ_4GIJ-fVcKcUF2paQGSEIrvdPMXJD5HbyfDZ1uCCE_PmQo97RSGyUuMWXmquL05FjzoUPHOfqCix0NwF9rCcWzqSFQLjc09RV7pSDM43r9Fq1R0vGlpODJxiog3dyCrXaYddU4BaH8ty-gYKk5ToMwtER8KF-BNH6sgVCwvkVhrgX2tokdWcBUI_lCj9xMmHuDJ2PxHNpPchj5EimpffjRB3K7zGYjKdENohWbjcPBbN6JHdAPyWkO4Tl9GD3QR9tOpEQI4Bc331xhGOyIa7OsS_wcfG1BJrLQEloRIjJx_I8yqzoSNebTLYlbfq3PFnEDtKDXFWFZ9T8xgT9X1mU2d8Fn_dgTGvaQ5t6MIfYGexBboLT7B6R3Eaa54DtQBNNXcsi72x909LjV6KAoy9ozNiUwJ63n_asN3UAMOgro21RKbbf5ZSDRv0yzXhMgriY9wPbgLLc0DuuXpucIN3VA7xGeRCCxZfbHm393kRdHP-2g5b6UF7noDPZ-4BAXitkhkMXqIKY0U7Z8zLXlJRhbWv_-7AHwMFz2VXWVeS7h7Dak1db6qRrbX663QjWGgGovCAjYqNqFOD4P6WjMsjEa8E_I1AJ-ArjZOHndW2Tm57NStnO-y88xVi47gA4JPMIP_0-4iB8s27UT9RFI0BDOnOSQYb1FxpFQU1Zy0dAKZiqmQu3qz8Lf9w17Za9GtpVxgWeMPOwYi5LiMCFItpdgM6BnxrVVCDeAfXTHXsui3sn8DdH3WEoGDHEw3vJ9CWA

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Wed, 16 Mar 2022 07:53:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 / Show response
luxadv.com/npm_mobile_atf_problems/ 0
137 B 91ms
90ms Script
text/html 109.248.237.36
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://luxadv.com/npm_mobile_atf_problems/?rt=720776656&loc=http%3A%2F%2Fway2self.in.ua%2F&ss=1600x1200&sid=212289&type=adsense&h=280&w=878
Requested by: Host: s.luxadv.com
URL: http://s.luxadv.com/t/lb212289_3.js?rt=72026520056
Protocol: HTTP/1.1
Server: 109.248.237.36 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 16 Mar 2022 07:45:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.recreativ.ru
URL: http://track.recreativ.ru/mtch.php?nid=6&psid=7075603014602404577&_lxrnd_=720476416

