angelyatko.com.ua Open in urlscan Pro
176.114.0.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://angelyatko.com.ua/
Effective URL:
https://angelyatko.com.ua/
Submission: On December 13 via api (December 13th 2022, 6:46:49 am UTC) from GB — Scanned from GB

Summary HTTP 146 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 22 domains to perform 146 HTTP transactions. The main IP is 176.114.0.120, located in Ukraine and belongs to THEHOST-AS, UA. The main domain is angelyatko.com.ua.
TLS certificate: Issued by R3 on December 10th 2022. Valid for: 3 months.

This is the only time angelyatko.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 30	176.114.0.120 176.114.0.120	56485 (THEHOST-AS) (THEHOST-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7 16	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
4 8	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
4 6	185.89.210.244 185.89.210.244	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:80b::2006	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:6c4b:f51b:1183:ef60	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.233 37.157.6.233	198622 (ADFORM) (ADFORM)
3 3	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
146	21

30 176.114.0.120 (Ukraine) 1 redirects

ASN56485 (THEHOST-AS, UA)
PTR: s12.thehost.com.ua

angelyatko.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 142.250.185.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.80.39.216 (Canada) 4 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.244 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Tuttlingen, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:6c4b:f51b:1183:ef60 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.233 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.44 (United Kingdom) 3 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	450 KB
31	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 cm.g.doubleclick.net — Cisco Umbrella Rank: 215 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297	103 KB
30	angelyatko.com.ua 1 redirects angelyatko.com.ua	866 KB
25	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 269	309 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507	6 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 218	6 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 72 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 11832	1 KB
3	gstatic.com fonts.gstatic.com	63 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3983 www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 350	952 B
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 503	2 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 639	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 743 r.turn.com — Cisco Umbrella Rank: 3406	869 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	94 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 47	114 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 936	576 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 418	714 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 16255	555 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1494	587 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	702 B
146	22

	Domain	Requested by
30	angelyatko.com.ua	1 redirects angelyatko.com.ua
26	pagead2.googlesyndication.com	angelyatko.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
25	s0.2mdn.net	googleads.g.doubleclick.net angelyatko.com.ua s0.2mdn.net
16	cm.g.doubleclick.net	7 redirects googleads.g.doubleclick.net
14	tpc.googlesyndication.com	googleads.g.doubleclick.net angelyatko.com.ua tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	angelyatko.com.ua
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
3	fonts.gstatic.com	fonts.googleapis.com
2	eb2.3lift.com	2 redirects
2	sync.1rx.io	2 redirects
2	c1.adform.net	2 redirects
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	angelyatko.com.ua
2	www.googletagmanager.com	angelyatko.com.ua www.googletagmanager.com
1	sync.targeting.unrulymedia.com	1 redirects
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
146	28

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.acmethemes.com

Subject Issuer	Validity	Valid
angelyatko.com.ua R3	`2022-12-10` - `2023-03-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh

This page contains 19 frames:

Primary Page: https://angelyatko.com.ua/
Frame ID: DD1B0D7DCF6735C3F4DE6E2980B54480
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 2664B51A3BBDD4CA113DCF0732FF7101
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&adk=1812271804&adf=3025194257&lmt=1670914003&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fangelyatko.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914002653&bpp=33&bdt=362&idt=398&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=997607074514&frm=20&pv=2&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=421
Frame ID: 069B5B675D41CB471624A7E38D4A8044
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=250&adk=2811827528&adf=2419326298&pi=t.aa~a.4263631882~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1670914003&rafmt=1&to=qs&pwprc=4937905649&format=333x250&url=https%3A%2F%2Fangelyatko.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003498&bpp=2&bdt=1207&idt=2&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0&nras=2&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5jTgatUWgS&p=https%3A//angelyatko.com.ua&dtd=7
Frame ID: 3A559A94FF8CACB29AAAC61C8F5F9E62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=491&adk=3197780835&adf=2500132200&pi=t.aa~a.635082417~rp.4&w=833&lmt=1670914003&nsk=1931c63c&rafmt=11&pwprc=4937905649&ad_type=text_image&format=833x491&url=https%3A%2F%2Fangelyatko.com.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003517&bpp=1&bdt=1226&idt=-M&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0%2C333x250&nras=3&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=1571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FX2nOkjkhQ&p=https%3A//angelyatko.com.ua&dtd=11
Frame ID: 0F1CF7EE857C38B97301979BE0D0E94A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=554&adk=2905973262&adf=628823934&pi=t.aa~a.2477792370~rp.4&w=833&lmt=1670914003&nsk=e3de31a1&rafmt=11&pwprc=4937905649&ad_type=text_image&format=833x554&url=https%3A%2F%2Fangelyatko.com.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003517&bpp=1&bdt=1226&idt=-M&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0%2C333x250%2C833x491&nras=4&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=HX8UUrtW00&p=https%3A//angelyatko.com.ua&dtd=14
Frame ID: 8FAEE7924F30B212A72AA3EC9CA7C3FC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=512&adk=2099650123&adf=2579584814&pi=t.aa~a.2477849929~rp.4&w=833&lmt=1670914003&nsk=98cee507&rafmt=11&pwprc=4937905649&ad_type=text_image&format=833x512&url=https%3A%2F%2Fangelyatko.com.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003517&bpp=1&bdt=1227&idt=1&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0%2C333x250%2C833x491%2C833x554&nras=5&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=4111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=91AUTSkaaB&p=https%3A//angelyatko.com.ua&dtd=17
Frame ID: E757DE3CE6793CDC48803D2C1DB65D3E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 518D5360AB2071358A01CA4A5A11310B
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY14H1uwEwAQ&v=APEucNXpygMLuy0SyxRnV0zVP1j4_mfhe7jf8SWTezz0izqwABFGhbuGtxugEE3YobSbN3O6SD1vQ1_FkVu60_4olVzngzWbTCLB05X7VdXL2t7aKiZkEvuGc5fGDHVRD-t0pPaxYARsrog17KVsihwQjAb1wC_BeUCY3HrGysdamA85RfjgyiA
Frame ID: 4B1F9975F038D49EC5452909B5E4EB7B
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=560&adk=212161453&adf=3047476056&pi=t.aa~a.2477842688~rp.4&w=833&lmt=1670914003&nsk=41c1aecd&rafmt=11&pwprc=4937905649&ad_type=text_image&format=833x560&url=https%3A%2F%2Fangelyatko.com.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003520&bpp=1&bdt=1230&idt=0&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0%2C333x250%2C833x491%2C833x554%2C833x512%2C728x90&nras=7&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=5CrGW6iSui&p=https%3A//angelyatko.com.ua&dtd=392
Frame ID: 9ECF152FDA3A33167BAF6939ABB21FA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOz8p9gBMAE&v=APEucNVbczD3iDJJiRC1n44l1CIPXm1qFVnIDSU3seNCdtPxxm8TxpbInRPgVVHPqdVzan7J8puA1gQrgXuVH6Q9cZMaPW_8M0LsnmUsNROCvBhXob0Tvf2Y4CAKOKNURIzg9ZnJz2NcBGjCmqelUJoZ9tBtWScUKNCTllNOg43NzRW-ppU31sM
Frame ID: 9C90C408F5EC334DFAB1A400BAD59750
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js
Frame ID: 85598A0892E81A9FDF2B568A33F89E79
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F38E7105C92133AC94352FAF58EB618F
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1F0CFFAD07692B7F1FF2DC20D5802E8D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7750FCEF94E3459EB472BDCBBB1EBD5F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
Frame ID: 630FBB6407E0612D5248FC7201AF1479
Requests: 23 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Frame ID: 9500E30DB8863C77A5A844C3CCECB3B5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DD62ACD6EF3F7210F05838E790DD30DE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 507DA78D75CA89959AD5B5E6C7367BFF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Київська лікарня "Янголятко" - Скажіть ні болю та проблемам зі здоров'ям

Page URL History Show full URLs

http://angelyatko.com.ua/ HTTP 301
https://angelyatko.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

146
Requests

90 %
HTTPS

62 %
IPv6

22
Domains

28
Subdomains

21
IPs

7
Countries

2028 kB
Transfer

3696 kB
Size

22
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: http://www.acmethemes.com/
Title: Acme Themes

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://angelyatko.com.ua/ HTTP 301
https://angelyatko.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ9IbKO91yyAUiaaObnWH8&google_cver=1

Request Chain 62

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5gf1PONMMXqToeiqpJnZwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1

Request Chain 63

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEC2fVhe-3MdJ-v5MYQimFFE&google_cver=1

Request Chain 64

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE5NTkwOTMyOTc3NjY2MzMxMQ%3D%3D

Request Chain 87

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1

Request Chain 88

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5gf1PONMMXqToeiqpJnaAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1

Request Chain 89

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF_nXp2aCp3Cps8Hei0cXzk&google_cver=1

Request Chain 90

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODY2NjUwMDM4MTA5Nzg0

Request Chain 91

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFDDUXZ08gOWLnXjSfLlZXg&google_cver=1&google_push=ASkJ3FbMrg_67gAErnMDyXEhr21_oX3V_XiLyKnw6V6zcq_otQcJnBUntGa8mb405446ytQe0we8k3y1-YRzZka8E6ZWAbigUOsitdM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjkzMTk2MDU0MjQ3MTI0NTcxOQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFDDUXZ08gOWLnXjSfLlZXg&google_cver=1

Request Chain 92

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFPyMUw-CGG1tWAtPcNS1cg&google_cver=1&google_push=ASkJ3FZFWDP3UFvyqABl-LyctiYjf_fGw7UAHxpwiZGewDX5Jhs9EieFODhHsxfsRheymRARbG08duy8iSVtv3HDOfYINm_nC08xjck HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjUyMTAwMTYxNTIyNzAyMQ%3D%3D&google_push=ASkJ3FZFWDP3UFvyqABl-LyctiYjf_fGw7UAHxpwiZGewDX5Jhs9EieFODhHsxfsRheymRARbG08duy8iSVtv3HDOfYINm_nC08xjck

Request Chain 93

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ-JzWJI9aN3BYTUmPtpYns&google_cver=1&google_push=ASkJ3Fb3nC-E1HVCxzCd0iNbAvp0wkBd8zBKCMhKKObG57H9yKA0GgROMGchOoQerOtLUTnVxdN8Q2HELWyy_SRvK-Spa4OpfkFK62E HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LsEDgd6oQ82cE97eezIm_A2&google_push=ASkJ3Fb3nC-E1HVCxzCd0iNbAvp0wkBd8zBKCMhKKObG57H9yKA0GgROMGchOoQerOtLUTnVxdN8Q2HELWyy_SRvK-Spa4OpfkFK62E

Request Chain 94

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBoEUn_p-FHsA9l0ZUvRQl0&google_cver=1&google_push=ASkJ3FY8bRu1beg94rxRUFrvF63ypwtOjpX719fBxpjSQ6CYysEBGgY6pcY-g9mwT6PoRjit0RcmkxQm7WEpPBPi17oguMNMNO3g2Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FY8bRu1beg94rxRUFrvF63ypwtOjpX719fBxpjSQ6CYysEBGgY6pcY-g9mwT6PoRjit0RcmkxQm7WEpPBPi17oguMNMNO3g2Q&google_hm=eS12bGVfa1VWRTJwRTFCaFFnMjY1Z0hVQTdKMWtEUEhOR35B

Request Chain 95

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENW-LeG5KqJZYa5-RdPr2ZU&google_cver=1&google_push=ASkJ3FYONV1co6cbh93KuabAFzBdJNDL9BqUv-8a8STd4ernlN-qnAAwduoZhNP2U6NPG7n7NyjDDto23ph4e6yljDuQhP0hQn9rits HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENW-LeG5KqJZYa5-RdPr2ZU&google_cver=1&google_push=ASkJ3FYONV1co6cbh93KuabAFzBdJNDL9BqUv-8a8STd4ernlN-qnAAwduoZhNP2U6NPG7n7NyjDDto23ph4e6yljDuQhP0hQn9rits HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2NzUwNDYwNDYyMDI5NzYx&google_push=ASkJ3FYONV1co6cbh93KuabAFzBdJNDL9BqUv-8a8STd4ernlN-qnAAwduoZhNP2U6NPG7n7NyjDDto23ph4e6yljDuQhP0hQn9rits

Request Chain 96

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEFSx0hjv42WEHOAVNJP4NeU&google_cver=1&google_push=ASkJ3Fbl44GCwPcg5xAr0aLynhETBioiwx7WUJ6vCfwZk7zpFk9jngcTjsqQ_zQPgqHPsYR_XCsd6MI_xL8Mx0_U4bYRwqTW-M0MFg HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3Fbl44GCwPcg5xAr0aLynhETBioiwx7WUJ6vCfwZk7zpFk9jngcTjsqQ_zQPgqHPsYR_XCsd6MI_xL8Mx0_U4bYRwqTW-M0MFg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1670914004225 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3153ff5c-1932-4e96-9d98-8cea3911e080-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3Fbl44GCwPcg5xAr0aLynhETBioiwx7WUJ6vCfwZk7zpFk9jngcTjsqQ_zQPgqHPsYR_XCsd6MI_xL8Mx0_U4bYRwqTW-M0MFg%26google_hm%3DAzFT_1wZMk6WnZiM6jkR4IA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3Fbl44GCwPcg5xAr0aLynhETBioiwx7WUJ6vCfwZk7zpFk9jngcTjsqQ_zQPgqHPsYR_XCsd6MI_xL8Mx0_U4bYRwqTW-M0MFg&google_hm=AzFT_1wZMk6WnZiM6jkR4IA

