goroh.pp.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://goroh.pp.ua/
Effective URL:
https://goroh.pp.ua/
Submission: On July 11 via api (July 11th 2022, 5:04:54 am UTC) from GB — Scanned from GB

Summary HTTP 50 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 15 domains to perform 50 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is goroh.pp.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 26th 2022. Valid for: a year.

This is the only time goroh.pp.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0b::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
3 4	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
50	20

5 2a06:98c1:3120::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

goroh.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.88 (Amsterdam, Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	270 KB
12	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 54 stats.g.doubleclick.net — Cisco Umbrella Rank: 119 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 287	45 KB
5	pp.ua 1 redirects goroh.pp.ua	26 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 608	4 KB
4	gstatic.com fonts.gstatic.com	70 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 244	3 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 8	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 49	20 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 276	205 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 179	43 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4608	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 867	644 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 96	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 71	2 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 89	40 KB
50	15

	Domain	Requested by
12	pagead2.googlesyndication.com	goroh.pp.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	goroh.pp.ua	1 redirects goroh.pp.ua
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.google.com	tpc.googlesyndication.com
1	s0.2mdn.net	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.facebook.com	goroh.pp.ua
1	fonts.googleapis.com	goroh.pp.ua
1	www.googletagmanager.com	goroh.pp.ua
50	20

This site contains links to these domains. Also see Links.

Domain
t.me
www.facebook.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-26` - `2023-05-26`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-04-19` - `2022-07-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-06-06` - `2022-08-29`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://goroh.pp.ua/
Frame ID: 680A6A85C219AE325C0C94D0690D930A
Requests: 23 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgoroh.pp.ua%2F&width=174&layout=button_count&action=like&size=large&share=true&height=46&appId=950174432075014&locale=uk_UA
Frame ID: FA89D91D843AF8B896E2DAF4F340D254
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220706/r20190131/zrt_lookup.html
Frame ID: 70CE646CCD55B8055339BB391019D92F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&adk=1812271804&adf=3025194257&lmt=1657515889&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgoroh.pp.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657515889627&bpp=3&bdt=410&idt=323&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=833155212262&frm=20&pv=2&ga_vid=2091941842.1657515890&ga_sid=1657515890&ga_hid=408758508&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44766559%2C31068332%2C42531608%2C31062931&oid=2&pvsid=4421112029080053&tmod=1751386217&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340
Frame ID: FDEC24592D509E051A9C2E31385A7F9B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1657515889&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657515889630&bpp=2&bdt=413&idt=345&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=833155212262&frm=20&pv=1&ga_vid=2091941842.1657515890&ga_sid=1657515890&ga_hid=408758508&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44766559%2C31068332%2C42531608%2C31062931&oid=2&pvsid=4421112029080053&tmod=1751386217&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ezppSSCMjE&p=https%3A//goroh.pp.ua&dtd=351
Frame ID: D725422A681D1FDE84DE21EB40F6733D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGMmots0BMAE&v=APEucNW7fkicT36Bkfsu8s6eqYFkKc0E_5s-7TGanX08F8frUdc8wddDPlanGfwIhuEhGIV43dCExuPgQrILE_mVP6uZENJzZDMJvjcScG_msnUfYyvshnpm8LmTlPeyyQnr3ay4P5M9WZPKEa4AFIBrDOXJPqNuuUprL8_jF9n_nQrSh-Qnq4s
Frame ID: 039E387EB3DB4A34F2E080BA17914151
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6854941E1BC4117856CCF5A72A89B5A0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 39019CA21C75D46BF6DB69722CAF9150
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C77FD1B47184B014A3A3444481A69869
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Про сайт | Горох — українські словники

Page URL History Show full URLs

http://goroh.pp.ua/ HTTP 301
https://goroh.pp.ua/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

50
Requests

92 %
HTTPS

74 %
IPv6

15
Domains

20
Subdomains

20
IPs

5
Countries

727 kB
Transfer

1467 kB
Size

11
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/goroh_bot
Title: телеграм-ботом

Search URL Search Domain Scan URL

URL: https://www.facebook.com/goroh.pp.ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://goroh.pp.ua/ HTTP 301
https://goroh.pp.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGGES_HoayTnT0-i4AsRAOw&google_cver=1

Request Chain 30

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsuvcuA69YyaF2qE1A252QAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVZlDv_0KJEZiLaYM8I8f4&google_cver=1

Request Chain 31

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEAzWZlJZUXXcqcgA6dmiLyU&google_cver=1

Request Chain 32

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4NjU2NjU5ODIzMDUxNTMzMw%3D%3D

50 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
goroh.pp.ua/
Redirect Chain

http://goroh.pp.ua/
https://goroh.pp.ua/

19 KB
6 KB

400ms
309ms

Document
text/html

2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goroh.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8274241d349ddf1c066a4cfc905ad49b5dfc9176b174fb5863e6ae007e0ca949

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 728f0021c84e7433-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Mon, 11 Jul 2022 05:04:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ANKG3K0qud%2BDI%2FYnLNouyKaTwJmZGqTTrzwhD9hrEQHsrVhlMpcRyAipvBRqrMoYUD3pLd0sqjmAjVKEAcYf3zn%2BfxXM9SsBBAtOvSyFIpCUalZwfruiGMO2%2BSdf2X8hKetT07F3uI1%2FoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

Redirect headers

CF-RAY: 728f0020eb9c71b6-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 11 Jul 2022 05:04:48 GMT
Expires: Mon, 11 Jul 2022 06:04:48 GMT
Location: https://goroh.pp.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IHp3%2B3ysqOSeqqxkb1aayfuKpu84WVyw2Do8QVABED0DHyFPM%2Fwn8BtTmGcvELfrglPPj7xQE%2FVBnzSheiwSsPYOPsWUVUHmmhyJu%2FRr0sUzGtDK9ExPkX2uS5Jr5eKC%2FbeaUp%2FJSRk82A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 site11.min.css
goroh.pp.ua/css/ 45 KB
13 KB 56ms
55ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goroh.pp.ua/css/site11.min.css?v=36
Requested by: Host: goroh.pp.ua
URL: https://goroh.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c7110dd63ccd4951c07280944478233d13db3547c7c309094338fb76f0e6498

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 25 Oct 2021 13:17:26 GMT
server: cloudflare
age: 486295
etag: W/"1d7c9a2a755c4c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UzxgwFq%2BvPKTYhg%2B1jla93Un%2FnRV5kFUc%2BJgugGqDiePry6zTTrqwtCW4dQh3A66dJZJads4lzsGZtvwlep6ObdxMIthy%2Bz6IC3qU%2F2qk8N%2BMcPwUmUmSXzdbdsL%2FkZ9budRyhsF5ErpYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 728f0023cb747433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 287ms
66ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-145685605-1

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

52cf572ed8b0862d32df0be8765819a2eebae29d0547f1f8977d7e2146b8522b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40329
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 11 Jul 2022 05:04:49 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
56 KB 251ms
88ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d48656fa207711b3a8482cbd2e27c09bde50ea93a0e9db8dcccc4a91f9e7ed5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56405
x-xss-protection: 0
server: cafe
etag: 14868713819400532448
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 11 Jul 2022 05:04:49 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
2 KB 285ms
65ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,700,800&text=1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz%D0%90%D0%91%D0%92%D0%93%D2%90%D0%94%D0%95%D0%84%D0%96%D0%97%D0%98%D0%86%D0%87%D0%99%D0%9A%D0%9B%D0%9C%D0%9D%D0%9E%D0%9F%D0%A0%D0%A1%D0%A2%D0%A3%D0%A4%D0%A5%D0%A6%D0%A7%D0%A8%D0%A9%D0%AC%D0%AE%D0%AF%D0%B0%D0%B1%D0%B2%D0%B3%D2%91%D0%B4%D0%B5%D1%94%D0%B6%D0%B7%D0%B8%D1%96%D1%97%D0%B9%D0%BA%D0%BB%D0%BC%D0%BD%D0%BE%D0%BF%D1%80%D1%81%D1%82%D1%83%D1%84%D1%85%D1%86%D1%87%D1%88%D1%89%D1%8C%D1%8E%D1%8F%CC%81%D1%9E()%C2%AB%C2%BB{}[]:;%E2%80%9B%27.,?!%22%C3%A6%CA%A4%C9%99%C9%AA%C9%9C%CA%83%C9%94%CA%8A%CA%8C%C5%8B%C3%B0%CE%B8