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.way2self.in.ua/	1970-01-20 10:22:33	Name: _ym_uid Value: 1647417204991747448
.way2self.in.ua/	1970-01-20 10:22:33	Name: _ym_d Value: 1647417204
.way2self.in.ua/	1970-01-20 19:08:09	Name: _ga Value: GA1.3.1586093619.1647417203
.way2self.in.ua/	1970-01-20 01:38:23	Name: _gid Value: GA1.3.1383151289.1647417204
.way2self.in.ua/	1970-01-20 01:36:57	Name: _gat Value: 1
.yandex.ru/	1970-01-20 10:22:33	Name: ymex Value: 1678953203.yrts.1647417203#1678953203.yrtsi.1647417203
.yandex.ru/	1970-01-20 10:22:33	Name: yandexuid Value: 227714941647417203
.yandex.ru/	1970-01-20 10:22:33	Name: yuidss Value: 227714941647417203
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1547914891647417203
.yandex.ru/	1970-01-23 17:12:57	Name: i Value: IL7Z0ex7E3iqA/fXA5CWQQghdndHWgMC0nduvcqMB6cBlKVcXlYwVLbcbcXPA5CJZYkMIKOtjInWvHJgO4Oz140LIy0=
.way2self.in.ua/	1970-01-20 01:38:09	Name: _ym_isad Value: 2
.way2self.in.ua/	1970-01-20 10:58:33	Name: __gads Value: ID=907e8866c9df438a-22e818ab5ecd002d:T=1647417203:RT=1647417203:S=ALNI_MY9QCdN9OyWawT-Xf9QsdGseVvflw
.way2self.in.ua/	1970-01-20 01:36:59	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 10:58:33	Name: IDE Value: AHWqTUkVL9Vr22p6n3stj-qW6kQCbXB0vg7VBHvkUiO7wOSpKk7INNVxpZTkfufqOjU
way2self.in.ua/	1970-01-20 02:20:09	Name: __lx212289_load_cnt Value: 1
way2self.in.ua/	1970-01-20 02:20:09	Name: __lx212289_load_tmr Value: 0
way2self.in.ua/	1970-01-20 02:20:09	Name: __lx212289_load_tmr_pre Value: 1647417203964
.mc.webvisor.org/	1970-01-20 01:36:57	Name: sync_cookie_csrf Value: 2574158587fake
.mc.yandex.ru/	1970-01-20 01:36:57	Name: sync_cookie_csrf Value: 3369868818fake
.webvisor.org/	1970-01-27 08:48:57	Name: yandexuid Value: 227714941647417203
.webvisor.org/	1970-01-27 08:48:57	Name: yuidss Value: 227714941647417203
.mc.webvisor.org/	1970-01-20 01:38:23	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 01:37:00	Name: DSID Value: NO_DATA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://leokross.com/_yMj/LQ.js Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: http://track.recreativ.ru/mtch.php?nid=6&psid=7075603014602404577&_lxrnd_=720476416 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://gmp.luxcdn.com/tr/?psid=7075603014602404577&_lxrnd_=720476421&psid=7075603014602404577&_lxrnd_=720476421&google_gid=CAESEN4qcRE1pbO-YMZp-GFJsOc&google_cver=1 Message: Failed to load resource: the server responded with a status of 403 ()
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20220314/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271802&client=ca-pub-5667294504565912&fa=2&ifi=10&uci=a!a&btvi=4&xpc=7ZYAU142oQ&p=http%3A//way2self.in.ua Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100widgets.com
adlmerge.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
bituk.media
buki-repetitor.ru
cat.nl.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
coincryptobase.com
connect.facebook.net
csm.eu.criteo.net
dachnaideya.cx.ua
fainaidea.com
fonts.googleapis.com
fonts.gstatic.com
gmp.luxcdn.com
googleads.g.doubleclick.net
img-cdn.tinkoffjournal.ru
informer.yandex.ru
kliningovyj-raj.ru
leokross.com
luxadv.com
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
podosinki.su
pxxifc.com
rtb.fr.eu.criteo.com
s.luxadv.com
share.itraffic.su
static.criteo.net
sundays.by
tekhnotop.ru
tpc.googlesyndication.com
track.recreativ.ru
way2self.in.ua
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.podosinki.su
www.way2self.in.ua
track.recreativ.ru
109.248.237.36
109.248.237.37
109.248.237.52
116.202.113.101
142.132.202.70
142.250.186.98
142.251.36.34
154.47.36.96
178.172.137.201
178.250.0.139
178.250.2.148
178.250.2.150
185.230.90.30
185.233.39.242
193.176.1.9
2606:4700:3033::ac43:9890
2606:4700:3035::6815:3460
2606:4700::6810:125e
2606:4700::6810:5914
2a00:1450:4001:803::2003
2a00:1450:4001:809::200a
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2004
2a02:2638:1::11
2a02:2638:1::3