Request Chain 97

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJRKyh917wwADHpZGWNPPzU&google_cver=1&google_push=ASkJ3FblJpHALRBM2_M0nB-weJEKHdWUo40EoL9Q2IjamYwhS4OUmQ58gqunX_vaEnTE-MzuNPVHGwO2ujwerEXhkf1t1AbiphqL4A HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FblJpHALRBM2_M0nB-weJEKHdWUo40EoL9Q2IjamYwhS4OUmQ58gqunX_vaEnTE-MzuNPVHGwO2ujwerEXhkf1t1AbiphqL4A&google_gid=CAESEJRKyh917wwADHpZGWNPPzU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDkyMjY4Nzk5NjEzMzU3MjI2MDQy&google_push=ASkJ3FblJpHALRBM2_M0nB-weJEKHdWUo40EoL9Q2IjamYwhS4OUmQ58gqunX_vaEnTE-MzuNPVHGwO2ujwerEXhkf1t1AbiphqL4A

146 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
angelyatko.com.ua/
Redirect Chain

http://angelyatko.com.ua/
https://angelyatko.com.ua/

70 KB
15 KB

878ms
693ms

Document
text/html

176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx / PHP/7.3.12
Resource Hash: 36fd600611f33f21909432f5c03114cd07eeff4d3b3303f7cedc5a62a9eb05ad

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 14775
content-type: text/html; charset=UTF-8
date: Tue, 13 Dec 2022 06:46:42 GMT
link: <https://angelyatko.com.ua/wp-json/>; rel="https://api.w.org/"
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.3.12

Redirect headers

Connection: keep-alive
Content-Length: 162
Content-Type: text/html
Date: Tue, 13 Dec 2022 06:46:41 GMT
Location: https://angelyatko.com.ua/
Server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 192 KB
71 KB 190ms
70ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q6H8S4SY17

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

836e8d4d7552b81ba8e3d4fd626f732bea74bdd0b561b54fe287bdead948cf9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 72384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 13 Dec 2022 06:46:42 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 245ms
110ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26f460684f12189fe824f07693fae9b331afe98783c8d324acd24b5869dc948b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49638
x-xss-protection: 0
server: cafe
etag: 13585089672296796294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 06:46:42 GMT

GET
H2 200 style.min.css
angelyatko.com.ua/wp-includes/css/dist/block-library/ 53 KB
53 KB 90ms
84ms Stylesheet
text/css 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=5.5.11
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Fri, 18 Sep 2020 11:20:31 GMT
server: nginx
accept-ranges: bytes
etag: "5f6497ff-d293"
content-length: 53907
content-type: text/css

GET
H2 200 theme.min.css
angelyatko.com.ua/wp-includes/css/dist/block-library/ 2 KB
2 KB 256ms
251ms Stylesheet
text/css 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-includes/css/dist/block-library/theme.min.css?ver=5.5.11
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Fri, 18 Sep 2020 11:20:31 GMT
server: nginx
accept-ranges: bytes
etag: "5f6497ff-8aa"
content-length: 2218
content-type: text/css

GET
H2 200 custom.css
angelyatko.com.ua/wp-content/plugins/comfortable-reading/css/ 978 B
1 KB 257ms
252ms Stylesheet
text/css 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/plugins/comfortable-reading/css/custom.css?ver=5.5.11
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 60a84abaf12e44b36fee2b789a4b6ef13cfdca1f3bd7f4912598b57cd29dc2d3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Mon, 21 Sep 2020 14:34:30 GMT
server: nginx
accept-ranges: bytes
etag: "5f68b9f6-3d2"
content-length: 978
content-type: text/css

GET
H2 200 styles.css
angelyatko.com.ua/wp-content/plugins/contact-form-7/includes/css/ 2 KB
2 KB 257ms
253ms Stylesheet
text/css 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.2.2
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:54:18 GMT
server: nginx
accept-ranges: bytes
etag: "5f6718ba-780"
content-length: 1920
content-type: text/css

GET
H2 200 jquery.bxslider.min.css
angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/bxslider/css/ 2 KB
2 KB 258ms
254ms Stylesheet
text/css 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/bxslider/css/jquery.bxslider.min.css?ver=4.2.5
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 392d77cffdff39dc3f1a1b0f8f75dc53a84b0329bdb9d43908ead698ed004e9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:58:02 GMT
server: nginx
accept-ranges: bytes
etag: "5f67199a-8a4"
content-length: 2212
content-type: text/css

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 194ms
64ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CLato%3A400%2C700&ver=1.0.1

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

91bdd744c11191d5019e24869b32059539bda2902e84eed9d8f25b6be3e8babf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 06:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 06:46:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Dec 2022 06:46:42 GMT

GET
H2 200 font-awesome.min.css
angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/Font-Awesome/css/ 30 KB
30 KB 258ms
255ms Stylesheet
text/css 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:58:02 GMT
server: nginx
accept-ranges: bytes
etag: "5f67199a-7918"
content-length: 31000
content-type: text/css

GET
H2 200 style.css
angelyatko.com.ua/wp-content/themes/acmeblog/ 37 KB
37 KB 259ms
256ms Stylesheet
text/css 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/themes/acmeblog/style.css?ver=5.5.11
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 87c49906d9734363f6d084cb49f21aba8ae026adb4c2de6fbfcc7cba061ccb23

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:58:02 GMT
server: nginx
accept-ranges: bytes
etag: "5f67199a-92dd"
content-length: 37597
content-type: text/css

GET
H2 200 gutenberg-front.css
angelyatko.com.ua/wp-content/themes/acmeblog/acmethemes/gutenberg/ 1 KB
1 KB 337ms
334ms Stylesheet
text/css 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/themes/acmeblog/acmethemes/gutenberg/gutenberg-front.css?ver=1.0
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: ef9459f9c38dffb7c4fa60f30be00ad3d1650fdacc793f666239e33affd03577

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:58:02 GMT
server: nginx
accept-ranges: bytes
etag: "5f67199a-4a8"
content-length: 1192
content-type: text/css

GET
H2 200 jquery.js Show response
angelyatko.com.ua/wp-includes/js/jquery/ 95 KB
95 KB 337ms
335ms Script
application/javascript 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Fri, 18 Sep 2020 11:20:18 GMT
server: nginx
accept-ranges: bytes
etag: "5f6497f2-17a69"
content-length: 96873
content-type: application/javascript

GET
H2 200 kjhdfghjklhot_1.jpg
angelyatko.com.ua/wp-content/uploads/ 43 KB
43 KB 96ms
92ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/kjhdfghjklhot_1.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: c0048c779e4ba43a40bb7a05a769c4a6875d2d16225d7a6285e5325e60f5a4aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Wed, 07 Dec 2022 10:13:57 GMT
server: nginx
accept-ranges: bytes
etag: "63906765-ad36"
content-length: 44342
content-type: image/jpeg

GET
H2 200 ihgfdrtyushot_1.jpg
angelyatko.com.ua/wp-content/uploads/ 60 KB
60 KB 175ms
171ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/ihgfdrtyushot_1.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: e13275ece1211f5e0c1959c0d97102eba8700fef791a117fcbafc5702ea27950

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Thu, 01 Dec 2022 12:17:52 GMT
server: nginx
accept-ranges: bytes
etag: "63889b70-eeb2"
content-length: 61106
content-type: image/jpeg

GET
H2 200 fddddfghjkhot_1.jpg
angelyatko.com.ua/wp-content/uploads/ 45 KB
45 KB 176ms
172ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/fddddfghjkhot_1.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 435a4083e8a4765a5a81a9282372d8727e5eaa9bbedc183f80db956af95d93e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Wed, 30 Nov 2022 13:54:19 GMT
server: nginx
accept-ranges: bytes
etag: "6387608b-b28a"
content-length: 45706
content-type: image/jpeg

GET
H2 200 kjghuiolnshot_1.jpg
angelyatko.com.ua/wp-content/uploads/ 47 KB
47 KB 177ms
173ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/kjghuiolnshot_1.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 1bd8d82c8ac7eba234a784e421a37fe49abe31ee7c48996bc6c35b84130b5d77

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Wed, 30 Nov 2022 10:30:31 GMT
server: nginx
accept-ranges: bytes
etag: "638730c7-bc41"
content-length: 48193
content-type: image/jpeg

GET
H2 200 hijklot_1.jpg
angelyatko.com.ua/wp-content/uploads/ 24 KB
24 KB 177ms
173ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/hijklot_1.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 1e825af3c1bf39811427e1fc8c4ee79507a30981a5045c647ef5974d54b52de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sat, 19 Nov 2022 17:36:57 GMT
server: nginx
accept-ranges: bytes
etag: "63791439-603c"
content-length: 24636
content-type: image/jpeg

GET
H2 200 335d1b0b4fbb1d1c6a57b4fe9db08467-330x195.jpg
angelyatko.com.ua/wp-content/uploads/ 10 KB
10 KB 177ms
174ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/335d1b0b4fbb1d1c6a57b4fe9db08467-330x195.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: d20859be350f0ddead4d264bbd118577dcc1046abef44566c221a2edf4c0c214

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 11:14:28 GMT
server: nginx
accept-ranges: bytes
etag: "5f673994-26b4"
content-length: 9908
content-type: image/jpeg

GET
H2 200 b1721de83062bb7ae3cd38f49497cfad-330x195.jpg
angelyatko.com.ua/wp-content/uploads/ 12 KB
12 KB 178ms
174ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/b1721de83062bb7ae3cd38f49497cfad-330x195.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 4461667f0c7538b160d94f370f45b99e61d5d66882586bb0643d3926d8227f2e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 11:27:58 GMT
server: nginx
accept-ranges: bytes
etag: "5f673cbe-314e"
content-length: 12622
content-type: image/jpeg

GET
H2 200 jquery.comfortable.reading.js Show response
angelyatko.com.ua/wp-content/plugins/comfortable-reading/js/ 6 KB
6 KB 85ms
84ms Script
application/javascript 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/plugins/comfortable-reading/js/jquery.comfortable.reading.js?ver=1.1
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 9b2fd968e7317b58d1a588c748f0a92bf3d997ccfd169d70e6596a9bc8a57a1e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Mon, 21 Sep 2020 14:34:30 GMT
server: nginx
accept-ranges: bytes
etag: "5f68b9f6-17f8"
content-length: 6136
content-type: application/javascript

GET
H2 200 jquery.cookie.js Show response
angelyatko.com.ua/wp-content/plugins/comfortable-reading/js/ 2 KB
2 KB 85ms
85ms Script
application/javascript 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/plugins/comfortable-reading/js/jquery.cookie.js?ver=1.1
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 9fa0f4513eaf62288b7843b7cff59bd539d068488a802e3a3903d041038d7940

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Mon, 21 Sep 2020 14:34:30 GMT
server: nginx
accept-ranges: bytes
etag: "5f68b9f6-8b8"
content-length: 2232
content-type: application/javascript

GET
H2 200 scripts.js Show response
angelyatko.com.ua/wp-content/plugins/contact-form-7/includes/js/ 14 KB
14 KB 89ms
84ms Script
application/javascript 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.2.2
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:54:18 GMT
server: nginx
accept-ranges: bytes
etag: "5f6718ba-3719"
content-length: 14105
content-type: application/javascript

GET
H2 200 jquery.bxslider.js Show response
angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/bxslider/js/ 66 KB
66 KB 90ms
86ms Script
application/javascript 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/bxslider/js/jquery.bxslider.js?ver=4.2.51
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 5836e342b13c5e478c0587befc676af479166eefb14a1887f73783f2716cc31f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:58:02 GMT
server: nginx
accept-ranges: bytes
etag: "5f67199a-1061b"
content-length: 67099
content-type: application/javascript

GET
H2 200 acmeblog-custom.js Show response
angelyatko.com.ua/wp-content/themes/acmeblog/assets/js/ 17 KB
18 KB 94ms
89ms Script
application/javascript 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/themes/acmeblog/assets/js/acmeblog-custom.js?ver=1.0.1
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: fbc10b06e7879f8e72d422925467c68872eb9e3ee18d8ee331105f861e90460e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:58:02 GMT
server: nginx
accept-ranges: bytes
etag: "5f67199a-45fe"
content-length: 17918
content-type: application/javascript

GET
H2 200 wp-embed.min.js Show response
angelyatko.com.ua/wp-includes/js/ 1 KB
2 KB 95ms
91ms Script
application/javascript 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-includes/js/wp-embed.min.js?ver=5.5.11
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Thu, 15 Apr 2021 08:05:12 GMT
server: nginx
accept-ranges: bytes
etag: "6077f3b8-592"
content-length: 1426
content-type: application/javascript

GET
H2 200 wp-emoji-release.min.js Show response
angelyatko.com.ua/wp-includes/js/ 14 KB
14 KB 178ms
175ms Script
application/javascript 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=5.5.11
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Thu, 15 Apr 2021 08:05:12 GMT
server: nginx
accept-ranges: bytes
etag: "6077f3b8-3795"
content-length: 14229
content-type: application/javascript

GET
H2 200 css
fonts.googleapis.com/ 1 KB
522 B 65ms
63ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans+Narrow&subset=cyrillic,latin

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/wp-content/plugins/comfortable-reading/css/custom.css?ver=5.5.11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