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aede6403a593039d4b953c0ac49479c3f52764195002d34daa36fd0844e4d675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 05:04:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Jul 2022 05:04:49 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 11 Jul 2022 05:04:49 GMT

GET
H2 200 site5.min.js Show response
goroh.pp.ua/js/ 8 KB
3 KB 52ms
51ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goroh.pp.ua/js/site5.min.js?v=12
Requested by: Host: goroh.pp.ua
URL: https://goroh.pp.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e922a63216b81f8eaf1a82bedb7f2eb5c88140d74eacd78e10c609422c05d27

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 13 May 2022 10:09:43 GMT
server: cloudflare
age: 193149
etag: W/"1d866b190ae1301"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tNpHhFeXhOTAuGisL8GZpApVP4WO%2Br%2B5dUnBru%2FDl9YHS00ioZ73J%2BBj92AhOv9QQ%2BtmA8UNMUJjVLCRls%2FPfg2nJvQ87gFL2l8lOZrCiD1xSZbUM7Owoi2sZpwR6sWwc6tlXTf2G%2B4M3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 728f0023cb767433-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sprite.svg
goroh.pp.ua/img/svg/ 6 KB
3 KB 56ms
56ms Other
image/svg+xml 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://goroh.pp.ua/img/svg/sprite.svg
Requested by: Host: goroh.pp.ua
URL: https://goroh.pp.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6f5e59627b28dffa37fce186367a7df4b6d99943597b878f8c2e5474eabcc96

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:49 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 11:34:14 GMT
server: cloudflare
age: 578891
etag: W/"1d71a584a7ee9eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPCB6yGkZXHbVGoZtu%2Fy5zebBV0UVUidYaBLMcf1JW%2F8SvqD8yZm%2Fr4AUZeyBFBkzh5%2FTTgXCrVglQ80KjlcdFUAMdkPiUZ1TAI5dRTEAUvJluJ%2Fk9%2FrE541oe2BXBTUtMduJw2HZ87ACQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 728f002428587732-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aca3e0e1ee0b3f5ea6b4e61b81e54f9e9b9a1461b769d669e57718becb54ea69

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 505 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d86dc05b5341818e644c1c2b35df377c8046f482bb91c0c9d96fa2b4717825f2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 like.php Show response
www.facebook.com/plugins/ Frame FA89 0
3 KB 210ms
79ms Document
text/html 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=https%3A%2F%2Fgoroh.pp.ua%2F&width=174&layout=button_count&action=like&size=large&share=true&height=46&appId=950174432075014&locale=uk_UA

Requested by

Host: goroh.pp.ua
URL: https://goroh.pp.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html;charset=utf-8
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 11 Jul 2022 05:04:49 GMT
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=3,i
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
x-content-type-options: nosniff
x-fb-debug: QeO2dfzCHr4M0wKZ+Gl5cje8hYMKB39SB5aZtSGjMRMgNAy69Ckim1YZJ4fxUki64dDFDGoimAmUdfHcrRQBIA==
x-xss-protection: 0

GET
H2 200 font
fonts.gstatic.com/l/ 17 KB
18 KB 170ms
54ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=pe0qMImSLYBIv1o4X1M8cfe_MQ5pUnYPf7hT5Zft62wIiq2BoYI4FMo8wtmVjB3DFBpnkdfHq-QiNrwpfOMjyxZfRDEa1RdDb5JazWU1ufLxxBMPfaJ82WByE_gid8nhSMcxuWjClZhxuIgGBDKGIe6owenLNVrhV8ZE3f-4lBHxGw_hxtt3VfEeZKYzhRhywv57dmcCxqCgwrv6VWKquqjsMk3f3Oci6Y4heGNpYY4kJKGlDHit6hF_0nTrClPJPin3IOOlfb_bkasu2GR5fJ3G5m63Eh7COoIPALr1jSjXigF3hfqvZ0H8ukQrhk2KDL-nujPT5dTRClh3RVL80AWkQmsJMgd3cMNHUAPbPIsCOlAHq8svrNvEJ0lsH-MvJnNgXJf7hhu1FCbMjeRv9zn0JKjNQob6QTEwETFIZFgqpDncsaxWDHzP2jv7L3yQBvUHi484hY6Df5AJNI3K30U1JcCt6M-5oZjMqYuldR_DQkQYa1fhpB-_KYM9yzXg5O-d8OqvDraOo9VtV0NHmL4YNdwbZSifSyZCTdXUyCJXM9vPm2fk119-8K_RzI7ruZU2Pr89WJLxHDiYeG6FS1RRseyX428buFQyt0VValZXSHDaVoizCIVWiK9ITabFE12LENk&skey=60bfdc605ddb00b1&v=v12

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Nunito+Sans:400,400i,700,800&text=1234567890ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz%D0%90%D0%91%D0%92%D0%93%D2%90%D0%94%D0%95%D0%84%D0%96%D0%97%D0%98%D0%86%D0%87%D0%99%D0%9A%D0%9B%D0%9C%D0%9D%D0%9E%D0%9F%D0%A0%D0%A1%D0%A2%D0%A3%D0%A4%D0%A5%D0%A6%D0%A7%D0%A8%D0%A9%D0%AC%D0%AE%D0%AF%D0%B0%D0%B1%D0%B2%D0%B3%D2%91%D0%B4%D0%B5%D1%94%D0%B6%D0%B7%D0%B8%D1%96%D1%97%D0%B9%D0%BA%D0%BB%D0%BC%D0%BD%D0%BE%D0%BF%D1%80%D1%81%D1%82%D1%83%D1%84%D1%85%D1%86%D1%87%D1%88%D1%89%D1%8C%D1%8E%D1%8F%CC%81%D1%9E()%C2%AB%C2%BB{}[]:;%E2%80%9B%27.,?!%22%C3%A6%CA%A4%C9%99%C9%AA%C9%9C%CA%83%C9%94%CA%8A%CA%8C%C5%8B%C3%B0%CE%B8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d547bcf0f8bf51c3c8c5c0d3561306f9d79e31f5ac232788738b72508ed26e0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goroh.pp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 22:01:06 GMT
x-content-type-options: nosniff
age: 25423
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17520
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Jul 2022 22:01:06 GMT

GET
H2 200 font
fonts.gstatic.com/l/ 17 KB
17 KB 233ms
120ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=pe03MImSLYBIv1o4X1M8cc8aBf5vQYQrdrNY447w928NjaiCrI01F8xHu6WQixjAGRVqktLAruc_KaEqeeQmyBtQSTIe7i59apVfzmg6tPH0wxYMYL1h2mV1FvsveMTiTH_hBhGq1uA2-sJBTHjIaaLmkaWeZQO0CJ8agp3m83OUfGWErrEZPZ1wF8pD9m0Cu4sEDxl9utnhufy8FyXp-PivYx2Fjbx4gdVIEB4AH_JjW-DjQjnmpFs0gz67WwyZYHaefovMANen7NRQihkmLO6ZlB3Nbk22at9aUNmjx0iXw0c367rkDwux_gxf3gLiX-7z6WWHsoKNXQYrBQy9kEflASlNcUIzNoYAFkucdcNIcxtN54Bi4JWJaAccUJJfVAITLuOI82_DYVG69ZMWj0WNWtSyPOaFIFFScFIqADtPwF-51so-axWnsFKQRRD7a5lp5uBX1eDTLsNZZt6fjRFgcpT7v5bv-cGR8dT4K0CDHAZYLhWm4Vn4ZMVyhXSsp6zOsrv9TefM4JQvFwIC2PpdephVKmXRB2s1AaOjvVQjRri7-QSDtTkrm7zRzI_ruZw2Pr49WI3xHDmYeGGFS1VRsMeX424bu0Myt0RValFXSHHaVoGzCIRWiLVITZ_FE1yIKu2ERSM&skey=455d87138f5ce23c&v=v12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a704058593912a150b331f58ff19eae7a100383cc647f6f88d1098c8dc928d8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goroh.pp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 22:01:06 GMT
x-content-type-options: nosniff
age: 25423
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17736
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Jul 2022 22:01:06 GMT