2a02:2638::2
2a02:6b8::1:119
2a03:2880:f01c:216:face:b00c:0:3
2a03:f480:1:26::70
62.109.27.135
62.76.25.28
79.171.117.17
81.90.181.184
92.223.84.84
95.211.66.35
95.216.99.229
041d0bfd5e5587f4e66e409ad9205d2ed8ead9582e3afb98611044380816108e
0799ff9c9d79d1697e478cdfd1eef0ab653be77f2384dce5c708f7ac576cc5d3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a264600d83ffd1cfd71394e8a4dce3e7ea62f66e89326d3d3d80dfa634a0b23
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
10ec92c208b6fc37debc72d7ccf07fea520d7e251be06b022e3982bfb5707ff6
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
154d6b9ef9acb788970a8dd3ea34b2e752356cb3dccf87f69f5dcaaf6547ef99
17830f4c96e1949e1d48c60c12ce45533ed0276f1310ebc083acc2c59a280af3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1ce74486e1edf5e3a7f3d0235aff5fd17b7fa0c7832648ab170a516bb1b804a8
1fd8fca094d5a3d34ca92ef39bb23e590d24c46b1c0f43b4c03012a91fb60502
27008ef6af777bd6183b0d9c556e6a354eb66d5fa6cf3c899a36c34fc0511c6a
270307c80dde50ae8f690c7a3b2b8597d98623311f93681ab5189e179df61402
28b8b834110b365952751725814eb819b2f1c80d0daeeaa5e737daa20cc44298
2a4b85ca6dd780bb8c0251e81cb94d07a11333c041f1e64bbe95b7a945383b53
2a8f0811b2a405ccd7eb97f17a76475f6a21ee3e8d4ae71c70edeb8ed411b7a0
2b02ffbe0a3ec4b69978f826070ffa40e7a5b9efb2f19383e664faf36cf8afff
2df0e8e6346213594aa9eb68c498aa103b536488e595986fa2bc8e80313b1a5e
31483d9408f3ead4e15bee6cd96c950405a0786ddfda1d2cf2714cb4fa5524cf
32eeddbab9c7020f368b014cf95221d0f0749c743f642dbb7a64d1cb1e08e7bd
3a8d61ec4f9d08132d1e4d1dcd8fbf220c50d294ce07242737bc315562f2880d
3d9bbdd5d648c50edcc5137d4170d1a4b3dbea2d3aa208e3fcc30d223fbacfb3
412f00c3a725fbbf769e7e3d92ff6ac33e5a430d3070d488aa52793b7855cbf2
429a39b5d5be375d2ef17c332187e24d6a34dfdc2f3ea1b3d39d892d423e449d
42ac47f3a798fe75fec61a395982ba9d6634e591b87ff15a3eef84c29e3dc47b
47ce3c24868b765fc95084c48865eb57cb2432ccc2e5f7f59b2ea60f1efac459
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea65470b3930c46d36c89f4f3db45b677fb3c15b820de53959ce66ad4112d59
50fb67f7716c987510655e1acb89f5dda80d7465064533b7738a2abbf6f3b1c0
510148802da7c7e6954decc944002291ce74be4e6c7ce00a69366fa8172a5611
5343d3e721695927d444d88f94ffa3c0711ec7cd144cb010d8fc32f987ee3794
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550ac245106b0935f2d104288a7d91bf63c38cf89e938ccbd19080f3ee22a727
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c8af399a12f28c36938648be0431364025c6ebc9b1cf71e9f2db60916c65e9a
5fe833c23075cb21c9eef60d0e819155ad9521ffd91998d3ce116b669e946bcf
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6244f3cfcd398732878a39ded064ae929363a6a3e7ab85bf82be553aa5f98e8c
62c1d2d7f52a3be9a85805bd51f23876208cff50d4e881419bd3f6ea482d25dd
6783f995a99a145887cc8b968014b114e2d86a2910424fdd8cde586b97e416e1
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69173170d4def371a7052bebb9decbec783ef216326ccd2a88e522aed39cced6
69af8f03fec4fb309175f207aa80356766125f5fdfdcd65a34ce077e1dc2486b
6b5667cec51a0f5c658519d0153c4b97ad21b362007532e6a4cd320f3366876a
70708a7d514e266724d0fb9c60de193b787e87150cc4db1225e8a425059ac8a0
734944665ce14cd73676823ba2f40328031c9e1d3f118b2efb8e8d9e3cde7df6
77a420b5cfbd4fe93b9c0998f9063c8b41715ff38f43b23b61a19537003b3d90
79eb2eb16e9551b79e36e2e0ca5bc7baa2db0840a73d298918b95389e5d28900
7a3def7f9a27e845979af3e7c0543d2c68f1def9f0a4170aff70215eca18a491
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b9c44cf87a0ef3fb6de18543dc2d3bf2864b52d385f4bdcf1834ae3df4c44a6
7d0f473ae8ecc085384e7d3090079ef65abf167a60d1141b7a8ac69d6bd26902
84283b0271462df7595314fa8ab57070ed633174a851712bed2bfd8e6bd92117
8572c258d3889163b189d01120b0f12cb115cdab19cc9e278d2b192625cf9fe9
866ef7ed7ecdc9e2e7ff2f3a0c73cd5e2d333808902be2a7753302912af68bd4
8e3c6e248982891ab792ecb1863b9b3f040cfb76cd6213748cb423d580b4c323
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
913b157f2689c81cfbf6940661dad51919048b2af4edfd4b956eeda00850a42d
96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a