41b8cb55d67a6b903f36a48f0092c85a6810ca974a8710590da51ca68edef8c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 13 Dec 2022 06:46:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 06:46:42 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 13 Dec 2022 06:46:42 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 205ms
63ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Q6H8S4SY17&gtm=2oebu0&_p=255874337&cid=487234436.1670914003&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670914002&sct=1&seg=0&dl=https%3A%2F%2Fangelyatko.com.ua%2F&dt=%D0%9A%D0%B8%D1%97%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BB%D1%96%D0%BA%D0%B0%D1%80%D0%BD%D1%8F%20%22%D0%AF%D0%BD%D0%B3%D0%BE%D0%BB%D1%8F%D1%82%D0%BA%D0%BE%22%20-%20%D0%A1%D0%BA%D0%B0%D0%B6%D1%96%D1%82%D1%8C%20%D0%BD%D1%96%20%D0%B1%D0%BE%D0%BB%D1%8E%20%D1%82%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D0%B0%D0%BC%20%D0%B7%D1%96%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%D0%BC&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q6H8S4SY17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:42 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://angelyatko.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 178ms
68ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-197949678-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q6H8S4SY17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

82338d2bf07bab2ebd4f5f2590170ea21578345c54fed63326204c2fd3702af8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43585
x-xss-protection: 0
last-modified: Tue, 13 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 13 Dec 2022 06:46:42 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 355 KB
117 KB 230ms
114ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7565247827801723&plah=angelyatko.com.ua&bust=31071276

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

563fd70c2f98ba30da5563f89eb586ceea7ce17483adc043b29d5578e59cc430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119791
x-xss-protection: 0
server: cafe
etag: 6677553940216668255
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 06:46:42 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 2664 10 KB
5 KB 170ms
53ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 16469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 02:12:13 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 02:12:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 23 KB
24 KB 186ms
57ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CLato%3A400%2C700&ver=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://angelyatko.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 17:07:14 GMT
x-content-type-options: nosniff
age: 567568
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 17:07:14 GMT

GET
H2 200 TK3iWkUHHAIjg752HT8Ghe4.woff2
fonts.gstatic.com/s/oswald/v49/ 15 KB
15 KB 242ms
113ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752HT8Ghe4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CLato%3A400%2C700&ver=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

defb20e43cce9cae26c0f036e325e76c1aeb9e909c3b9675efba535cb74dd735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://angelyatko.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 21:29:59 GMT
x-content-type-options: nosniff
age: 379003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14912
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:16:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 21:29:59 GMT

GET
H2 200 fontawesome-webfont.woff2
angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/Font-Awesome/fonts/ 75 KB
76 KB 257ms
256ms Font
application/octet-stream 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://angelyatko.com.ua/wp-content/themes/acmeblog/assets/library/Font-Awesome/css/font-awesome.min.css?ver=4.7.0
Origin: https://angelyatko.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Sun, 20 Sep 2020 08:58:02 GMT
server: nginx
accept-ranges: bytes
etag: "3ea2c84-12d68-5afbaee68da27"
content-length: 77160

GET
H2 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v49/ 25 KB
25 KB 256ms
130ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700%7CLato%3A400%2C700&ver=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://angelyatko.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 21:13:14 GMT
x-content-type-options: nosniff
age: 34408
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25372
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 21:13:14 GMT

GET
H2 200 d2b3463be3edfafbfb3ac6278acdbf24.jpg
angelyatko.com.ua/wp-content/uploads/ 35 KB
35 KB 152ms
151ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/d2b3463be3edfafbfb3ac6278acdbf24.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: d37690ad54b6565adf208a7d7221cef2d3ef718b7015cb0a26d4fcda69804d9a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Wed, 23 Sep 2020 10:52:04 GMT
server: nginx
accept-ranges: bytes
etag: "5f6b28d4-8d3d"
content-length: 36157
content-type: image/jpeg

GET
H2 200 f83c558e0c2ae6f14939d65512f82253.jpg
angelyatko.com.ua/wp-content/uploads/ 51 KB
51 KB 153ms
152ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/f83c558e0c2ae6f14939d65512f82253.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 8f4270bbc6255406cfffd5eb876dcc57d66e75f3698caeb3a3e9896a02dff415

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Mon, 21 Sep 2020 23:53:54 GMT
server: nginx
accept-ranges: bytes
etag: "5f693d12-cbfe"
content-length: 52222
content-type: image/jpeg

GET
H2 200 34ba5436ab1ef345c9ac4db526aff964.jpg
angelyatko.com.ua/wp-content/uploads/ 30 KB
30 KB 231ms
230ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/34ba5436ab1ef345c9ac4db526aff964.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: 16a2d691736db0bc6fc56b59ee65c166c3b27bf22360d2d33ce7353a4d480616

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Mon, 21 Sep 2020 02:54:18 GMT
server: nginx
accept-ranges: bytes
etag: "5f6815da-7770"
content-length: 30576
content-type: image/jpeg

GET
H2 200 cdrthyoiuhhot_1.jpg
angelyatko.com.ua/wp-content/uploads/ 72 KB
72 KB 231ms
231ms Image
image/jpeg 176.114.0.120
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://angelyatko.com.ua/wp-content/uploads/cdrthyoiuhhot_1.jpg
Requested by: Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 176.114.0.120 , Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s12.thehost.com.ua
Software: nginx /
Resource Hash: a4f4b3895fce89a976e861285a29b4d8565bb45c565a753704b093338c8ea3b5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:42 GMT
last-modified: Mon, 12 Dec 2022 10:21:20 GMT
server: nginx
accept-ranges: bytes
etag: "639700a0-11ea5"
content-length: 73381
content-type: image/jpeg

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 174ms
53ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-197949678-1&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 13 Dec 2022 05:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 4923
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 13 Dec 2022 07:24:40 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
702 B 188ms
65ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=angelyatko.com.ua&callback=_gfp_s_&client=ca-pub-7565247827801723&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7565247827801723&plah=angelyatko.com.ua&bust=31071276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdb541b6523c0059d132059a21b2467e3ce7f8f04a66e5fbd9628cb1d03d3f13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 196ms
67ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=angelyatko.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 195ms
66ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=angelyatko.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 069B 52 KB
16 KB 377ms
268ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&adk=1812271804&adf=3025194257&lmt=1670914003&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fangelyatko.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914002653&bpp=33&bdt=362&idt=398&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=997607074514&frm=20&pv=2&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=421

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2fbb1bdf6a4402d54edad00c813a74a7073d16ceca8d096291ebb40efd719928

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 16336
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:43 GMT
expires: Tue, 13 Dec 2022 06:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 180ms
65ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=255874337&t=pageview&_s=1&dl=https%3A%2F%2Fangelyatko.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B8%D1%97%D0%B2%D1%81%D1%8C%D0%BA%D0%B0%20%D0%BB%D1%96%D0%BA%D0%B0%D1%80%D0%BD%D1%8F%20%22%D0%AF%D0%BD%D0%B3%D0%BE%D0%BB%D1%8F%D1%82%D0%BA%D0%BE%22%20-%20%D0%A1%D0%BA%D0%B0%D0%B6%D1%96%D1%82%D1%8C%20%D0%BD%D1%96%20%D0%B1%D0%BE%D0%BB%D1%8E%20%D1%82%D0%B0%20%D0%BF%D1%80%D0%BE%D0%B1%D0%BB%D0%B5%D0%BC%D0%B0%D0%BC%20%D0%B7%D1%96%20%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%27%D1%8F%D0%BC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=894946389&gjid=1227599723&cid=487234436.1670914003&tid=UA-197949678-1&_gid=1196366206.1670914003&_r=1&gtm=2oubu0&z=1347312386

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://angelyatko.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://angelyatko.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 151 KB
51 KB 126ms
126ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

46036e9fbeecb68f6f9ca6dbc6cd0b7ece368756d9ab1be97890791147484590

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52383
x-xss-protection: 0
server: cafe
etag: 2441324562554864856
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 06:46:43 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 174ms
63ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=angelyatko.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 184ms
66ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=angelyatko.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3A55 100 KB
41 KB 370ms
370ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=250&adk=2811827528&adf=2419326298&pi=t.aa~a.4263631882~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1670914003&rafmt=1&to=qs&pwprc=4937905649&format=333x250&url=https%3A%2F%2Fangelyatko.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003498&bpp=2&bdt=1207&idt=2&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0&nras=2&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5jTgatUWgS&p=https%3A//angelyatko.com.ua&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e202864f4267c224b69b432f85ddf838ee7b59f3bd54454628ae0a00b07a6ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 41565
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:43 GMT
expires: Tue, 13 Dec 2022 06:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F1C 436 B
236 B 288ms
287ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=491&adk=3197780835&adf=2500132200&pi=t.aa~a.635082417~rp.4&w=833&lmt=1670914003&nsk=1931c63c&rafmt=11&pwprc=4937905649&ad_type=text_image&format=833x491&url=https%3A%2F%2Fangelyatko.com.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003517&bpp=1&bdt=1226&idt=-M&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0%2C333x250&nras=3&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=1571&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=FX2nOkjkhQ&p=https%3A//angelyatko.com.ua&dtd=11

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dff8d4c34b364bf1cb62c7a88b1ab708182341faf3fe6b18e863559353d859e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:43 GMT
expires: Tue, 13 Dec 2022 06:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FAE 436 B
235 B 277ms
277ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=554&adk=2905973262&adf=628823934&pi=t.aa~a.2477792370~rp.4&w=833&lmt=1670914003&nsk=e3de31a1&rafmt=11&pwprc=4937905649&ad_type=text_image&format=833x554&url=https%3A%2F%2Fangelyatko.com.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003517&bpp=1&bdt=1226&idt=-M&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0%2C333x250%2C833x491&nras=4&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=2827&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=HX8UUrtW00&p=https%3A//angelyatko.com.ua&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef84761e8c4763abb21c46e289bed7e5df61de5b3a643c46cb3be81f213dd06d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:43 GMT
expires: Tue, 13 Dec 2022 06:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E757 436 B
235 B 285ms
285ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=512&adk=2099650123&adf=2579584814&pi=t.aa~a.2477849929~rp.4&w=833&lmt=1670914003&nsk=98cee507&rafmt=11&pwprc=4937905649&ad_type=text_image&format=833x512&url=https%3A%2F%2Fangelyatko.com.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003517&bpp=1&bdt=1227&idt=1&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0%2C333x250%2C833x491%2C833x554&nras=5&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=4111&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=4&fsb=1&xpc=91AUTSkaaB&p=https%3A//angelyatko.com.ua&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8654f07056ffa700c3b61927eeb0f282f1a9f26061158ac3457079be08824026

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:43 GMT
expires: Tue, 13 Dec 2022 06:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 518D 10 KB
4 KB 54ms
54ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 15560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 02:27:23 GMT
etag: 10353107486223812946
expires: Tue, 27 Dec 2022 02:27:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4B1F 624 B
246 B 97ms
95ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY14H1uwEwAQ&v=APEucNXpygMLuy0SyxRnV0zVP1j4_mfhe7jf8SWTezz0izqwABFGhbuGtxugEE3YobSbN3O6SD1vQ1_FkVu60_4olVzngzWbTCLB05X7VdXL2t7aKiZkEvuGc5fGDHVRD-t0pPaxYARsrog17KVsihwQjAb1wC_BeUCY3HrGysdamA85RfjgyiA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:43 GMT
expires: Tue, 13 Dec 2022 06:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 518D 76 KB
27 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27387
x-xss-protection: 0
server: cafe
etag: 15442950961169408521
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Tue, 13 Dec 2022 06:46:43 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 518D 42 B
63 B 94ms
92ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYZVjtXwJ2Kxxi6TvKkP0F67X8SKSQOWYmqkQOnpPZQMw68cq-Kv643WdghI_uiPv-Ocwf-f2ch3FeYLXz0jVJHdtXLBWF9Fnk8lA1R2ipi4h-Z5U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 518D 0
20 B 95ms
93ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=7330290317488447160&x=1&ct=119

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 518D 3 KB
1 KB 203ms
73ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 20:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38718
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 20:01:25 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 518D 18 KB
8 KB 187ms
56ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31064
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:08:59 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 518D 153 KB
47 KB 3073ms
2935ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:46:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 518D 23 KB
9 KB 192ms
62ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31032
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:09:31 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ9IbKO91yyAUiaaObnWH8&google_cver=1

43 B
766 B

118ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ9IbKO91yyAUiaaObnWH8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY14H1uwEwAQ&v=APEucNXpygMLuy0SyxRnV0zVP1j4_mfhe7jf8SWTezz0izqwABFGhbuGtxugEE3YobSbN3O6SD1vQ1_FkVu60_4olVzngzWbTCLB05X7VdXL2t7aKiZkEvuGc5fGDHVRD-t0pPaxYARsrog17KVsihwQjAb1wC_BeUCY3HrGysdamA85RfjgyiA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 06:46:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENZ9IbKO91yyAUiaaObnWH8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4B1F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5gf1PONMMXqToeiqpJnZwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1

43 B
894 B

55ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY14H1uwEwAQ&v=APEucNXpygMLuy0SyxRnV0zVP1j4_mfhe7jf8SWTezz0izqwABFGhbuGtxugEE3YobSbN3O6SD1vQ1_FkVu60_4olVzngzWbTCLB05X7VdXL2t7aKiZkEvuGc5fGDHVRD-t0pPaxYARsrog17KVsihwQjAb1wC_BeUCY3HrGysdamA85RfjgyiA
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 06:46:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=496
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4B1F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEC2fVhe-3MdJ-v5MYQimFFE&google_cver=1