GET
H2 200 font
fonts.gstatic.com/l/ 17 KB
17 KB 252ms
141ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=pe03MImSLYBIv1o4X1M8cc8GBv5vQYQrdrNY447w928NjaiCrI01F8xHu6WQixjAGRVqktLAruc_KaEqeeQmyBtQSTIe7i59apVfzmg6tPH0wxYMYL1h2mV1FvsveMTiTH_hBhGq1uA2-sJBTHjIaaLmkaWeZQO0CJ8agp3m83OUfGWErrEZPZ1wF8pD9m0Cu4sEDxl9utnhufy8FyXp-PivYx2Fjbx4gdVIEB4AH_JjW-DjQjnmpFs0gz67WwyZYHaefovMANen7NRQihkmLO6ZlB3Nbk22at9aUNmjx0iXw0c367rkDwux_gxf3gLiX-7z6WWHsoKNXQYrBQy9kEflASlNcUIzNoYAFkucdcNIcxtN54Bi4JWJaAccUJJfVAITLuOI82_DYVG69ZMWj0WNWtSyPOaFIFFScFIqADtPwF-51so-axWnsFKQRRD7a5lp5uBX1eDTLsNZZt6fjRFgcpT7v5bv-cGR8dT4K0CDHAZYLhWm4Vn4ZMVyhXSsp6zOsrv9TefM4JQvFwIC2PpdephVKmXRB2s1AaOjvVQjRri7-QSDtTkrm7zRzI_ruZw2Pr49WI3xHDmYeGGFS1VRsMeX424bu0Myt0RValFXSHHaVoGzCIRWiLVITZ_FE1yIKu2ERSM&skey=cc2992921884e495&v=v12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32a1873e03567492d5bc422049a61826bbb464bc1a1e9b71d32b2f0fccdcf651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goroh.pp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 22:01:06 GMT
x-content-type-options: nosniff
age: 25423
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17676
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Jul 2022 22:01:06 GMT

GET
H2 200 font
fonts.gstatic.com/l/ 18 KB
18 KB 178ms
71ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=pe0oMImSLYBIv1o4X1M8cce4I9tYo1cJdbZX4ovy6W4OjK-Dr4w6Fs9Gv9uTih_BGhRlk9HBqeY8KL4reuUhyRhRRjMd7yhBaZRYz2s7u_D3whENY7x-22Z0EfosecvjT37nuXjDr5h0uIUGBjKAIeyo3enONVbhUcZF3cO4kRHzGwDhxNtxVfMee6YwhR1yzv59dmYCxKedwrr6UGKrurvsM03U3OYi2o4geHdpYo8dJKalA3io6hB_yXTqClzJPynAIOKlaL_akags9WR2fLHG526_HDfCN4IKAIz2pCjeigd3rfyKZ0b8tEYbmHSKDr-gujHT5NTaClp3W1L90AakQ2sOMgZ3c8NGUAzbPYsBOlEHrMsurNjEJklTH-IvJXNhXJD7hxu2FCfMguRu9zz0JqjMQpn6QDEzETBIY1grpDrcsKxZDH3P2Tv6L3uQB_UEi445uo6Cf5MJNY3N30Q1JsCs6MC5oJjJqYmldB_dQkYYbFfjpB6_IoM_yDvg5e6N8OmvHLaPo9ZtVkNCmL8YPtwaZSufSiZ5TdTUyyJWM8zPmmfh115M_eiI0siyptpvKPFkT8OoFGjBcTHcTQoIt5nPzhtDlzdpjycOUzMMdhSBaeXoPukNv9kTYOmeBxPTP6DmXg&skey=8952ce414dafd5f2&v=v12

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0114138e4ac4c4ee867476afc278c243696da522fab0a34776d7d68ca07e3c2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://goroh.pp.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 09:30:59 GMT
x-content-type-options: nosniff
age: 70430
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18388
x-xss-protection: 0
last-modified: Tue, 10 May 2022 14:49:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Sun, 10 Jul 2022 09:30:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 170ms
53ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-145685605-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7198
date: Mon, 11 Jul 2022 03:04:51 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 11 Jul 2022 05:04:51 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/ 339 KB
119 KB 190ms
81ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7943937342790223&plah=goroh.pp.ua&bust=31068332

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2751c9046e1692a8601c51885848717410e4b27fbcf6553bf41903fbf817234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122298
x-xss-protection: 0
server: cafe
etag: 11221656459051587715
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 11 Jul 2022 05:04:49 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220706/r20190131/ Frame 70CE 10 KB
5 KB 170ms
53ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220706/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 30778
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4414
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 10 Jul 2022 20:31:51 GMT
etag: 10429905676100781186
expires: Sun, 24 Jul 2022 20:31:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 170ms
61ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=408758508&t=pageview&_s=1&dl=https%3A%2F%2Fgoroh.pp.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%80%D0%BE%20%D1%81%D0%B0%D0%B9%D1%82%20%7C%20%D0%93%D0%BE%D1%80%D0%BE%D1%85%20%E2%80%94%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D1%96%20%D1%81%D0%BB%D0%BE%D0%B2%D0%BD%D0%B8%D0%BA%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=483543085&gjid=267050007&cid=2091941842.1657515890&tid=UA-145685605-1&_gid=315817185.1657515890&_r=1&gtm=2ou6t0&z=851999159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://goroh.pp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://goroh.pp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
644 B 187ms
63ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=goroh.pp.ua&callback=_gfp_s_&client=ca-pub-7943937342790223

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202207060101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7943937342790223&plah=goroh.pp.ua&bust=31068332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

c4da1d8ce77021ba4fd00f7f3bcd57c6265ad9128da5ee4630e8a4c8af528272

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 179ms
62ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=goroh.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 05:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 180ms
62ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=goroh.pp.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 05:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDEC 116 B
114 B 198ms
88ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&adk=1812271804&adf=3025194257&lmt=1657515889&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgoroh.pp.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657515889627&bpp=3&bdt=410&idt=323&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=833155212262&frm=20&pv=2&ga_vid=2091941842.1657515890&ga_sid=1657515890&ga_hid=408758508&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44766559%2C31068332%2C42531608%2C31062931&oid=2&pvsid=4421112029080053&tmod=1751386217&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=340

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 91
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Jul 2022 05:04:50 GMT
expires: Mon, 11 Jul 2022 05:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 169ms
57ms XHR
text/plain 2a00:1450:400c:c0b::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-145685605-1&cid=2091941842.1657515890&jid=483543085&gjid=267050007&_gid=315817185.1657515890&_u=YEBAAUAAAAAAAC~&z=1197136552

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://goroh.pp.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 11 Jul 2022 05:04:50 GMT
content-type: text/plain
access-control-allow-origin: https://goroh.pp.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D725 14 KB
8 KB 564ms
472ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1657515889&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657515889630&bpp=2&bdt=413&idt=345&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=833155212262&frm=20&pv=1&ga_vid=2091941842.1657515890&ga_sid=1657515890&ga_hid=408758508&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44766559%2C31068332%2C42531608%2C31062931&oid=2&pvsid=4421112029080053&tmod=1751386217&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ezppSSCMjE&p=https%3A//goroh.pp.ua&dtd=351

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

71868cfa453549e5f1341f43fc3e68e2bb47ebd8150a1a476b231c091aafa4e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8009
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Jul 2022 05:04:50 GMT
expires: Mon, 11 Jul 2022 05:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D725 42 B
63 B 88ms
87ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CHV6HO5c5hPiSGyBY3jLxKIzkt7LhwonZUuaH8BEwJYGi_RaKfQigfRXQT4KiXcnvBYyTlTpa-XIc1YtCYTt0OvxzP5RFO7DB3rC9npd0iuS4Z8nY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1657515889&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657515889630&bpp=2&bdt=413&idt=345&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=833155212262&frm=20&pv=1&ga_vid=2091941842.1657515890&ga_sid=1657515890&ga_hid=408758508&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44766559%2C31068332%2C42531608%2C31062931&oid=2&pvsid=4421112029080053&tmod=1751386217&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ezppSSCMjE&p=https%3A//goroh.pp.ua&dtd=351