97212b12104c856919d44f21b8cbecd7397e7ef9e698fa6a14b692a5408c302a
97489a066c570fc26deaa9bb249abb85eec1125074225455320dffd095708a95
99c81b189998d41c9c4c147d7896fcbaac098b3ea79c8378421578ebf20118ef
9f0290c06f2c6f64d0ee106a94fa8b5416ae10ca75e8d90ed3cdc8e0890af8c0
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a33dc1826561a14af9a87d79e04d9b9d3680e3315576632976051b7d81fce7d5
a442100377d2c7c94c3608a7a785ec70c87b849c6c1faf78757939f9d4c970ed
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ac529d240812c2725fdb0d65eeb2863c8523a42a9a684068b1620071a9b3af
a6acbcf8b6f128cd689868adc2787451f6114be57992ace33b325235ba24d207
a6e8aec7ccc3eb5c11b1b26ddb6d10bffafd6c57f9841e8c8d2a7a869ff696d5
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09
a95e6d36b8b30fe8fc06e6c77cfd7490c714a01bbf1fddb0eedff7cb2f2bd3b1
a9928921bcce9e4f9c2596d8e2fd221b690dc553d495379ba0fe3096defc8005
b217f97e7f97b281bb08025dadf7837e95fa946130f023e517727fea164cac4b
b3f6c6b1ecd1c79b3289035b660e537b8010d86ae9d5663b93d80019e6061716
b5026639059f689fcceeddefe8af1a6e26e5642a0fe1efaf02db641d97ca5b1f
b64c3dcf59748276c9650abe56dfb3a25947649a216646a26cee59c69180fb8f
b6636658309daf40633373d068662f1e248e0e5cc0131786b436074456cb88ad
b695d9830a2b48958c6d07e506491128bee7038ef2504d8e13b3035d5e8d3073
b91d3b081a858473f2923c4a8e4a3ec66216b151194ded0cc4fc3b12a94e53ad
bcf0a15d58ec1ff3c24a98a256f779944de437b2baefd7529bcb4f916570740b
bdce8240faa329694e135c231ab826d85476a22e2bcde581b424edfde6f1d103
c289fc406108cac75e6d8734f091ef3888f4955bc4ad2f0e42f7dc6fc97d41c2
c32ac75fbb0b160a61a5d36832809c3ba63e6e2ec42abfaf89ab85dc58ec1ec4
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c571c146ca5e8750a690ee9e2fe076f51e37aebcfbc50171d5f85d66e355a6fd
c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55
c89c272c7d8ed523e0a0c8a042792c4dfca11e0c6439ecd254e0ccb482688f5f
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20
cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78
cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad
cfd76f8f2b5ed21afc907b2a26e5a1bad5664c9e6deaac474b7e6790354bd282
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d3bb28f30eb18fab73bbd75f9139a7cf1880516c3ef866860481b1df6bc9d803
db8d470fcb7b5fe2a19a10083ea345b5e9f5e92bf3d62465fac44c73ef703449
def453926bf1e0d62bf8a4cf5c409dd333a049f547e470a509cc738bede438c7
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4990d3e0028e6fbbb2a40f6413bd248421fad4d0f9542e49ebaf9e6da2e5583
e54b12f091001a29558f0c4c6e33fe512f71ba0215fc6630f6afc159f2ba40a1
e6831904cf2298ee15feee85c0b196c0d88093c1cd8ed30706006b0016a7401e
e6e1284d2ce667924893626aacaef2c5443004df198d4748acee01e633caba95
e799726df0d17e3865c6874570911d8eab19cbbe2a9cb063ede3655be10b12a7
ea6d4038f3e7890578d10ef56cbeff70b7274b31f1c0857573aada9dc58c7e76
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ed4be967abce899b14ac78757f44ff9afbf6dd72b005d2078078188a50ebe7b2
ee98562eed7d7a378016b2d3f26f8dd8242440049855b277341248a0b42e5291
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe60d3132396e59045e15ed5c74035c98ac27b363af49041b12706746af8b52
f80fa0ea09ea82e3451b6fd5071b77d4ee4433f2efe99fe9867303b809e43541
f8eb742ef3ade58a79b66d4ef9210dd98769adb25f83929d7600122013cd9130
fa146330a9152fe59f430f45e48e8cefbf3ff23be5f54884fdeb5e90cbb09af0
fa299f977b0c6d1ae285d7dc7d4b17876f8b6ddc063eefa410dc1d0fd1116908
fb068ffdd9c31a508d131b647aff390a84ce6e8e36b747a32ff42ad0e736749f

way2self.in.ua Open in urlscan Pro 2a03:f480:1:26::70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

188 Requests

69 %HTTPS

48 %IPv6

35 Domains

47 Subdomains

42 IPs

10 Countries

2841 kBTransfer

5338 kBSize

23 Cookies

12 Outgoing links

Redirected requests

188 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

way2self.in.ua Open in urlscan Pro
2a03:f480:1:26::70 Public Scan

Screenshot
Live screenshot

Full Image

188
Requests

69 %
HTTPS

48 %
IPv6

35
Domains

47
Subdomains

42
IPs

10
Countries

2841 kB
Transfer

5338 kB
Size

23
Cookies

188 HTTP transactions
5 data transactions