43 B
1016 B

388ms
286ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEC2fVhe-3MdJ-v5MYQimFFE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMmw9gIQ_bPr_AEY14H1uwEwAQ&v=APEucNXpygMLuy0SyxRnV0zVP1j4_mfhe7jf8SWTezz0izqwABFGhbuGtxugEE3YobSbN3O6SD1vQ1_FkVu60_4olVzngzWbTCLB05X7VdXL2t7aKiZkEvuGc5fGDHVRD-t0pPaxYARsrog17KVsihwQjAb1wC_BeUCY3HrGysdamA85RfjgyiA

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 06:46:44 GMT
AN-X-Request-Uuid: d744b2a1-bfb9-4153-8e6b-22d32e9b2cb1
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEC2fVhe-3MdJ-v5MYQimFFE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B1F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE5NTkwOTMyOTc3NjY2MzMxMQ%3D%3D

170 B
188 B

147ms
65ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE5NTkwOTMyOTc3NjY2MzMxMQ%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 06:46:44 GMT
AN-X-Request-Uuid: eb00ad44-4da8-4d2c-b77e-4767bc2c06d8
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=OTE5NTkwOTMyOTc3NjY2MzMxMQ%3D%3D
Connection: keep-alive
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 518D 0
20 B 90ms
90ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5393311956757&version=m202209210101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 518D 0
20 B 90ms
90ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5393311956757&version=m202209210101&ct=119&x=1&cor=7330290317488447000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 518D 83 KB
34 KB 91ms
90ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-IFb4FP8U0OGuqH1bd5rnJRui4o4FAp6iAi9bQdPnnLAI2gp5PK1Skc1FWP2Ap5ycMk_-g4_XT6msk_PMtHxvgf7p7czPUIyQowJIw1Nop0R0C5VtWQFJkoItFCfm2eESCbiXLLiCVKr1wDSNUO5VBAmxMUL_MEykbls0HjA8naU_J5g&cry=1&dbm_d=AKAmf-B-bIge-2bNqo0aziyD_FzLgCT5-iae0FNjRk6MFp1X8ZzQmj66D6cDksDy2Q0q94NaAPZiTiEoC6uKhuoH37wn0aZAcaDKgNfeTP96NMgOdJkHfGekN0Dzl6Nhw4H-Ju8tByA5oELDlal3gm7IzLcKApb-1EtF9uNHTJ90SdBKb9dzedCB1Fc3q_9sfPPCls5ladqW3BShnZh2esXLfTjzG4zOs2NPJ5lyVjLcyxDn9XIN-9FDyqSJwqMVePd0MVg-Bx9AvNVEx8D2I5HNL8Jos1GOxccEyLn5LTWfXSjLIGzMmzLkV8cWGbSd2TwXqceyjlIup2_pQtg2OzGa0oIf1djanxj9Qly3MiaGYR8f9iAYCFSOMrvcAqFKa-MWtW-5fSBBFWddBMySTyJhj0DdS-d2fivOfFUc430dYsmbgiu2tl5sj41I6EBFRpIMtD1b-K0GtIoiQ7Kn796sM_8lPOuUKhVsItG1kucPxRiLO_4xyKoYHcS6h1LvL_EixavKKuxgID1TWf_WXdMPVLSb7tnojTuVRHnl8tMiVB5yw0RNDpXSEDMevibFm0-Pl1GqTakNiNjNz7xYwH5r5fi7kb9ZHFDkx-QjVMJD-5FMEYspr_iRiNn3UkEd15U0pbwY7tk7lVhtE2g6dVlbvkIQ9DuWKRqYCVjnkMyY21a2lawx-Hh0CpUE0qiqh9qoC8Fah4fCjn3zCEatbiWSKZHSqqBoHlnnk5E3Rl8uoEjNosqARKgUQonPKwYf-f3tWXHUUyYJ18f8llI3RC11RsgNoCJG2jgYyudq832WYkO1drw9mUdBtOhOHdOmnrw3OSkHt7JLICLxL8SwZn8RyAfBscMPwx7A-bP5xcO482PbdkCzIf9pc5LhMCcEEdvBm6j9dc_04fUUTxWw1mQYpa92mD2VKuJE9162qPVOLhU-blDNicZy0v12Q3-hXQNbxe-42MUVg9bzASAsZ7DgfLHyT6t4my5QsCLrct4JNWQlT-zLDxrinsH2DAHJX-9qI0Grle1CEdKTCrnW1sZqNH_Liospo5oX9jOdlR63ERpBGIfv-1vBF70NuYuwEGT6J7S8XTF8y2mLYTd3c_zeWQX0sOyRJB2YBE5En4WrP2Y2jt10tScDHQl0fQqplNGbBBr-XpRaozenfmvvr5KjTw6hCymvSdCf7bg3uQ9VrNdpDiEUD7oH2UrfmOIsgGPRj1x7TxPPNg3kgl9z7L-M5vQQv_ecToRotrshby3YSM8hr4Kl-u2jme7jSneBDgb4ALiEbsUgmcKaH-jOAFMyqzhErFKiotHGwD--1w4MVO5Q_0xHFltcy7-uhC5qrr37cq5nB-VpNxUChr3jqz9M52GIvq0lqAHS8ZB2euzfx7aPBGwDqqPJ_oP72PL6ctD7sRYhsuGFIqfX3FhQBTywHCNAFqAUXQc9f0nG9PAFmWMZ4PK6aXTIWlB0vE5pRIANUPY-Woy-nDXZWDE1BiMmd0VFCKfoS7a6Vp6d4uLE2nGRC9luwVurf4JexPJv5XwH81Ben8FCEFiCRS86E8ZxW0MhpUPFmbsvJj8aZjrB0woXhm0LyvNQs11QezN-5hSq8WfJtLpkgmrB9kNcnEK9atog8VKl1l0mIuDvaRPBHGiCcjhZR0Ve1WKj95Y2ik8vC0-tpZ7zlVPE534JoOEtWWQ595O6c1gvUJxV6khh1cbRGHev8jkWR8WK2_PkwgqvBPnVeptoN3HmYkbn_YL0lDIAzNu-neidgT0Lm18QYTBjYDi5fOJ1Rcl_edB4BMn3FBjLR34nppNAgAqx0Ua019K5KlkSf6G9LEyxXDhTMx-7kbRTYOmzGXTcH2DKrkOl1QpYym99uNa1SK4VZUbL4WumHsqWe8Bcx692jRMpKJKRF3_J7uTSyUodZISGI0Pf9jVuHCq_1vljyJnMkuvzndZaIWVpXvA7EmJJF_Yw5EngxXr1FG-Hv1mU77AYPHiZUdBIkDiYCLb9VPfirZ0SqexgJhafj4gmeW5e0zi337CTUxRW55QGczLDAfqzc7VWa6Ebqht85NmYdsh-ubPDu098N8s8FYyBYqJgawg7Ub7ePLil2WQKp47AVSrjSs5w_fyoieic1nzosdR_Wl3eUS5DqkGNxT03bqBgIdSSNCKOLz0EzHOGNaJZmJffVIb18FxN5MI7DOUJpBSwXz4An5xfSHhcvaqaSkVbAA35smLV7suEGakfigQftX8CNiXUKyRBSn0RS42ClnPhdHbKwlo0yDpeGj3ODivm-n0FLYGFmi4yOQvg-MJSaE5dJcxSoQUwwK1KPhnBovmsieg9VPV6cuLi_AQiStJO14tlWl49fuC697MnH6Jx4JIFe16i7TMudTa4xgxQEBdwhUe-trTm28DXE_Kfh2AIRFUouyoz2kVWGdYoJp_VtEg3lbu70cdy-HLq_qOfwuKJ0K-4qrSTHKwU9PxTmC7API51V4c64lR53Rk6W7W8g4nREImR1PiX4umCkQocr497_QLa8gjiNbDpWvXsazUU9OEa_-cfI8EeDgn28AR6iOJ2XxqJUHBNUyvp0UjSDP_tMh9kL4WaYvG_w_cMTIi0G3ZMBbzHYHEOSrk7l9RxkRI6BBUDBe-lbc2SYLQeTs-e0E65vPF1OC7HYTM9DjkFEsUZ1EMoW3acoj3EeGugPzEJl3qF8fjAc4gbIM4xMhE2Nb_nkBXTiU4Gl2eMycMP5WIGMUGmEI743eNXpEORSaxDbrViVwMSpmBjPMCLVCvIQCgQbFXter6dDNPO85hYEA_gbP3KWEJ7t-DivFRIsg_SodDboMN7y9qxRB-wpkDwsISjXtMukniWZ__cJIzBxQ3PWg39DcruV8c1uQUN1nbIrVmreMzGEtmU4KzAh8QGoPN4R8yG1QI6MZCbNQi2hBaKNmBBUYCF0vHTXFWoC_VG2aX43HOYjHyzHX1l1CuPsssG-WoGsfYI30LN6nRDvjedBIcAo4jWn7H2JnqUi_E7v0sKlCfJo4AW2LSvOjib5fW4PPA_74qSo7AL2VF8mKYBnTPyT9Usi_9uqdfSPdylxzfh1S2hPnILdlM0PSzG5OKTRjLdcoGwRO-PVS9Ju6SYqtm6cxkW42wora0R1TQMZH88ztdfOg7upWJok7804CxvtWVsPNMSGIeoxipW8istjadzicdLOYYb9bZWMozvDIXrcGU5gCEyKpBhcPWfEd0HIocVINz013dC4LovnOvu0I3ty_R-T-n7-OfbnhvCke0owxsVBH5c7F9glGie96O6HMkeh7lWIjcgW1P4gJ_Vsu-tdQSz_z6T3PJ9DvmGJpvvfbOYwUflkTfpL5p2BiZgITqqOXSE9oYK7PItBCdZU00m2C6mXVc_6OudOCIBYmwYfvSRVVJLts3rX4NjLjHmBfy4C0gRQBgzZYv2Z96nklYfqACxJjJLDuDQEzufSlx0K6Y4nmBc723u3WhuveIbr3TKLsDUWugaA1lCzlpOlltHzUnUc1gL5B6PVa_ple4fXfOL2iqCoH7SV3mI4qGc-bAJ722_622CHKuEdlfYRtGYSJeHmNMF3vziMnSebYed2ZvhkNw9YvGgHQ8YCsjVvWMf3iH7EeORs6NHCcKHSXM2LImCpKCYHQoOJLuT4Sjy7lkqGJZ5AxnhX4j2Q8Tdbt0XrDch9yqSEjJnOuEx5TH5sNxPD9l2KcLOk6ll2rGqTbipLtHolzSMC_8F1U8hxPznh9PVJq96Ph0LDb_ixbVxu6N4aHOMX64L1I-BCV2GJMaNMEOsHb04Jv6DHV1vsdVcYiNrjvd88EpotlIN9RsvBUy6r-QyGOVNTWd0r0iuQqSUcv0f&cid=CAQSGwDq26N9dGKAJTwy_VK4Zr4fT0RDXGnU6BJmDxgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fangelyatko.com.ua%2F&ds=l&xdt=1&iif=1&cor=7330290317488447000&adk=3473574815&idt=127&cac=0&dtd=6

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99f060e2751e5f3be50952e2e56369b1dbc56253d6b7232f2cec6b58f8ff2d4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34779
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 63ms
62ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=angelyatko.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 66ms
66ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=angelyatko.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9ECF 436 B
232 B 238ms
238ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=560&adk=212161453&adf=3047476056&pi=t.aa~a.2477842688~rp.4&w=833&lmt=1670914003&nsk=41c1aecd&rafmt=11&pwprc=4937905649&ad_type=text_image&format=833x560&url=https%3A%2F%2Fangelyatko.com.ua%2F&pra=3&wgl=1&fa=26&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003520&bpp=1&bdt=1230&idt=0&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0%2C333x250%2C833x491%2C833x554%2C833x512%2C728x90&nras=7&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=205&ady=4552&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1792&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=6&fsb=1&xpc=5CrGW6iSui&p=https%3A//angelyatko.com.ua&dtd=392

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a33adcfba92f816e4a0112a4de6019f6da75a28d61c8f4587c249ee62506c85e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9C90 624 B
242 B 94ms
94ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOz8p9gBMAE&v=APEucNVbczD3iDJJiRC1n44l1CIPXm1qFVnIDSU3seNCdtPxxm8TxpbInRPgVVHPqdVzan7J8puA1gQrgXuVH6Q9cZMaPW_8M0LsnmUsNROCvBhXob0Tvf2Y4CAKOKNURIzg9ZnJz2NcBGjCmqelUJoZ9tBtWScUKNCTllNOg43NzRW-ppU31sM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=250&adk=2811827528&adf=2419326298&pi=t.aa~a.4263631882~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1670914003&rafmt=1&to=qs&pwprc=4937905649&format=333x250&url=https%3A%2F%2Fangelyatko.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003498&bpp=2&bdt=1207&idt=2&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0&nras=2&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5jTgatUWgS&p=https%3A//angelyatko.com.ua&dtd=7