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame D725 3 KB
1 KB 176ms
60ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 04:20:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 04:20:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D725 137 KB
43 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43254
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1657132091081416"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Jul 2022 05:04:50 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/ Frame D725 17 KB
8 KB 168ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220706/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 03:21:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6198
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7309
x-xss-protection: 0
server: cafe
etag: 16921397534319471551
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 03:21:32 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 039E 624 B
300 B 65ms
64ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGMmots0BMAE&v=APEucNW7fkicT36Bkfsu8s6eqYFkKc0E_5s-7TGanX08F8frUdc8wddDPlanGfwIhuEhGIV43dCExuPgQrILE_mVP6uZENJzZDMJvjcScG_msnUfYyvshnpm8LmTlPeyyQnr3ay4P5M9WZPKEa4AFIBrDOXJPqNuuUprL8_jF9n_nQrSh-Qnq4s

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1657515889&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657515889630&bpp=2&bdt=413&idt=345&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=833155212262&frm=20&pv=1&ga_vid=2091941842.1657515890&ga_sid=1657515890&ga_hid=408758508&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44766559%2C31068332%2C42531608%2C31062931&oid=2&pvsid=4421112029080053&tmod=1751386217&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ezppSSCMjE&p=https%3A//goroh.pp.ua&dtd=351
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 11 Jul 2022 05:04:50 GMT
expires: Mon, 11 Jul 2022 05:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D725 59 KB
30 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cg5axVR_6YdfpUGZXeaTj0g1pIcKdSqEkJUIePWZQrbIDDlCOH6noRrXicrI959oZb0ExU8ts2NbRe-QjX8oCcteHhmw&cry=1&dbm_d=AKAmf-AOo6JIWtAqyR2XiB1CtGQZxKZm8NGVoYrsIEWK3BAGH4FQ8DRLoHH4sDS4qiZiX-ADZt5q53deWOtz93DWphy-iYDX-ZPPAwnNwbnRPPqOnAnvc1U9l6bknvPU_f0_88yoQhQe7csag-wt-Icn59GErEj8WEtvgj2BHAP5aAHNHSbIcKW3A74erE13mLU-DE-8DjKF_w2MgFeo5aVNvA2HejcJof4WJmEygTVLLG5Nx_nj6IK30eSdpPJBwNQJSp4gJDP3oGZznn2Zojt9Di8QSFgOWTlhttenFlkIngFU0rdV5bwCIXZizpdIu0AbdYkwFdEQi3ihopP3YyVOpTiBbZItFNNbS5H08kkundx-Vrig64iD39KN2F_hc96GWagZ8_1XwF3k1ipJcJ1liT5fKRaYBN2M5HZzbgWWkWAjHgonDLtMLuP-7-nc5AzONQUrlAXgVO8aaCLNJnnyqfFjvv6REa02Fcx4wAYD1mIIhZYAMyOgP9FxD0RdX9Mb230LJuX6CRGVnMz_RALsjfGG8LxWm6X4gA-wvzoTrEFll8rdsXBi3LQWOdgS_HmVEKVqqtq_nX1LQ1qR13GasEeIeLNc05AbXotwug7YsroNWtXjijz87byrSNqJsAV7oT6TeYkLsPkjrBkK67RPo5veVKl93t5j5NhSfxlfCko7ieCQCXRe-mK2mdjwynDONo8AX2Yiers9_hyw7SlR1afO3Qf-w_pigGeUyePddYLJX1UDVixb3F8mWu9MUGVls9yXXeOIekm3CQ57kHmGyAbMQQDmxWc7BIOKlkrZLnwXm5xy-4cZu5Mrou6jSVPihMWSS-oHpfezNWTkZ6dP8CmCoMeLI6FjpkWzUFWSqaqaEr9eLZze6vl-KclgupHOOnX7xnF-SMqttE4u5kRykv2eKWnS38yZR8MI2t_3h4i9UNDpIshjfClBMvoyprBJu902lii0Ah1L8FfwCHlBtDCZmTM2ypfrcWQbrng_acV-B1AAavycFN-c3WT7dUMQRJNHqa-3FJ7TyEOdWZqYva0Y2YwJyZi0YC0DPy6JHwsK7MgHjpqRgWo7LdMRbT1p14AavSO0_5-uUdQtiTz7e17Z43gd6K4H-4hnWM0T5reHAprb3UcU7XK3A1cBbNKEUuCGdgy3l0TTmZi-GJ_IndC_Bx7y9Q6sJqFh6b39qX7CfJET_4F7L2MIntYqm-eV2G1InTn2xEejwkFB8tewzy5lM2aaN-ovZY251rxM0miFErBX31wWFqwVpA6_cnhB5UfPApQGUlOuhACWdFpMTQslY_Z5KMPbuzy8v5i1V3XF3k1IVD-sWbrblZUgVFaIzmgzu2iR8jjN9M9A6aL0XB0CsZLr7Bqgmcz1zo2ddUTEIYScSl32go7ldq-5_rs1NLlcIkTIKLGdTN8VHgenWSl0y3LpdLmri1ALPD_VpsGjiNkn9SmJup9T1Kbfl7246onQlC5QrcwTXsoi3pVtAAXgrdfLi65d2vPOCaXn5eZU2cDiyE4qDtnEzS0DIM0Wz1ev2B0zzG_bWMBAu9yw3TSaYFuzwYJ9x_kM2AdzsaqG8R5p8HgxFGerhXXbEW5AXgAtmPyb0GEbknOBZZSWS4hsEmlhQqVJdUHkHySXftCFTGWqYPNlLKs6VzMxvi4SOMiv_JOAt2Lcy_eALDooun2wJ5lpb3ZQv5xQJSv4qPyIXdanViK8V8adQ9fQggHbrMIdy3HGxDzJdJGypoYZArMUZQCC1K-Q5WauSUOPFvqrmy8FFMiyOJs7Z2yplpVewOFndh_NSgpqwJP_fggnYein5eiGeYFOvE9rxnyJHLHSDf99_bLIa3JKOuYvJjWokd5vVsZLbzSGbAEjgwGuVD7thS7zBEVO29aHnQyETNiuSpShkNfHfZoOxYAAuo4Gm99tz3YfG2hk4wwR9HtceWQUJlPLvLdBQzNcxh-IlZtxPjChgWUh-49NJ2OFOm-iZ0V0ZDUM0Elz4sJJTWaVSfdfrHFFO_ei7RyO-13YihdHNBr_Orqw0EuD8patrCMc6GQiG3bCZgQfIQhjxlKjsGGLHcSiBgiYcJrV4xA9eQ1PK0p1_SHd-Wq9CFwjc6FHlUooCpyHrkMf2i3eEH0SgHXdPYWDnscHnVeeX8X4fiKYpa3h1lf57eYNklOHJRlxhCJLgmFkkuQxaPbYS6W8q2pUtXcMaLY2Fdhm_yVnt6U47M5EK-p38q2tnCVLNBtShZHSQqgWuEIczPhIBGknE7Ur68L2KE6G4AYohJmaEFa5WUcbzGKRMWDvk-yR6GBYK75GKkplWlNNWE5MiZtBupASknMYeyYD3WWchIiPb_EcDmc7OUxUKQpfspx3rKzphKv4HM1wDGiiM9Aq69_DI6QPPJ23vP2aWatMez0mhsYXXvjaQ9i864__TfLKDW4hz89pnZaycHFAJRkjPqvoO-iPNLpSuD15SqGh_orHNMZGPHcejokzMOjXTSYc29Cnr-qXSF2pz40vmt5S27a8HpXiFzQdNCBkLdJDLm3P4a1gNZlOZvpwyWaD2DMcsFI4r4jFhcnyfGsBkE17JYkG21JBaLRcd90D1QlECUwMZ4dwEk8NJUYSvefJrXvesZGceFrfWb-Ab_3cTf7SER3H-_PvOS_DFkdVGBwBwdDtbyYOQpZYfoBzQtBc8_aSeqSFioOVBHWdLTamGm0M2_dwc0qjvex2Gt0PjOnQ7ek2g1RDVe4nOJiXEbwqpnXkaNWSH8KS_yFQvNEbZiTcFbqqeatpq5339q97cbYS35b64KAKzNklYRggCmUgbNOGar3nc_efQw5oXPqKauRmjRZSkHuo339ATZrclj3Mh776C6CVCFKVNf0B-JJjc9yVGg_0Ggt_0QLBIRuCLgS2bK-5jEpkie3PIhPTFVZ4hh15BvTz6HzDCFltw06MvUcc9WzD3XIkksWYdjvBQLsVZzsXeP4iHGxTC1AA8YI5BsDl8Ksu3f7CL9fkGMs18Sq6eES_GNWFKU9LWzx8s7xhX1d25tw9guEmm-z3WNPieebMDO8HAiUSryf90K4yKesJ0WQTwEROeWYGDP97JHoqQ6Ho_NyWVPJQqUsL2xy86KwyhamJ-WZMIDgSel0_jDRPZI-Qb8FD700xmzV7BB7m2w_D4qr3WpIdxB8JQCl6GuVWNN9RjncuqDhLyTyckCspLCKEUPObqmlhosBheMiRNEosnbnwb90CZNTlF-1pj-40AV8WMNeNqXceS5vjxw2zlxrhbEwFYEZhQQohOW4BdBq_6ajgafsooXodSCwfnYRqhQmf8u5MO_pJlF5bFE-9V7FPqZ8yS0mUw8V_XeDkI6NZgGPEdVJDbfvjnP36F6cmSONpX_JoQP2kUxzsNqdsbjrzI3NDYJ4MRaDuKeBXoNMH0gr68Q_q6HMHKMMQronlFWZJm8sL1IeQHUbEUeuZacyziipmp1NG1bjRWlTnqf0TWWZPQI7Aj4BgwraT-nSffxaGhzlGgrU&cid=CAASBORoaDI&rfl=1%2Chttps%253A%252F%252Fgoroh.pp.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8060b6b55f4984a916bfe335cb5dbac1c11814792921419787038ab258208b53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7943937342790223&output=html&h=600&slotname=1684208412&adk=1954673715&adf=380825451&pi=t.ma~as.1684208412&w=300&fwrn=4&fwrnh=100&lmt=1657515889&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgoroh.pp.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1657515889630&bpp=2&bdt=413&idt=345&shv=r20220706&mjsv=m202207060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=833155212262&frm=20&pv=1&ga_vid=2091941842.1657515890&ga_sid=1657515890&ga_hid=408758508&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1223&ady=311&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44766559%2C31068332%2C42531608%2C31062931&oid=2&pvsid=4421112029080053&tmod=1751386217&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=ezppSSCMjE&p=https%3A//goroh.pp.ua&dtd=351
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 039E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGGES_HoayTnT0-i4AsRAOw&google_cver=1