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=250&adk=2811827528&adf=2419326298&pi=t.aa~a.4263631882~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1670914003&rafmt=1&to=qs&pwprc=4937905649&format=333x250&url=https%3A%2F%2Fangelyatko.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003498&bpp=2&bdt=1207&idt=2&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0&nras=2&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5jTgatUWgS&p=https%3A//angelyatko.com.ua&dtd=7
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8559 23 KB
9 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 05:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 05:45:29 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 8559 6 KB
2 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 05:45:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3674
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 05:45:29 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8559 0
0 231ms
102ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthW-Jkw7X-dU2xRQJuRJoFKzAMrKF10dA5V0JPwMU9RjC2qkqgh6cmukZ3IOiQDIhFnXn5IDbOMtHCpV5-kbHF63Ls6HzVddlaw4PPH5Z1A5eRXcxWh1vbMrqMzap_FBfd-IgREgN26Xwqx-F9uoRBeYXNR7IUn3zjudvFXO30-fyzPvnr1gJvXbvYiNsuoGPUY6rVEJqJToa0lz6r0XLR9Ybq-bh4_QxrN-LGuUVEuqODj0NQuyv0q5LKfKaz2AF_VV5QwRsAThGnFaCyJtlhUhB2PRgL9BRGqxr_3zK7rCltB0kekBtdOgwexqVK91ehBrldOgo0OFViNh1KTDR8de-ag_vuIkIC8yGtxKhrBHPjOlqwBl22-YRBRUVHKtPSJRUjlJP1Ytq1Un5wlGjBO91Cw0yMifixrhr0iUSbINII1HhGjrkwFBZp-XjyGkUNaIEADyxMfIuvcJbQ0KqTw5rSE-wU5lUVaE9bkw8-R1QPT8oFFOqrxqupIXx5SxcrPNZKv4IOW6TZxQnVpHKxS7di64U2131cp3qgrtH3S47Bc7BI8vr96SqwGCWzHoSEpWh0kem-8SU8ruvacERP2EY4SDPE9Os2H2HQR2pXR-ot9NX5vhiT_Cx2fFFXY4L1EVfh_xPdj8IELXwcOuvLadw1O-LrfKvwyC2dVDPsIPT-cUziUtAYm4IfAOsADHJQ_QkCvCRCXk8clUx-ljGDbhImTos5NwYxT1mOItDqkDBzoX3JGsCKdrc6GdF9PBXy79zf7JSXXY189zB9SK6tGqQzUW62bkWVJ7xPSJq1u8xmpIdoMqWFR-9vMAryaFdJxw_tsAaye7-iyIatJegP9nh7vU6sN5jkevI4ZaOou5U22z9TJxC0rx8YYjTtfQMY0k5ojAYQLAMSnwt2p3vBrDos9I0SSqlY4lhkee4IzCuyo3uTUCWER3KSHcVJM8huqOj6OJfLinjXJyR8yZq1zpasCLSLFrc4Xx-C0WX9yddeu3XSnZl7wCtnm4ASjIu9LtytEcpoK9mh8UXsMH2NB8DduOhXYAae8OqrC_uBIRruciqasq5EnsgoKWUWNu-VGFuhPiaFJjeJpg11nvYQsKXrq0pjAVRTQhdJ4uufFkCB-crUyvH1cZ-xC0ewnXHpjxvhnzAdwA8080YfTojpuhN-09p9BgzYhMvRXDcoBosy05-IhjD2rp5-oHzECshG418tvdqAxHVAQFe89RK_87WxjkCfHeHl540m69I7EUPNaeUlasaH68jwSrZZvNzAcvSwIDi41UXISN0bLSV6&sai=AMfl-YREUvpp4UpD870A1Nv3Muna0qL9xsIAh7i3_a9c749e1C5p7oXyu3p5Yc3drXBCBnRA78g_lNu4i7kV-kyJyEE_8dHSreblusM9T8-pgkbOB8dPcbwb4hw0E9WHovmPoPU5VirhYlwsYLG5pDtafqm_v_E63aWdNnEMqy1ddcGad3z0IP-fhFF8cKsD4h_n4waGU2sxjeCpLm_Q3LnzxgtvYWVn4CpK5eBkhWtYWQoQsrC5_r4C5giSfms-lpeSM0JbkR5JCD_RZSk4xx0DaBnIjJrvv45mYB2Jnifqe-_UVwThYFoTH5x4objLHPwXznM0WgeVA54yU_VqZAZhArxWbq_2R0CBwHtGvv5eJ-zF62whEsyqE80U6A__nTJCNX9yoYj4BmXxlRX7G9RkIuHi9Q&sig=Cg0ArKJSzKIRftMMPyyLEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221207.32586&arae=0&ftch=1&adurl=

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Dec 2022 06:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 06:46:44 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8559 41 KB
15 KB 195ms
78ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:32:31 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8559 3 KB
1 KB 192ms
75ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 20:01:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 38719
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 20:01:25 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8559 18 KB
7 KB 173ms
57ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:08:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:08:59 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8559 0
0 187ms
65ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS_KypRcVJC5A9xyZSZ-u-VQn7pgK8igIzCqfx92FjoaWMx87sYWebT9nfikmC0IbwVDiyGE4Is9_sOn8FsWHP4x6dDcw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=250&adk=2811827528&adf=2419326298&pi=t.aa~a.4263631882~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1670914003&rafmt=1&to=qs&pwprc=4937905649&format=333x250&url=https%3A%2F%2Fangelyatko.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003498&bpp=2&bdt=1207&idt=2&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0&nras=2&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5jTgatUWgS&p=https%3A//angelyatko.com.ua&dtd=7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8559 153 KB
47 KB 2951ms
2950ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:46:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 8559 23 KB
9 KB 180ms
65ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:09:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31033
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 22:09:31 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8559 42 B
63 B 91ms
90ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bi91xaAWO9Quhm2E4GHE0IM2XWWL6jO1uBTMgso7Yg88Www7ucdToaYeEZSlCdB93bntqzTTp-iX8CljlCMTlGCnmmpYw0AYWRDppeVr6oTmZhTdw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 14310580863803739392
s0.2mdn.net/simgad/ Frame 8559 79 KB
79 KB 185ms
55ms Image
image/jpeg 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14310580863803739392

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd94cedd0e1b172381daa660ae1ddd3b1ee60008e61c47814de87d662ca7dc95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 00:47:52 GMT
x-content-type-options: nosniff
age: 280732
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80740
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 17:35:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 00:47:52 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F38E 1 KB
643 B 57ms
56ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 76585
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 09:30:19 GMT
etag: 48472445140208031
expires: Tue, 13 Dec 2022 09:30:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 518D 119 KB
42 KB 167ms
54ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 08:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 79136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 08:47:48 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/ Frame 518D 8 KB
3 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-IFb4FP8U0OGuqH1bd5rnJRui4o4FAp6iAi9bQdPnnLAI2gp5PK1Skc1FWP2Ap5ycMk_-g4_XT6msk_PMtHxvgf7p7czPUIyQowJIw1Nop0R0C5VtWQFJkoItFCfm2eESCbiXLLiCVKr1wDSNUO5VBAmxMUL_MEykbls0HjA8naU_J5g&cry=1&dbm_d=AKAmf-B-bIge-2bNqo0aziyD_FzLgCT5-iae0FNjRk6MFp1X8ZzQmj66D6cDksDy2Q0q94NaAPZiTiEoC6uKhuoH37wn0aZAcaDKgNfeTP96NMgOdJkHfGekN0Dzl6Nhw4H-Ju8tByA5oELDlal3gm7IzLcKApb-1EtF9uNHTJ90SdBKb9dzedCB1Fc3q_9sfPPCls5ladqW3BShnZh2esXLfTjzG4zOs2NPJ5lyVjLcyxDn9XIN-9FDyqSJwqMVePd0MVg-Bx9AvNVEx8D2I5HNL8Jos1GOxccEyLn5LTWfXSjLIGzMmzLkV8cWGbSd2TwXqceyjlIup2_pQtg2OzGa0oIf1djanxj9Qly3MiaGYR8f9iAYCFSOMrvcAqFKa-MWtW-5fSBBFWddBMySTyJhj0DdS-d2fivOfFUc430dYsmbgiu2tl5sj41I6EBFRpIMtD1b-K0GtIoiQ7Kn796sM_8lPOuUKhVsItG1kucPxRiLO_4xyKoYHcS6h1LvL_EixavKKuxgID1TWf_WXdMPVLSb7tnojTuVRHnl8tMiVB5yw0RNDpXSEDMevibFm0-Pl1GqTakNiNjNz7xYwH5r5fi7kb9ZHFDkx-QjVMJD-5FMEYspr_iRiNn3UkEd15U0pbwY7tk7lVhtE2g6dVlbvkIQ9DuWKRqYCVjnkMyY21a2lawx-Hh0CpUE0qiqh9qoC8Fah4fCjn3zCEatbiWSKZHSqqBoHlnnk5E3Rl8uoEjNosqARKgUQonPKwYf-f3tWXHUUyYJ18f8llI3RC11RsgNoCJG2jgYyudq832WYkO1drw9mUdBtOhOHdOmnrw3OSkHt7JLICLxL8SwZn8RyAfBscMPwx7A-bP5xcO482PbdkCzIf9pc5LhMCcEEdvBm6j9dc_04fUUTxWw1mQYpa92mD2VKuJE9162qPVOLhU-blDNicZy0v12Q3-hXQNbxe-42MUVg9bzASAsZ7DgfLHyT6t4my5QsCLrct4JNWQlT-zLDxrinsH2DAHJX-9qI0Grle1CEdKTCrnW1sZqNH_Liospo5oX9jOdlR63ERpBGIfv-1vBF70NuYuwEGT6J7S8XTF8y2mLYTd3c_zeWQX0sOyRJB2YBE5En4WrP2Y2jt10tScDHQl0fQqplNGbBBr-XpRaozenfmvvr5KjTw6hCymvSdCf7bg3uQ9VrNdpDiEUD7oH2UrfmOIsgGPRj1x7TxPPNg3kgl9z7L-M5vQQv_ecToRotrshby3YSM8hr4Kl-u2jme7jSneBDgb4ALiEbsUgmcKaH-jOAFMyqzhErFKiotHGwD--1w4MVO5Q_0xHFltcy7-uhC5qrr37cq5nB-VpNxUChr3jqz9M52GIvq0lqAHS8ZB2euzfx7aPBGwDqqPJ_oP72PL6ctD7sRYhsuGFIqfX3FhQBTywHCNAFqAUXQc9f0nG9PAFmWMZ4PK6aXTIWlB0vE5pRIANUPY-Woy-nDXZWDE1BiMmd0VFCKfoS7a6Vp6d4uLE2nGRC9luwVurf4JexPJv5XwH81Ben8FCEFiCRS86E8ZxW0MhpUPFmbsvJj8aZjrB0woXhm0LyvNQs11QezN-5hSq8WfJtLpkgmrB9kNcnEK9atog8VKl1l0mIuDvaRPBHGiCcjhZR0Ve1WKj95Y2ik8vC0-tpZ7zlVPE534JoOEtWWQ595O6c1gvUJxV6khh1cbRGHev8jkWR8WK2_PkwgqvBPnVeptoN3HmYkbn_YL0lDIAzNu-neidgT0Lm18QYTBjYDi5fOJ1Rcl_edB4BMn3FBjLR34nppNAgAqx0Ua019K5KlkSf6G9LEyxXDhTMx-7kbRTYOmzGXTcH2DKrkOl1QpYym99uNa1SK4VZUbL4WumHsqWe8Bcx692jRMpKJKRF3_J7uTSyUodZISGI0Pf9jVuHCq_1vljyJnMkuvzndZaIWVpXvA7EmJJF_Yw5EngxXr1FG-Hv1mU77AYPHiZUdBIkDiYCLb9VPfirZ0SqexgJhafj4gmeW5e0zi337CTUxRW55QGczLDAfqzc7VWa6Ebqht85NmYdsh-ubPDu098N8s8FYyBYqJgawg7Ub7ePLil2WQKp47AVSrjSs5w_fyoieic1nzosdR_Wl3eUS5DqkGNxT03bqBgIdSSNCKOLz0EzHOGNaJZmJffVIb18FxN5MI7DOUJpBSwXz4An5xfSHhcvaqaSkVbAA35smLV7suEGakfigQftX8CNiXUKyRBSn0RS42ClnPhdHbKwlo0yDpeGj3ODivm-n0FLYGFmi4yOQvg-MJSaE5dJcxSoQUwwK1KPhnBovmsieg9VPV6cuLi_AQiStJO14tlWl49fuC697MnH6Jx4JIFe16i7TMudTa4xgxQEBdwhUe-trTm28DXE_Kfh2AIRFUouyoz2kVWGdYoJp_VtEg3lbu70cdy-HLq_qOfwuKJ0K-4qrSTHKwU9PxTmC7API51V4c64lR53Rk6W7W8g4nREImR1PiX4umCkQocr497_QLa8gjiNbDpWvXsazUU9OEa_-cfI8EeDgn28AR6iOJ2XxqJUHBNUyvp0UjSDP_tMh9kL4WaYvG_w_cMTIi0G3ZMBbzHYHEOSrk7l9RxkRI6BBUDBe-lbc2SYLQeTs-e0E65vPF1OC7HYTM9DjkFEsUZ1EMoW3acoj3EeGugPzEJl3qF8fjAc4gbIM4xMhE2Nb_nkBXTiU4Gl2eMycMP5WIGMUGmEI743eNXpEORSaxDbrViVwMSpmBjPMCLVCvIQCgQbFXter6dDNPO85hYEA_gbP3KWEJ7t-DivFRIsg_SodDboMN7y9qxRB-wpkDwsISjXtMukniWZ__cJIzBxQ3PWg39DcruV8c1uQUN1nbIrVmreMzGEtmU4KzAh8QGoPN4R8yG1QI6MZCbNQi2hBaKNmBBUYCF0vHTXFWoC_VG2aX43HOYjHyzHX1l1CuPsssG-WoGsfYI30LN6nRDvjedBIcAo4jWn7H2JnqUi_E7v0sKlCfJo4AW2LSvOjib5fW4PPA_74qSo7AL2VF8mKYBnTPyT9Usi_9uqdfSPdylxzfh1S2hPnILdlM0PSzG5OKTRjLdcoGwRO-PVS9Ju6SYqtm6cxkW42wora0R1TQMZH88ztdfOg7upWJok7804CxvtWVsPNMSGIeoxipW8istjadzicdLOYYb9bZWMozvDIXrcGU5gCEyKpBhcPWfEd0HIocVINz013dC4LovnOvu0I3ty_R-T-n7-OfbnhvCke0owxsVBH5c7F9glGie96O6HMkeh7lWIjcgW1P4gJ_Vsu-tdQSz_z6T3PJ9DvmGJpvvfbOYwUflkTfpL5p2BiZgITqqOXSE9oYK7PItBCdZU00m2C6mXVc_6OudOCIBYmwYfvSRVVJLts3rX4NjLjHmBfy4C0gRQBgzZYv2Z96nklYfqACxJjJLDuDQEzufSlx0K6Y4nmBc723u3WhuveIbr3TKLsDUWugaA1lCzlpOlltHzUnUc1gL5B6PVa_ple4fXfOL2iqCoH7SV3mI4qGc-bAJ722_622CHKuEdlfYRtGYSJeHmNMF3vziMnSebYed2ZvhkNw9YvGgHQ8YCsjVvWMf3iH7EeORs6NHCcKHSXM2LImCpKCYHQoOJLuT4Sjy7lkqGJZ5AxnhX4j2Q8Tdbt0XrDch9yqSEjJnOuEx5TH5sNxPD9l2KcLOk6ll2rGqTbipLtHolzSMC_8F1U8hxPznh9PVJq96Ph0LDb_ixbVxu6N4aHOMX64L1I-BCV2GJMaNMEOsHb04Jv6DHV1vsdVcYiNrjvd88EpotlIN9RsvBUy6r-QyGOVNTWd0r0iuQqSUcv0f&cid=CAQSGwDq26N9dGKAJTwy_VK4Zr4fT0RDXGnU6BJmDxgBIBM&dv3_ver=m202209210101&rfl=https%3A%2F%2Fangelyatko.com.ua%2F&ds=l&xdt=1&iif=1&cor=7330290317488447000&adk=3473574815&idt=127&cac=0&dtd=6

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 01:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19653
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2986
x-xss-protection: 0
server: cafe
etag: 3296546412363819624
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 27 Dec 2022 01:19:11 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/ Frame 518D 30 KB
11 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 13:06:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63644
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11387
x-xss-protection: 0
server: cafe
etag: 8197878782792770439
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 26 Dec 2022 13:06:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9C90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1

43 B
766 B

125ms
55ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOz8p9gBMAE&v=APEucNVbczD3iDJJiRC1n44l1CIPXm1qFVnIDSU3seNCdtPxxm8TxpbInRPgVVHPqdVzan7J8puA1gQrgXuVH6Q9cZMaPW_8M0LsnmUsNROCvBhXob0Tvf2Y4CAKOKNURIzg9ZnJz2NcBGjCmqelUJoZ9tBtWScUKNCTllNOg43NzRW-ppU31sM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 06:46:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9C90
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y5gf1PONMMXqToeiqpJnaAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1

43 B
766 B

58ms
58ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOz8p9gBMAE&v=APEucNVbczD3iDJJiRC1n44l1CIPXm1qFVnIDSU3seNCdtPxxm8TxpbInRPgVVHPqdVzan7J8puA1gQrgXuVH6Q9cZMaPW_8M0LsnmUsNROCvBhXob0Tvf2Y4CAKOKNURIzg9ZnJz2NcBGjCmqelUJoZ9tBtWScUKNCTllNOg43NzRW-ppU31sM
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 06:46:44 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEMzTeDFbb3JK5KUBf8hL76M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9C90
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF_nXp2aCp3Cps8Hei0cXzk&google_cver=1

43 B
1016 B

145ms
55ms

Image
image/gif

185.89.210.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEF_nXp2aCp3Cps8Hei0cXzk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CM_KwM8CENXundACGOz8p9gBMAE&v=APEucNVbczD3iDJJiRC1n44l1CIPXm1qFVnIDSU3seNCdtPxxm8TxpbInRPgVVHPqdVzan7J8puA1gQrgXuVH6Q9cZMaPW_8M0LsnmUsNROCvBhXob0Tvf2Y4CAKOKNURIzg9ZnJz2NcBGjCmqelUJoZ9tBtWScUKNCTllNOg43NzRW-ppU31sM

Protocol

HTTP/1.1

Server

185.89.210.244 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 06:46:44 GMT
AN-X-Request-Uuid: 476f91e0-85f9-432a-bea7-4e5ed01c57d5
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEF_nXp2aCp3Cps8Hei0cXzk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9C90
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODY2NjUwMDM4MTA5Nzg0

170 B
188 B

64ms
64ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODY2NjUwMDM4MTA5Nzg0

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 13 Dec 2022 06:46:44 GMT
AN-X-Request-Uuid: 04ef91f5-30cf-4b51-9785-4fb8b231503d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzkzODY2NjUwMDM4MTA5Nzg0
Connection: keep-alive
X-Proxy-Origin: 82.199.130.41; 82.199.130.41; 946.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F38E
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEFDDUXZ08gOWLnXjSfLlZXg&google_cver=1&google_push=ASkJ3FbMrg_67gAErnMDyXEhr21_oX3V_XiLyKnw6V6zcq_otQcJnBUntGa8mb405446ytQe0we8k3y1-YRzZka8E6ZWAbigUOsitdM
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MjkzMTk2MDU0MjQ3MTI0NTcxOQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFDDUXZ08gOWLnXjSfLlZXg&google_cver=1

43 B
398 B

90ms
51ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFDDUXZ08gOWLnXjSfLlZXg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7565247827801723&output=html&h=250&adk=2811827528&adf=2419326298&pi=t.aa~a.4263631882~rp.4&w=333&fwrn=4&fwrnh=100&lmt=1670914003&rafmt=1&to=qs&pwprc=4937905649&format=333x250&url=https%3A%2F%2Fangelyatko.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670914003498&bpp=2&bdt=1207&idt=2&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D8c5db3c87a5b5b72-22cd3dfcf7d900a8%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MYfqZi6YR408o7PlnIrwZagrMVstg&gpic=UID%3D00000b91a388daba%3AT%3D1670914003%3ART%3D1670914003%3AS%3DALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ&prev_fmts=0x0&nras=2&correlator=997607074514&frm=20&pv=1&ga_vid=487234436.1670914003&ga_sid=1670914003&ga_hid=255874337&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1062&ady=1329&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44760911%2C31071276%2C44779794%2C44773746%2C44780792&oid=2&pvsid=4373964511245333&tmod=131361002&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=5jTgatUWgS&p=https%3A//angelyatko.com.ua&dtd=7
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 13 Dec 2022 06:46:43 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFDDUXZ08gOWLnXjSfLlZXg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F38E
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEFPyMUw-CGG1tWAtPcNS1cg&google_cver=1&google_push=ASkJ3FZFWDP3UFvyqABl-LyctiYjf_fGw7UAHxpwiZGewDX5Jhs9EieFODhHsxfsRheymRARbG08duy8iSVtv3...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjUyMTAwMTYxNTIyNzAyMQ%3D%3D&google_push=ASkJ3FZFWDP3UFvyqABl-LyctiYjf_fGw7UAHxpwiZGewDX5Jhs9EieFODhHsxfsRheymRARbG08duy8iSVtv3HDOf...

170 B
188 B

83ms
66ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjUyMTAwMTYxNTIyNzAyMQ%3D%3D&google_push=ASkJ3FZFWDP3UFvyqABl-LyctiYjf_fGw7UAHxpwiZGewDX5Jhs9EieFODhHsxfsRheymRARbG08duy8iSVtv3HDOfYINm_nC08xjck

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzE3NjUyMTAwMTYxNTIyNzAyMQ%3D%3D&google_push=ASkJ3FZFWDP3UFvyqABl-LyctiYjf_fGw7UAHxpwiZGewDX5Jhs9EieFODhHsxfsRheymRARbG08duy8iSVtv3HDOfYINm_nC08xjck
Date: Tue, 13 Dec 2022 06:46:44 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F38E
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEJ-JzWJI9aN3BYTUmPtpYns&google_cver=1&google_push=ASkJ3Fb3nC-E1HVCxzCd0iNbAvp0wkBd8zBKCMhKKObG57H9yKA0GgROMGchOoQerOtLUTnVxdN8Q2HELWyy_SRv...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LsEDgd6oQ82cE97eezIm_A2&google_push=ASkJ3Fb3nC-E1HVCxzCd0iNbAvp0wkBd8zBKCMhKKObG57H9yKA0GgROMGchOoQerOtLUTnVxdN8Q2HELWyy_SRvK-Spa4OpfkFK62E

170 B
188 B

96ms
64ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LsEDgd6oQ82cE97eezIm_A2&google_push=ASkJ3Fb3nC-E1HVCxzCd0iNbAvp0wkBd8zBKCMhKKObG57H9yKA0GgROMGchOoQerOtLUTnVxdN8Q2HELWyy_SRvK-Spa4OpfkFK62E

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 13 Dec 2022 06:46:44 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=LsEDgd6oQ82cE97eezIm_A2&google_push=ASkJ3Fb3nC-E1HVCxzCd0iNbAvp0wkBd8zBKCMhKKObG57H9yKA0GgROMGchOoQerOtLUTnVxdN8Q2HELWyy_SRvK-Spa4OpfkFK62E
x-host: tde-deliveryengine-production-59bd69b6c9-k27nf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F38E
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEBoEUn_p-FHsA9l0ZUvRQl0&google_cver=1&google_push=ASkJ3FY8bRu1beg94rxRUFrvF63ypwtOjpX719fBxpjSQ6CYysEBGgY6pcY-g9mwT6PoRjit0RcmkxQm7WEpPBPi17oguMN...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FY8bRu1beg94rxRUFrvF63ypwtOjpX719fBxpjSQ6CYysEBGgY6pcY-g9mwT6PoRjit0RcmkxQm7WEpPBPi17oguMNMNO3g2Q&google_hm=eS12bGVfa1VWRTJwRTFC...

170 B
188 B

82ms
65ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FY8bRu1beg94rxRUFrvF63ypwtOjpX719fBxpjSQ6CYysEBGgY6pcY-g9mwT6PoRjit0RcmkxQm7WEpPBPi17oguMNMNO3g2Q&google_hm=eS12bGVfa1VWRTJwRTFCaFFnMjY1Z0hVQTdKMWtEUEhOR35B

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 13 Dec 2022 06:46:44 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ASkJ3FY8bRu1beg94rxRUFrvF63ypwtOjpX719fBxpjSQ6CYysEBGgY6pcY-g9mwT6PoRjit0RcmkxQm7WEpPBPi17oguMNMNO3g2Q&google_hm=eS12bGVfa1VWRTJwRTFCaFFnMjY1Z0hVQTdKMWtEUEhOR35B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F38E
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESENW-LeG5KqJZYa5-RdPr2ZU&google_cver=1&google_push=ASkJ3FYONV1co6cbh93KuabAFzBdJNDL9BqUv-8a8STd4ernlN-qnAAwduoZhNP2U6NPG7n7NyjDDto2...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESENW-LeG5KqJZYa5-RdPr2ZU&google_cver=1&google_push=ASkJ3FYONV1co6cbh93KuabAFzBdJNDL9BqUv-8a8STd4ernlN-qnAAwduoZhNP2U6NPG7n7Nyj...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2NzUwNDYwNDYyMDI5NzYx&google_push=ASkJ3FYONV1co6cbh93KuabAFzBdJNDL9BqUv-8a8STd4ernlN-qnAAwduoZhNP2U6NPG7n7NyjDDto2...

170 B
188 B

66ms
65ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2NzUwNDYwNDYyMDI5NzYx&google_push=ASkJ3FYONV1co6cbh93KuabAFzBdJNDL9BqUv-8a8STd4ernlN-qnAAwduoZhNP2U6NPG7n7NyjDDto23ph4e6yljDuQhP0hQn9rits

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=Nzc2NzUwNDYwNDYyMDI5NzYx&google_push=ASkJ3FYONV1co6cbh93KuabAFzBdJNDL9BqUv-8a8STd4ernlN-qnAAwduoZhNP2U6NPG7n7NyjDDto23ph4e6yljDuQhP0hQn9rits
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F38E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=ASkJ3Fbl44GCwPcg5xAr0aLynhETBioiwx7WUJ6vCfwZk7zpFk9jngcTjsqQ_zQPgqHPsYR_XCsd6MI_xL8Mx0_U4bYRwqTW-M0MFg&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-3153ff5c-1932-4e96-9d98-8cea3911e080-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DASkJ3Fbl44GCwPcg5xAr0aLyn...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3Fbl44GCwPcg5xAr0aLynhETBioiwx7WUJ6vCfwZk7zpFk9jngcTjsqQ_zQPgqHPsYR_XCsd6MI_xL8Mx0_U4bYRwqTW-M0MFg&google_hm=AzFT_1wZMk6WnZiM6jkR4IA

170 B
188 B

68ms
65ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3Fbl44GCwPcg5xAr0aLynhETBioiwx7WUJ6vCfwZk7zpFk9jngcTjsqQ_zQPgqHPsYR_XCsd6MI_xL8Mx0_U4bYRwqTW-M0MFg&google_hm=AzFT_1wZMk6WnZiM6jkR4IA

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=ASkJ3Fbl44GCwPcg5xAr0aLynhETBioiwx7WUJ6vCfwZk7zpFk9jngcTjsqQ_zQPgqHPsYR_XCsd6MI_xL8Mx0_U4bYRwqTW-M0MFg&google_hm=AzFT_1wZMk6WnZiM6jkR4IA
date: Tue, 13 Dec 2022 06:46:44 GMT
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX3153ff5c19324e969d988cea3911e080003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F38E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEJRKyh917wwADHpZGWNPPzU&google_cver=1&google_push=ASkJ3FblJpHALRBM2_M0nB-weJEKHdWUo40EoL9Q2IjamYwhS4OUmQ58gqunX_vaEnTE-MzuNPVHGwO2ujwerEXhkf1t1Abiph...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FblJpHALRBM2_M0nB-weJEKHdWUo40EoL9Q2IjamYwhS4OUmQ58gqunX_vaEnTE-MzuNPVHGwO2ujwerEXhkf1t1Abiphq...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDkyMjY4Nzk5NjEzMzU3MjI2MDQy&google_push=ASkJ3FblJpHALRBM2_M0nB-weJEKHdWUo40EoL9Q2IjamYwhS4OUmQ58gqunX_va...