43 B
943 B

115ms
78ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGGES_HoayTnT0-i4AsRAOw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGMmots0BMAE&v=APEucNW7fkicT36Bkfsu8s6eqYFkKc0E_5s-7TGanX08F8frUdc8wddDPlanGfwIhuEhGIV43dCExuPgQrILE_mVP6uZENJzZDMJvjcScG_msnUfYyvshnpm8LmTlPeyyQnr3ay4P5M9WZPKEa4AFIBrDOXJPqNuuUprL8_jF9n_nQrSh-Qnq4s
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 728f002e1ccf776e-LHR
pragma: no-cache
date: Mon, 11 Jul 2022 05:04:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tWhvL8cGY0LpXlWpyRAXau6Tz9w6ueNH3Trq5LfQvXHt35QPHuj7cNj98xfwi3WGsQYJhvOAYxvWd4k4%2FPC3ZKLYo4xAiDTjqxPADg5U10eYhH%2Bjx4Tzoke5jtlqDtU3dOHr36Tm%2BQ26bg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGGES_HoayTnT0-i4AsRAOw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 039E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YsuvcuA69YyaF2qE1A252QAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVZlDv_0KJEZiLaYM8I8f4&google_cver=1

43 B
912 B

77ms
77ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVZlDv_0KJEZiLaYM8I8f4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGMmots0BMAE&v=APEucNW7fkicT36Bkfsu8s6eqYFkKc0E_5s-7TGanX08F8frUdc8wddDPlanGfwIhuEhGIV43dCExuPgQrILE_mVP6uZENJzZDMJvjcScG_msnUfYyvshnpm8LmTlPeyyQnr3ay4P5M9WZPKEa4AFIBrDOXJPqNuuUprL8_jF9n_nQrSh-Qnq4s
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

cf-ray: 728f002f2e47776e-LHR
pragma: no-cache
date: Mon, 11 Jul 2022 05:04:51 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qjuEIR4dVYfqLSqn7F%2BLRqVvhCjVbD8egQpo7nbcLM3KEbIQmk52p%2BLDR9w7DY1XhUBU8mduD6kbQzQLbVfZ%2BeB7C%2BokJTiZeNqxU%2F3uFgJqcWQPYPPjl8oAIZbEmC4O5O6CDTYvcVuCKQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:51 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKVZlDv_0KJEZiLaYM8I8f4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 039E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEAzWZlJZUXXcqcgA6dmiLyU&google_cver=1

43 B
1016 B

89ms
54ms

Image
image/gif

185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEAzWZlJZUXXcqcgA6dmiLyU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJC1NBCfyqQCGMmots0BMAE&v=APEucNW7fkicT36Bkfsu8s6eqYFkKc0E_5s-7TGanX08F8frUdc8wddDPlanGfwIhuEhGIV43dCExuPgQrILE_mVP6uZENJzZDMJvjcScG_msnUfYyvshnpm8LmTlPeyyQnr3ay4P5M9WZPKEa4AFIBrDOXJPqNuuUprL8_jF9n_nQrSh-Qnq4s

Protocol

HTTP/1.1

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 11 Jul 2022 05:04:50 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: bfdcbdf6-0743-438f-aab2-e1e3cc350e6c
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEAzWZlJZUXXcqcgA6dmiLyU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 039E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4NjU2NjU5ODIzMDUxNTMzMw%3D%3D

170 B
188 B

172ms
64ms

Image
image/png

172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4NjU2NjU5ODIzMDUxNTMzMw%3D%3D