170 B
188 B

64ms
63ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDkyMjY4Nzk5NjEzMzU3MjI2MDQy&google_push=ASkJ3FblJpHALRBM2_M0nB-weJEKHdWUo40EoL9Q2IjamYwhS4OUmQ58gqunX_vaEnTE-MzuNPVHGwO2ujwerEXhkf1t1AbiphqL4A

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDkyMjY4Nzk5NjEzMzU3MjI2MDQy&google_push=ASkJ3FblJpHALRBM2_M0nB-weJEKHdWUo40EoL9Q2IjamYwhS4OUmQ58gqunX_vaEnTE-MzuNPVHGwO2ujwerEXhkf1t1AbiphqL4A
date: Tue, 13 Dec 2022 06:46:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F38E 0
59 B 62ms
61ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jn80ogkg1uHesV1aOpdZPsXhm12xhgCD_4OGhmCdzdckqJs8ZjRoqdq1fe2pC4LOc--Doj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:44 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 518D 41 KB
15 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54853
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 15:32:31 GMT

GET
DATA 200
OK truncated
/ Frame 518D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 095f1d95c80fc71b0cd42f551727f1709aa58b088e97d2d38f2b6c5ef770095a

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8559 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecb575ab1a32cbb2fffef99efdb1ba19767227802d078aa76ca3b84846ea21e9

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 1F0C 22 KB
8 KB 58ms
58ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 49431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 17:02:53 GMT
expires: Tue, 12 Dec 2023 17:02:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7750 22 KB
8 KB 57ms
56ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 49431
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 17:02:53 GMT
expires: Tue, 12 Dec 2023 17:02:53 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F0C 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 22:05:28 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8559 0
0 200ms
91ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsthW-Jkw7X-dU2xRQJuRJoFKzAMrKF10dA5V0JPwMU9RjC2qkqgh6cmukZ3IOiQDIhFnXn5IDbOMtHCpV5-kbHF63Ls6HzVddlaw4PPH5Z1A5eRXcxWh1vbMrqMzap_FBfd-IgREgN26Xwqx-F9uoRBeYXNR7IUn3zjudvFXO30-fyzPvnr1gJvXbvYiNsuoGPUY6rVEJqJToa0lz6r0XLR9Ybq-bh4_QxrN-LGuUVEuqODj0NQuyv0q5LKfKaz2AF_VV5QwRsAThGnFaCyJtlhUhB2PRgL9BRGqxr_3zK7rCltB0kekBtdOgwexqVK91ehBrldOgo0OFViNh1KTDR8de-ag_vuIkIC8yGtxKhrBHPjOlqwBl22-YRBRUVHKtPSJRUjlJP1Ytq1Un5wlGjBO91Cw0yMifixrhr0iUSbINII1HhGjrkwFBZp-XjyGkUNaIEADyxMfIuvcJbQ0KqTw5rSE-wU5lUVaE9bkw8-R1QPT8oFFOqrxqupIXx5SxcrPNZKv4IOW6TZxQnVpHKxS7di64U2131cp3qgrtH3S47Bc7BI8vr96SqwGCWzHoSEpWh0kem-8SU8ruvacERP2EY4SDPE9Os2H2HQR2pXR-ot9NX5vhiT_Cx2fFFXY4L1EVfh_xPdj8IELXwcOuvLadw1O-LrfKvwyC2dVDPsIPT-cUziUtAYm4IfAOsADHJQ_QkCvCRCXk8clUx-ljGDbhImTos5NwYxT1mOItDqkDBzoX3JGsCKdrc6GdF9PBXy79zf7JSXXY189zB9SK6tGqQzUW62bkWVJ7xPSJq1u8xmpIdoMqWFR-9vMAryaFdJxw_tsAaye7-iyIatJegP9nh7vU6sN5jkevI4ZaOou5U22z9TJxC0rx8YYjTtfQMY0k5ojAYQLAMSnwt2p3vBrDos9I0SSqlY4lhkee4IzCuyo3uTUCWER3KSHcVJM8huqOj6OJfLinjXJyR8yZq1zpasCLSLFrc4Xx-C0WX9yddeu3XSnZl7wCtnm4ASjIu9LtytEcpoK9mh8UXsMH2NB8DduOhXYAae8OqrC_uBIRruciqasq5EnsgoKWUWNu-VGFuhPiaFJjeJpg11nvYQsKXrq0pjAVRTQhdJ4uufFkCB-crUyvH1cZ-xC0ewnXHpjxvhnzAdwA8080YfTojpuhN-09p9BgzYhMvRXDcoBosy05-IhjD2rp5-oHzECshG418tvdqAxHVAQFe89RK_87WxjkCfHeHl540m69I7EUPNaeUlasaH68jwSrZZvNzAcvSwIDi41UXISN0bLSV6&sai=AMfl-YREUvpp4UpD870A1Nv3Muna0qL9xsIAh7i3_a9c749e1C5p7oXyu3p5Yc3drXBCBnRA78g_lNu4i7kV-kyJyEE_8dHSreblusM9T8-pgkbOB8dPcbwb4hw0E9WHovmPoPU5VirhYlwsYLG5pDtafqm_v_E63aWdNnEMqy1ddcGad3z0IP-fhFF8cKsD4h_n4waGU2sxjeCpLm_Q3LnzxgtvYWVn4CpK5eBkhWtYWQoQsrC5_r4C5giSfms-lpeSM0JbkR5JCD_RZSk4xx0DaBnIjJrvv45mYB2Jnifqe-_UVwThYFoTH5x4objLHPwXznM0WgeVA54yU_VqZAZhArxWbq_2R0CBwHtGvv5eJ-zF62whEsyqE80U6A__nTJCNX9yoYj4BmXxlRX7G9RkIuHi9Q&sig=Cg0ArKJSzKIRftMMPyyLEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=304&vt=11&dtpt=303&dett=2&cstd=0&cisv=r20221207.32586&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 06:46:44 GMT

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 7750 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 22:05:28 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 196 KB
27 KB 172ms
57ms Document
text/html 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e83db047f5b908d27e6cbcd644a66728658f061946220731e1bfb7a786f1b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 320309
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27192
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Dec 2022 13:48:15 GMT
expires: Sat, 09 Dec 2023 13:48:15 GMT
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 518D 0
0 184ms
96ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNmVPuAHBh3Zdi6gV89S8Zro4l7R7AbXzTy5Nf0K7A0wuMG5mmCNpT4EftxYg11cAuz79av7PIfHT0W8orG4fMN6lEaKarnNNSfNmNbyXI27-GdkxLIii8VYp_7jPdWDHIWFmzHsclgzy9r4ztGckdj8P-UY4SHb4c8SL_RdKyasG4Bz7d5LICCzL5nc1YK4CI451lNtr__bNUXtZkYGW8qZuHsFmviRWVAW8qYnej660E1ARZauZL1SSD83mHuMYCWExNyRurstv3KwKsCV13OzVqD4PYdvoCAM0GLgF-OkxjkCYyNijEB9fg-a0nVlxLg96ZtW4eub3JHTyjAFmpsuBk9_JdFQnh5adejbB5O8S5-mZzUvohr1WeZbcjlJ2I4eBkkX7JPbxAaYiaYRE6ZGR-VRwmr5dRauMa1FrYHPkuQoMPNGIIHoeu0rm7QuhscB_SSIsfdFMhrD1QBOx96HXc8HntySlwz7VOnzrknCh_LhFJIpHYbr2vRGLZ92Xy7xamgqfamyfakSA3GbWC6E4DslNqWpUVR_COze3_o6vIy1_dxlJUj8U8bn1ddnoe2lH8ECE133u1vPM0AYxYh-V2_PhJ9ds3V-4aXrgqfZgY3C24DL_xQANvt6oCpcR3rQwnrzYtymDegAoaDYarofgOGnVOpLXu4wfJbjdX8EATiKEuQ3mWGIrzkr14pBIZVB7vXx7OAlxHzIE5G15FyKMt7HI6jx1LqVQlkOuOO0u9Fa6SuwWcYpsJ1azefUGfKQ15YX5f71bKnMqmMGr8ySV98lFti2c5m1OWAEe3I1vR1eS6HhSObktzsDjMStpfRb3J-5aDelcYbV5tSXljBp0nPGv81mHNNwoTs3w7baUXvPU_LdUJwPw0x13kgTzIXF7DO2m-klWUdlZFndGPcmj7ivP3HO3PJE-f7Cp33teaDemm3MJDsSUAOStvGpDZVUKB4kJ6hjn9KGnFTelkExu6N8386eWhiBrgCaal_3lA_IrKWE77nLOTnhRbvl4a6KFI0VS76akT-vgEnNpvCfPNbl9XIgmSH4Rlpvfb9kDyNSMJs-jy5_LHq4nLosWDJR4FEGjpeKz1k0IBcj9pcd1M5O-skgd8A7Y_UJRACTU1PccGFJqZLIr8q2JV2NDvNazPLGocMITDth7e9I3kCcgK0oFEP4YrdvZu88r8qbhTEaNWq5mzW3du_UeEjpKQ5XMCyZhG876KHlVWt3YrQM8V5_eVFOjXFCgTqfWxznaFkkqC2m1m-FKEns6Z0vIKrI8RPlXAFNo&sai=AMfl-YR3uADKmbHhjmEkxa9iVc-idhceMVGGkw2BZfX2n8rZFP5vLwEcKJAEEIZQmIU6G5WdxwhqdwVhu75NEETupyCm2xslyqN5bWmcRMaBUPTUApN42EFLd7aUfPGTaEInikHDELfvBSZ0yZqlucGUiEbl0Y_enVvN-WfKagePkDG218_xPW8GXfcERA&sig=Cg0ArKJSzJjcuJq4HsN9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=247&cbvp=1&cstd=244&cisv=r20221207.72463&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 13 Dec 2022 06:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 06:46:44 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F0C 0
20 B 96ms
95ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B1mZV0x-YY77OItmUywWDrIawAQAAAAA4AeAEAg&bg=!4uGl4aXNAAYgquz3AKo7ACkAdvg8Wo4ZFrtDzME-TV5xUHGO9VFhlOkKdOUvDvTO_FmYuqqkVC4HJAIAAABxUgAAAAJoAQcKAICDpCju5tgt1-8NFHTJUJdxG3wxKeRKcotAPZ45mD9LZKxB8ZN1CquA6Akrnpts3BjGhTCmpPAW1GoNto20MH4nIghUg8xTNGcTQV4Ey9rdYV5oRkqOE18q7YmejrRM8bOnGz8VMueJ9iBTaIJU3tYRsu4oyiORvaF2x0dneKWZc5kC6g-5Z8v4ucerCyLMFqnSaF6hBuvki-iYNRLdvRvG5p9c5XfcCcgYnxnaotRGkG8cLHkmZ94ZQ3zQFE8vcWpg35aqeAh8127EBQ_-uXO7DKJz3a7tRWJvd-cLo2sq-_ow6uP6wHgQHjtXd1_X7E05Bq1oen-GodUaQFFELuaqAyThJ_fCQ36O4_KF64Av8D0szyGvSei5Rz3P499lXrw7MLZJ65ikCluNoiK0Z_n5fBo5WsTXPdiVoLhzpTzYVBS34IOv_CSwSFeJNksYaQ7k_0SJ4ksQz6WAPFzKPJu4yjuIj2YrBDRv9iBlfKahiBMIhB7iTnGdx9KSUZHaKDtvthC6_0J3feIq7b_8Q5ggTvbbJ2UNrChJ90jQ60FOoSUEty1PcqhP7knE1L-tBE0PB-wzkgGsUmDdHep2CjQ3Soqmiu-7u_-sKA5sD4VhLRAqi0AFoFrVdeGLArZ1d0xMI2NFtx_hLEe9fLyseLvMfCTAlIy_BITvi72k2aHWhZKoWFKOP-QQJppIQnm-APaGid2uff0y3INsmwV_Zx2ChDK_2VGZTN53WLrqlWhusgWzEDYK8JdywTuHcmMWO2mAPhhqCF7cLSd4Df035C7v1RmafeTPCf69nUxoWGgaUwDjfMdVC3hr9PP9umYsz_WavvMN3LIa-DSzl59RqslKX_jMMk8TiDh2RZLJMIiA6TSfR-sED5ocawFptXaPRPJpBpvLoRf9ieUU0oL6rfbGH0cCGgM49S7anmSknFBQb002LuxZB3P5EoRKuKBRGOt05neqpwaiRZIPmVJO8xD6elqSLpmTFhmExv30Z_7_FPLlAGXuDhVp8S_q1N31QxDL4L0iWUb0MddyKR-Z0c6tv_ncFm22OZM-Pgf8y2DyymHTY-m6YpBhi9GpD_JzUbABYNzvBAOdpKDa1LBuZ5-OoSHFdphkWeDNPRMXUsaJymLBBb7iBv6HxEg0OjWUoDhxb9ybeCVsr-q9j9Ue