Requested by

Protocol

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f98.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 11 Jul 2022 05:04:50 GMT
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3e128781-4bc4-4f11-8da5-a8a13acd78ac
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjc4NjU2NjU5ODIzMDUxNTMzMw%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/ Frame D725 27 KB
10 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cg5axVR_6YdfpUGZXeaTj0g1pIcKdSqEkJUIePWZQrbIDDlCOH6noRrXicrI959oZb0ExU8ts2NbRe-QjX8oCcteHhmw&cry=1&dbm_d=AKAmf-AOo6JIWtAqyR2XiB1CtGQZxKZm8NGVoYrsIEWK3BAGH4FQ8DRLoHH4sDS4qiZiX-ADZt5q53deWOtz93DWphy-iYDX-ZPPAwnNwbnRPPqOnAnvc1U9l6bknvPU_f0_88yoQhQe7csag-wt-Icn59GErEj8WEtvgj2BHAP5aAHNHSbIcKW3A74erE13mLU-DE-8DjKF_w2MgFeo5aVNvA2HejcJof4WJmEygTVLLG5Nx_nj6IK30eSdpPJBwNQJSp4gJDP3oGZznn2Zojt9Di8QSFgOWTlhttenFlkIngFU0rdV5bwCIXZizpdIu0AbdYkwFdEQi3ihopP3YyVOpTiBbZItFNNbS5H08kkundx-Vrig64iD39KN2F_hc96GWagZ8_1XwF3k1ipJcJ1liT5fKRaYBN2M5HZzbgWWkWAjHgonDLtMLuP-7-nc5AzONQUrlAXgVO8aaCLNJnnyqfFjvv6REa02Fcx4wAYD1mIIhZYAMyOgP9FxD0RdX9Mb230LJuX6CRGVnMz_RALsjfGG8LxWm6X4gA-wvzoTrEFll8rdsXBi3LQWOdgS_HmVEKVqqtq_nX1LQ1qR13GasEeIeLNc05AbXotwug7YsroNWtXjijz87byrSNqJsAV7oT6TeYkLsPkjrBkK67RPo5veVKl93t5j5NhSfxlfCko7ieCQCXRe-mK2mdjwynDONo8AX2Yiers9_hyw7SlR1afO3Qf-w_pigGeUyePddYLJX1UDVixb3F8mWu9MUGVls9yXXeOIekm3CQ57kHmGyAbMQQDmxWc7BIOKlkrZLnwXm5xy-4cZu5Mrou6jSVPihMWSS-oHpfezNWTkZ6dP8CmCoMeLI6FjpkWzUFWSqaqaEr9eLZze6vl-KclgupHOOnX7xnF-SMqttE4u5kRykv2eKWnS38yZR8MI2t_3h4i9UNDpIshjfClBMvoyprBJu902lii0Ah1L8FfwCHlBtDCZmTM2ypfrcWQbrng_acV-B1AAavycFN-c3WT7dUMQRJNHqa-3FJ7TyEOdWZqYva0Y2YwJyZi0YC0DPy6JHwsK7MgHjpqRgWo7LdMRbT1p14AavSO0_5-uUdQtiTz7e17Z43gd6K4H-4hnWM0T5reHAprb3UcU7XK3A1cBbNKEUuCGdgy3l0TTmZi-GJ_IndC_Bx7y9Q6sJqFh6b39qX7CfJET_4F7L2MIntYqm-eV2G1InTn2xEejwkFB8tewzy5lM2aaN-ovZY251rxM0miFErBX31wWFqwVpA6_cnhB5UfPApQGUlOuhACWdFpMTQslY_Z5KMPbuzy8v5i1V3XF3k1IVD-sWbrblZUgVFaIzmgzu2iR8jjN9M9A6aL0XB0CsZLr7Bqgmcz1zo2ddUTEIYScSl32go7ldq-5_rs1NLlcIkTIKLGdTN8VHgenWSl0y3LpdLmri1ALPD_VpsGjiNkn9SmJup9T1Kbfl7246onQlC5QrcwTXsoi3pVtAAXgrdfLi65d2vPOCaXn5eZU2cDiyE4qDtnEzS0DIM0Wz1ev2B0zzG_bWMBAu9yw3TSaYFuzwYJ9x_kM2AdzsaqG8R5p8HgxFGerhXXbEW5AXgAtmPyb0GEbknOBZZSWS4hsEmlhQqVJdUHkHySXftCFTGWqYPNlLKs6VzMxvi4SOMiv_JOAt2Lcy_eALDooun2wJ5lpb3ZQv5xQJSv4qPyIXdanViK8V8adQ9fQggHbrMIdy3HGxDzJdJGypoYZArMUZQCC1K-Q5WauSUOPFvqrmy8FFMiyOJs7Z2yplpVewOFndh_NSgpqwJP_fggnYein5eiGeYFOvE9rxnyJHLHSDf99_bLIa3JKOuYvJjWokd5vVsZLbzSGbAEjgwGuVD7thS7zBEVO29aHnQyETNiuSpShkNfHfZoOxYAAuo4Gm99tz3YfG2hk4wwR9HtceWQUJlPLvLdBQzNcxh-IlZtxPjChgWUh-49NJ2OFOm-iZ0V0ZDUM0Elz4sJJTWaVSfdfrHFFO_ei7RyO-13YihdHNBr_Orqw0EuD8patrCMc6GQiG3bCZgQfIQhjxlKjsGGLHcSiBgiYcJrV4xA9eQ1PK0p1_SHd-Wq9CFwjc6FHlUooCpyHrkMf2i3eEH0SgHXdPYWDnscHnVeeX8X4fiKYpa3h1lf57eYNklOHJRlxhCJLgmFkkuQxaPbYS6W8q2pUtXcMaLY2Fdhm_yVnt6U47M5EK-p38q2tnCVLNBtShZHSQqgWuEIczPhIBGknE7Ur68L2KE6G4AYohJmaEFa5WUcbzGKRMWDvk-yR6GBYK75GKkplWlNNWE5MiZtBupASknMYeyYD3WWchIiPb_EcDmc7OUxUKQpfspx3rKzphKv4HM1wDGiiM9Aq69_DI6QPPJ23vP2aWatMez0mhsYXXvjaQ9i864__TfLKDW4hz89pnZaycHFAJRkjPqvoO-iPNLpSuD15SqGh_orHNMZGPHcejokzMOjXTSYc29Cnr-qXSF2pz40vmt5S27a8HpXiFzQdNCBkLdJDLm3P4a1gNZlOZvpwyWaD2DMcsFI4r4jFhcnyfGsBkE17JYkG21JBaLRcd90D1QlECUwMZ4dwEk8NJUYSvefJrXvesZGceFrfWb-Ab_3cTf7SER3H-_PvOS_DFkdVGBwBwdDtbyYOQpZYfoBzQtBc8_aSeqSFioOVBHWdLTamGm0M2_dwc0qjvex2Gt0PjOnQ7ek2g1RDVe4nOJiXEbwqpnXkaNWSH8KS_yFQvNEbZiTcFbqqeatpq5339q97cbYS35b64KAKzNklYRggCmUgbNOGar3nc_efQw5oXPqKauRmjRZSkHuo339ATZrclj3Mh776C6CVCFKVNf0B-JJjc9yVGg_0Ggt_0QLBIRuCLgS2bK-5jEpkie3PIhPTFVZ4hh15BvTz6HzDCFltw06MvUcc9WzD3XIkksWYdjvBQLsVZzsXeP4iHGxTC1AA8YI5BsDl8Ksu3f7CL9fkGMs18Sq6eES_GNWFKU9LWzx8s7xhX1d25tw9guEmm-z3WNPieebMDO8HAiUSryf90K4yKesJ0WQTwEROeWYGDP97JHoqQ6Ho_NyWVPJQqUsL2xy86KwyhamJ-WZMIDgSel0_jDRPZI-Qb8FD700xmzV7BB7m2w_D4qr3WpIdxB8JQCl6GuVWNN9RjncuqDhLyTyckCspLCKEUPObqmlhosBheMiRNEosnbnwb90CZNTlF-1pj-40AV8WMNeNqXceS5vjxw2zlxrhbEwFYEZhQQohOW4BdBq_6ajgafsooXodSCwfnYRqhQmf8u5MO_pJlF5bFE-9V7FPqZ8yS0mUw8V_XeDkI6NZgGPEdVJDbfvjnP36F6cmSONpX_JoQP2kUxzsNqdsbjrzI3NDYJ4MRaDuKeBXoNMH0gr68Q_q6HMHKMMQronlFWZJm8sL1IeQHUbEUeuZacyziipmp1NG1bjRWlTnqf0TWWZPQI7Aj4BgwraT-nSffxaGhzlGgrU&cid=CAASBORoaDI&rfl=1%2Chttps%253A%252F%252Fgoroh.pp.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 04:58:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 377
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10545
x-xss-protection: 0
server: cafe
etag: 4672069523611413616
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 04:58:33 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/ Frame D725 8 KB
3 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220706/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 25 Jul 2022 05:02:24 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D725 0
622 B 220ms
98ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv1ZfGaKHghJWaQorUGohFW4T-dIv5_DofkBeU1I4fW0z3SBuRUGPEzrnSvIs2g4wu3Zzju__74PBlSCPYf-KEfwqvT_kNef8qWWxYaCDe8B8cV1gSiKqfherC4zPqk7Ra6n6vn7yDsPzpXQWDIRKW67jZUQKUC6LI4HGx0gZ8JXw_b9z51twtO0SHqq0IEh9rTDyt0nTveqmNaf2K0AMmijJZru5Y14EGYGmlIGiyXVInmOQO6wUoZObc7blUiMpffHyauurM-ZShsUjnYvXyrHx6UNGj0WopRMH1YvRh42DnLCQSYliq8-GMVoKbBQQH85uj_bN6YxUWdqsQ0y3qxvztQ1k6gsBwUPGNN-d1Vs89jmxdCUsDa20p5Ux367EyZ1J__hUTiGAgGLWvKZScssP9RHouR9uT-jYzLfNnpjriv5W2CuR_674gvmdoEH6GKU42PQF6pmVkEEE3qE5z74FtorxBvDAn0vGWfkCCtsoIUoKiHdOd-2X5a0-_c8BUZqAHQ_0cPYnUSvKfETPTqFTthxsdGatalHWjubT9dETJW2LpkVbDbSWgT1erujlJX60KA-p9iLcgKpwAttQCh2u1gjwVRItBxn_mF_wjUKokXfw5gRMsOOJpXgxDt16CL9n1X4wJFFpXKCpsWNLT8ibY_OlJ-QMOZrnkKoS9gbw8o6o0pha9dBd5qbneo4NjbcEdmOysd4EIuYweoQuvoRta06XR7PZSOxNF_6gNLha1t8jtcUSm4AuO3hcYbVeui3JIQmE8Mrt6tObiqTz7l4ZVSdWKyAXGKDrfOCgNQs2bJtvBYXJgEXiO4NWR5iqPnOTyNqhGihnVfxe0Qs5iRo3xH8GAiZvhIwnEsFwckrKgqwebbeybcrTXft4INS8sfgRVsPLQqtO9EFmUkAnr6ia7QZ-U1b_n2Stsrkm6Bwzz2G2Ryt1atVXEEoKL90nEEgYue8ZCSGtBG353GWiCNvcI2VNwlqcroKNwdl7g2H7bhBnE9jBJEpuUk7QGRoCUWhvVA8XSpNnjEKJXvXTtJiOeygXf8AjvI96oxyN2P9bMiBr3fEmybKpH36wUpDZt7JpEQIYV97cVzKVxXUSKjyGvjiKYf7N9nH4_SoL5WMHnH08OlxebKUpjaGb7C4R45bw&sai=AMfl-YRnmdYs6IaeGFXDg6HTCDOEAy_J8Bx5zz7RoPFGUziGHbw1OpBfeAcZDdFf25pLLJTHb5Emum5gGqck4B_YbzNzDgzNU27rz4u6YKIoBOisntgI3guqxJgT6vGVq7DTQaya&sig=Cg0ArKJSzFtx08qkLUXrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220706.89108&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Mon, 11 Jul 2022 05:04:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D725 41 KB
15 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 07 Jul 2022 07:12:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 337923
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 Jul 2023 07:12:47 GMT

GET
H2 200 17789994108376490013
s0.2mdn.net/simgad/ Frame D725 204 KB
205 KB 259ms
142ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17789994108376490013?sqp=-oaymwEOCKwCENgEIAFIZFABWAE&rs=AOga4qkR-sPiVtlylxq7fEzzZRF_93cEKg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc2e8c4b5c172fbb6b24fc9d76750020cc5ce187fb7ab9ec81124009ee2771cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:50 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208773
x-xss-protection: 0
last-modified: Wed, 15 Jun 2022 17:14:50 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 11 Jul 2023 05:04:50 GMT

GET
DATA 200
OK truncated
/ Frame D725 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: efbf1d6782853e913f417e15aa2298f9bee33cc757c222ff82cd62bda6b93615

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6854 22 KB
8 KB 164ms
53ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 337923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Jul 2022 07:12:47 GMT
expires: Fri, 07 Jul 2023 07:12:47 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 _j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6854 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 18:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37832
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13754
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 18:34:18 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6854 0
20 B 92ms
91ms Image
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9oMccq_LYqXWJKq6x_APnuOE2AIAAAAAOAHgBAI&bg=!0NOl05fNAAaYcLjmuHA7ACkAdvg8WuMhJujZ6KqMmDwkB3KAjf9I9Mn8rrSBNs1ouTQ0QYAHXE0BTQIAAABNUgAAAAJoAQeZArc4IDZQJJuejIVpGiRhtvKgSzALFat67u7gdWDE0xNY7FaE_7K-YOQm4IO3HiOEqTURS-aptX0zge-uCjG5fANnKlQjBcmIZh3YbH1HRBn-uuKZ23lMA5Eyc0VlsBcNiPCrRUFSwqBtCnEj-DWLHakS8IIL5YnrUFukM29yJXJNHEJSJ_uHUFh5HCGwS9Ql4F7CySuk3kMis9gjR3UuWtvnhfVxhHbPSw8f4UI31SmSR20wh-PW5d0_J5HaALeBtTGWI6Dnxzbjk0S6n4U03_vlmVvDVM_RDHKXSc-GR6RwH3iwgC_wp2Xy0NI1lnIEYcwiriTbjXqa8yokKzytEj-2HlwQKMg1Z71arrnxepeZoFuOltnTOwl30rcEwQ260uOtVc0wJfW78TLKwKain_D9ayp2azaZsZMCtlYFOg_8eZjClvx2qER-RwC6c0pDnM-yBVZPolavIucWjwqf_AkPJkns8aMvvtNhcT0yjCPkg8YOKongbyV4xjHNgWtaXLWMyTYybzEaVu0vNatmxsLcCH1m5DDg_yv5DvYbkdWwwTfHfS2Qv9YzyuMJg0LQuN6AMnH9Z4zKHAxmlPoMJ52WJQJY_smSXS9DaNQVshFf0N9dCrEU24aggRilZ6ToIbQCfDlJ-QJu36pKgfV6Z6983sSKXi4Pvj2r58zsO4iHLOWHCACcJhni-iii-0npEpDLsA2mrWPYISuhatg334HCvFQSLGMulB6kv7nMRXcc6rRAG8OTiOnrs_ykxHc-CYQb9MHtvyxKoWjCQQ8UEcfoF8oZgtFYLxFhQfMM52Tf35lDza3bxKAvCJ1ndZ8AnAcrYxsKjrC0GcUO7lBrDIPF64mn-AyjGjGQM_bxOPNEa5xlL4fDwymKWq-yWzdx5q17UWfXmnhxpPipumKqqJ5Lz6C3PGK66A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame D725 0
26 B 200ms
91ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 05:04:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 176ms
68ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220706&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3264ca6576343532eb5df5195a2ea91ced95348d11476ca1e1d8da4ba8f2a88d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 11 Jul 2022 05:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10658
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 11 Jul 2022 05:04:51 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3901 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 19855
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 10 Jul 2022 23:33:56 GMT
expires: Mon, 10 Jul 2023 23:33:56 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C77F 783 B
1 KB 187ms
71ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d262450ba894db4746bb73b615fb46ae223710cd71dc2e12d6aa7002a131284

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9mQvEe6nd4tpOOy6qBHxgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://goroh.pp.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-9mQvEe6nd4tpOOy6qBHxgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 11 Jul 2022 05:04:51 GMT
expires: Mon, 11 Jul 2022 05:04:51 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 _j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3901 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/_j1ezhpSwBWUHEITOmC2IR4vOiGfDYio7V63aY1ETrc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 10 Jul 2022 18:34:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37833
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13754
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 16:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Jul 2023 18:34:18 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3901 0
9 B 54ms
53ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?H98TGQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 11 Jul 2022 05:04:51 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C77F 0
0 96ms
95ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220706&jk=4421112029080053&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D725 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst6rH_-YuO6u-61Jv0qFX1NPnfqahM-Cv0YPgb9LQbsJaukEJPeT4JQNbfOoM3Xf-WtaI3u-XPG8kV1mmu_1SvfQ1t3d29937hVclN_nOAidVMGdYwibJF4mvIpdeocWVbNL-vkPo8cfy5j&sai=AMfl-YR9zCdCoXXokvXJu1ir71siHFROV4_2DqHTqcu-eWzFEMrWvP54BaRGjvTIg5aDkeOxkCuZ0AV1akrw&sig=Cg0ArKJSzISQQTKw_X-5EAE&cid=CAASBORoaDI&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220706&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1954673715&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1657515889983&rpt=1146&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 11 Jul 2022 05:04:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
93ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220706&jk=4421112029080053&bg=!6Oul66_NAAaYcLjmuHA7ACkAdvg8Wl9hjJmVRH9s0y94aITR_14n-lJPXhImnprbEg_IQC0LxVv98AIAAACVUgAAAAJoAQeZAo01YoUThr54qP4uJ4w6PxV88rDQ_yrbfW5T1DbAFUuF3Ia4o9Bt5Rl-sWCa5WKnaUY6XXmYFLE6oYr3QRe1Turl6JcclOxztBP7T0gX8GZzFwGLqbKpCWe49fVtlue4dUAElIW2DVMDq4TsLwSVAPy6v88RIAI57uAaHs30mgnCLNlqgVHoIrlTMkbY_HExQfcGFtI8rajaPgkkX6J0jwQzmJNsWFgHF-aJh28KlB5RRv8c0vHvV9M0uVrPricNNcnxh5StfkizHJf8AtHFDt9ZztihJ_v2oeFpahmmKuHcCVQRUrQaLzRtNyaQ-jGYWKwt6tzzR0y-zNbtoHH181U30ZlTgL8khvBlT553KmjnEPcTeeqKEuUUX5NT7SWbOD8Du7MeeA7JE3ZK7wFgmYwS5R_f8MBMW5yxyt8h4OIaR5lwv5i546K30o-rXJqbJky6m-ZuT_sX_qUiQxWCD0ynf6pr1SxQFbhKRuMAfEZlG49Ca4EepvXwLCIcV4LO-VRhTQsJm9LUUmx19TUe6BmkCKZXsRPzF86d_FdHjyPxQ7Jg38RLpBENZpoCqMn6X-BEBlMnBW9kmmewWm8-A1b1mo7mBLKCowUoH7o30T3O7GtlwwU2RSYxy01vF3fZo70LkcpC4sQot51xmW3FRDUJL7-W0dq0DOvdTsnPX5oSnJmr4XkpAlwc-EK2brANkKAUNKuH66irVvBu7p5PJMok3UxLm-y2dkqc7Vdm_DBLeaJroIaMHp60OvC9DfYJENrNc7VYlxGZb4yYstD3rnm8AGRuGREOxNiraVTBqfHWwos2kh8W4ql8ZtMc4Fqwb_TLov1ZxWoCMzH5xPAT9EcRurBvgP2mkl0jfezqnQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://goroh.pp.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.goroh.pp.ua/	1970-01-20 21:56:27	Name: _ga Value: GA1.3.2091941842.1657515890
.goroh.pp.ua/	1970-01-20 04:26:42	Name: _gid Value: GA1.3.315817185.1657515890
.goroh.pp.ua/	1970-01-20 04:25:15	Name: _gat_gtag_UA_145685605_1 Value: 1
.goroh.pp.ua/	1970-01-20 13:46:51	Name: __gads Value: ID=a512b07284d59cfe-22c0a6f6a2d300a8:T=1657515890:RT=1657515890:S=ALNI_MZURmUFCY6eack6gN1cyQHoWoaFCg
.doubleclick.net/	1970-01-20 13:46:51	Name: IDE Value: AHWqTUnPYirbsLHbkiYVBK2KC1UNl1Q3u8Q7HW06AFeMxt_tAPKc3gpoUWDFTPIlD_s
.adnxs.com/	1970-01-20 06:34:51	Name: uuid2 Value: 2786566598230515333
.casalemedia.com/	1970-01-20 13:10:51	Name: CMID Value: YsuvcuA69YyaF2qE1A252QAA
.casalemedia.com/	1970-01-20 06:34:51	Name: CMPS Value: 1218
.casalemedia.com/	1970-01-20 06:34:51	Name: CMPRO Value: 1218
.adnxs.com/	1970-01-20 06:34:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Ilas*kne!]tbPl1M>e)ZlrFUfJ+tGXxoP@LvO)A(eo%9zqcZayeH$HTl6D[8/@]qdcu^3If)y3KL9D3I?+m#?h#[
.casalemedia.com/	1970-01-20 06:34:51	Name: CMTS Value: 1180

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://goroh.pp.ua/(Line 165) Message: Unrecognized feature: 'web-share'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
goroh.pp.ua
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
s0.2mdn.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
104.18.18.126
142.250.186.66
172.217.18.2
172.217.23.98
185.33.221.88
2a00:1450:4001:802::2006
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c0b::9c
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::3
0114138e4ac4c4ee867476afc278c243696da522fab0a34776d7d68ca07e3c2c
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7110dd63ccd4951c07280944478233d13db3547c7c309094338fb76f0e6498
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
3264ca6576343532eb5df5195a2ea91ced95348d11476ca1e1d8da4ba8f2a88d
32a1873e03567492d5bc422049a61826bbb464bc1a1e9b71d32b2f0fccdcf651
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d262450ba894db4746bb73b615fb46ae223710cd71dc2e12d6aa7002a131284
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
52cf572ed8b0862d32df0be8765819a2eebae29d0547f1f8977d7e2146b8522b
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
71868cfa453549e5f1341f43fc3e68e2bb47ebd8150a1a476b231c091aafa4e2
75a2067c9dff8e58ae83cdb8ee4fe896013966ac4e8f3f1d5e8a75f27c9a1ae2
8060b6b55f4984a916bfe335cb5dbac1c11814792921419787038ab258208b53
8274241d349ddf1c066a4cfc905ad49b5dfc9176b174fb5863e6ae007e0ca949
84d1ee47df256fbcd1042850b8fd40df9ca9952a5b37608f019f2f438713fa30
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
9a87766e276124c5d72e15580ebcf9e5b78fe277d09bce31a14115ee8e3f36b4
9e922a63216b81f8eaf1a82bedb7f2eb5c88140d74eacd78e10c609422c05d27
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a704058593912a150b331f58ff19eae7a100383cc647f6f88d1098c8dc928d8c
aca3e0e1ee0b3f5ea6b4e61b81e54f9e9b9a1461b769d669e57718becb54ea69
aede6403a593039d4b953c0ac49479c3f52764195002d34daa36fd0844e4d675
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f5e59627b28dffa37fce186367a7df4b6d99943597b878f8c2e5474eabcc96
bc2e8c4b5c172fbb6b24fc9d76750020cc5ce187fb7ab9ec81124009ee2771cb
c4da1d8ce77021ba4fd00f7f3bcd57c6265ad9128da5ee4630e8a4c8af528272
c8247e71c60f01cce914615568139113018a1a129dceb0fe0af55edb0211b8fd
d48656fa207711b3a8482cbd2e27c09bde50ea93a0e9db8dcccc4a91f9e7ed5d
d547bcf0f8bf51c3c8c5c0d3561306f9d79e31f5ac232788738b72508ed26e0e
d86dc05b5341818e644c1c2b35df377c8046f482bb91c0c9d96fa2b4717825f2
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e2751c9046e1692a8601c51885848717410e4b27fbcf6553bf41903fbf817234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49548c45f00bbfa0fda642d02b5e29b407004eacc2099e348da7cb38f477052
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbf1d6782853e913f417e15aa2298f9bee33cc757c222ff82cd62bda6b93615
fe3d5ece1a52c015941c42133a60b6211e2f3a219f0d88a8ed5eb7698d444eb7

goroh.pp.ua Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

50 Requests

92 %HTTPS

74 %IPv6

15 Domains

20 Subdomains

20 IPs

5 Countries

727 kBTransfer

1467 kBSize

11 Cookies

2 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

goroh.pp.ua Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

92 %
HTTPS

74 %
IPv6

15
Domains

20
Subdomains

20
IPs

5
Countries

727 kB
Transfer

1467 kB
Size

11
Cookies

50 HTTP transactions
3 data transactions