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7750 0
20 B 98ms
98ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B7Bj_0x-YY4WyOPe69u8P1YaH0AwAAAAAOAHgBAI&bg=!LS6lLmrNAAYgquz3AKo7ACkAdvg8WqIaLGcumiFfuxN8-qOnZzkMdbXBIaXmjooxVjduS4aPy65JlQIAAABhUgAAAANoAQcKAMWVkr0kLqJwQc96dU8p_WgxLbb-iBSmm3DVqDr5nYt6hRTYdg4c0NxzmzjWjHhXqI8pIaIBU2mxfr4SVy4Tz3iuwvGKjDoUwjyiTpK2-RyqRSXkg3GQoExTx_TqxPLdleyrBAHpi9haMWHxljyafdSNSdXSWw93-S9eflKGbnj8jA5P5jsTgOZo0QjygoEe-SKGWQHUTTpeVMiW0mYSMdRR0QyHT6Nmc1-MyEoy2n1uiABHYnfL3gTm9hXitScSJcol2OnuxZkCxzZ186Ozo7D0g_S0kUL4UEtG8UP0D3HD_bgro0dWN4ZMAegxEev_F2Lf2YlNRlNWrGmEmVh6Dxr89__Qpo5WSD3h0yK6oywFsnIT_PDgd0m8_Ww_nUzRbNl4BafHMv7hx_rWluk_HzmGwr8rvVyuwtsFavRVJSiDAMXLjFFl3YzW7cdAt7f5vXeE4JZdjzkeE6sUpCsf8ASw6Hot2Fo-nu44dZy46gLZXFcVeFTLrAInAEELH-Jj4iMGS_1Pfxf47dNhYBTHWstXjh2rYKfX8OzMQu8JB_OiY-pDqIk6Et1-57FCJWyO7O4sXYi8nEL1SNkTPIBoxqoLUnKVNGm_bFPt2dr3WnanyzrCHLKJ2xVEFpoeowHEMnb_Cm_RMYZdzCpYCI_68gvsceZuG3ngBLzoFe3iMJalZD1uQiYzYQsmnd3as5v6BBD7AkYs5rCKdo0rfheFcYqHzlHcWRlJs4_t5c64GhKmwODu7Vx-DF9Twe7rxhG27v_XYHvrzcJ5GmyxolfRtAsgWOxCZb2ECJa6VXLrwfve6grt7GFbxsZUcln6uRcqsf_DkWjpQBJyio247ERK5_5XFKJnocck98GD2q2uKmCuurQMqM3Dj4TPxHhXNUCjaxCAaonqqcQ_xm4MGwoNEeNR2PerbLry_9M6lS5rpZ34scnApTGmKl7nlUg-UEcpMYIMbdI7FGHDMDu3bVA9RuELzYAumJJ5dm9M9pQtw8_TEAP-aQfH1mre94yYIPiyGj9nqGDWLAH4WLY_vyS3fvXZkWHRAWVlVBwNMKvpM2wrzVzLAGg6N10ElrQWOijmhN__D0_JqPSqqiUPzhWEJsXw5FOlNOUsjl7Y2ocmuAu4znfa9IWmQNuE3HaVbl4zJzMJMZGXbp32AbARHrB2aKWXeg9ZQ8xUuX7FRn_VQKX9WPZoudiX3yWUZpWuLkdSUQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:44 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 DcmEnabler_01_247.js Show response
s0.2mdn.net/879366/ Frame 630F 29 KB
10 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 11:55:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10136
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 13 Dec 2022 11:55:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 518D 0
0 91ms
91ms Fetch
image/gif 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvNmVPuAHBh3Zdi6gV89S8Zro4l7R7AbXzTy5Nf0K7A0wuMG5mmCNpT4EftxYg11cAuz79av7PIfHT0W8orG4fMN6lEaKarnNNSfNmNbyXI27-GdkxLIii8VYp_7jPdWDHIWFmzHsclgzy9r4ztGckdj8P-UY4SHb4c8SL_RdKyasG4Bz7d5LICCzL5nc1YK4CI451lNtr__bNUXtZkYGW8qZuHsFmviRWVAW8qYnej660E1ARZauZL1SSD83mHuMYCWExNyRurstv3KwKsCV13OzVqD4PYdvoCAM0GLgF-OkxjkCYyNijEB9fg-a0nVlxLg96ZtW4eub3JHTyjAFmpsuBk9_JdFQnh5adejbB5O8S5-mZzUvohr1WeZbcjlJ2I4eBkkX7JPbxAaYiaYRE6ZGR-VRwmr5dRauMa1FrYHPkuQoMPNGIIHoeu0rm7QuhscB_SSIsfdFMhrD1QBOx96HXc8HntySlwz7VOnzrknCh_LhFJIpHYbr2vRGLZ92Xy7xamgqfamyfakSA3GbWC6E4DslNqWpUVR_COze3_o6vIy1_dxlJUj8U8bn1ddnoe2lH8ECE133u1vPM0AYxYh-V2_PhJ9ds3V-4aXrgqfZgY3C24DL_xQANvt6oCpcR3rQwnrzYtymDegAoaDYarofgOGnVOpLXu4wfJbjdX8EATiKEuQ3mWGIrzkr14pBIZVB7vXx7OAlxHzIE5G15FyKMt7HI6jx1LqVQlkOuOO0u9Fa6SuwWcYpsJ1azefUGfKQ15YX5f71bKnMqmMGr8ySV98lFti2c5m1OWAEe3I1vR1eS6HhSObktzsDjMStpfRb3J-5aDelcYbV5tSXljBp0nPGv81mHNNwoTs3w7baUXvPU_LdUJwPw0x13kgTzIXF7DO2m-klWUdlZFndGPcmj7ivP3HO3PJE-f7Cp33teaDemm3MJDsSUAOStvGpDZVUKB4kJ6hjn9KGnFTelkExu6N8386eWhiBrgCaal_3lA_IrKWE77nLOTnhRbvl4a6KFI0VS76akT-vgEnNpvCfPNbl9XIgmSH4Rlpvfb9kDyNSMJs-jy5_LHq4nLosWDJR4FEGjpeKz1k0IBcj9pcd1M5O-skgd8A7Y_UJRACTU1PccGFJqZLIr8q2JV2NDvNazPLGocMITDth7e9I3kCcgK0oFEP4YrdvZu88r8qbhTEaNWq5mzW3du_UeEjpKQ5XMCyZhG876KHlVWt3YrQM8V5_eVFOjXFCgTqfWxznaFkkqC2m1m-FKEns6Z0vIKrI8RPlXAFNo&sai=AMfl-YR3uADKmbHhjmEkxa9iVc-idhceMVGGkw2BZfX2n8rZFP5vLwEcKJAEEIZQmIU6G5WdxwhqdwVhu75NEETupyCm2xslyqN5bWmcRMaBUPTUApN42EFLd7aUfPGTaEInikHDELfvBSZ0yZqlucGUiEbl0Y_enVvN-WfKagePkDG218_xPW8GXfcERA&sig=Cg0ArKJSzJjcuJq4HsN9EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=547&vt=11&dtpt=300&dett=3&cstd=244&cisv=r20221207.72463&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: angelyatko.com.ua
URL: https://angelyatko.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:44 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 13 Dec 2022 06:46:44 GMT

GET
H3 200 gfm_logo_st_.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 5 KB
5 KB 57ms
57ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/gfm_logo_st_.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01470731bb779c4034127b5f1aa322e2f40dcbec05deae81d32050ce2ade3042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 18:53:30 GMT
x-content-type-options: nosniff
age: 474794
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5365
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 18:53:30 GMT

GET
H3 200 020.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 6 KB
6 KB 127ms
122ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/020.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df866570450a3f82bf7b6ca44bf61f53f98688dc23b5d0dd1ec82a2789b244a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 12:06:52 GMT
x-content-type-options: nosniff
age: 585592
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6428
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 12:06:52 GMT

GET
H3 200 019.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 6 KB
6 KB 66ms
61ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/019.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e414b602ba303adb8956cc673b9644f28d82b2a2f55f5553cae386bd384ce2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:41:13 GMT
x-content-type-options: nosniff
age: 554731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6424
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 20:41:13 GMT

GET
H3 200 018.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 8 KB
8 KB 174ms
169ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/018.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf5cb64e3e210508151a0c776ad80e36a84b183f7327962650b2b3d072f01375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:41:13 GMT
x-content-type-options: nosniff
age: 554731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7894
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 20:41:13 GMT

GET
H3 200 017.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 9 KB
9 KB 168ms
164ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/017.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3e1439a00ea92885f7c270adec9b574cd194e88c311b8e20a6b664d6c1f7767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 04:44:20 GMT
x-content-type-options: nosniff
age: 525744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8906
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 04:44:20 GMT

GET
H3 200 016.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 5 KB
5 KB 164ms
159ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/016.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d12b68b5d1b7710c75351f06ca2395d759873e3c21154ef74bc7792a09b27e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 19:00:47 GMT
x-content-type-options: nosniff
age: 474357
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5052
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 19:00:47 GMT

GET
H3 200 015.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 6 KB
6 KB 149ms
144ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/015.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

701bd818d578e319ba4026629ed09fb3cb12213bd2060716be8a79988d255822

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:41:13 GMT
x-content-type-options: nosniff
age: 554731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6014
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 20:41:13 GMT

GET
H3 200 014.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 4 KB
4 KB 160ms
156ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/014.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad345c4dc19acc3847ce67e8ff2fb2a28c1d6915649571707b4d9c35060f78c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 04:11:44 GMT
x-content-type-options: nosniff
age: 268500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4076
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 04:11:44 GMT

GET
H3 200 013.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 8 KB
8 KB 140ms
136ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/013.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aab0e12caa48fffa7e90cf517db4b75d9986b24b6bcbabb27d657d79e5555688

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 04:44:20 GMT
x-content-type-options: nosniff
age: 525744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7962
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 04:44:20 GMT

GET
H3 200 012.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 7 KB
7 KB 155ms
151ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/012.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

611bf8c01073c2d5803ced5986e6cc706deaa80b897a6cc6b60d1242585c9223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:41:13 GMT
x-content-type-options: nosniff
age: 554731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7317
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 20:41:13 GMT

GET
H3 200 011.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 7 KB
7 KB 132ms
128ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/011.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b51dbf86a17f7d2f2a669805bff48a8fe61320e904e8b758ebfef66a2319dfff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:15:46 GMT
x-content-type-options: nosniff
age: 603058
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7019
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 07:15:46 GMT

GET
H3 200 010.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 5 KB
5 KB 185ms
181ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/010.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd71a52e2493f784b17e8fcc5d250d28a590c851c6399ec49e2022c357f6eb27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 04:11:44 GMT
x-content-type-options: nosniff
age: 268500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4838
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 04:11:44 GMT

GET
H3 200 009.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 10 KB
10 KB 181ms
177ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/009.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6a0a1052507da3e010b9ba03a4ce8884f96e4676c11f8567c3a6ba14ad0ee13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 11:42:27 GMT
x-content-type-options: nosniff
age: 327857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9823
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 11:42:27 GMT

GET
H3 200 008.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 8 KB
8 KB 111ms
107ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/008.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac66d6838b453a19c347779984a0c513ad08be8b31ed70407ae9b0ae903af7be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 08 Dec 2022 12:03:11 GMT
x-content-type-options: nosniff
age: 413013
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8377
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 12:03:11 GMT

GET
H3 200 007.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 5 KB
5 KB 106ms
102ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/007.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e3f28f70175c2fdb3fe27720b51fb6121cba4204d0faeefa2921b2c8dc1075d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:41:13 GMT
x-content-type-options: nosniff
age: 554731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5447
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 20:41:13 GMT

GET
H3 200 006.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 8 KB
8 KB 179ms
175ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/006.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8c3d954ddc0e205d052ce2237f8651099a540b58a1b7583edc397e699b19b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 17:18:48 GMT
x-content-type-options: nosniff
age: 307676
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7980
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Dec 2023 17:18:48 GMT

GET
H3 200 005.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 9 KB
9 KB 95ms
92ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/005.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc1755fa21db07b9a03bd2b92deabad9fae832df0b9c445300a33bfe1547ebe7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:08:34 GMT
x-content-type-options: nosniff
age: 556690
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9684
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 20:08:34 GMT

GET
H3 200 004.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 8 KB
8 KB 174ms
170ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/004.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae410b42d80cc88198c95ba3b8bf1efce4909d4345d750af1f11a93fd2719874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 04:11:44 GMT
x-content-type-options: nosniff
age: 268500
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8201
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 04:11:44 GMT

GET
H3 200 003.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 9 KB
9 KB 66ms
63ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/003.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c01ee3fd9b61da2152a80e590ebe902318b87f6b22a938f470471f3747349b62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 07:15:46 GMT
x-content-type-options: nosniff
age: 603058
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8886
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 07:15:46 GMT

GET
H3 200 002.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 10 KB
10 KB 76ms
73ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/002.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6571c6d9766f45ec66306165fcf650f70d84b555900f56fb0a8222be597a348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 20:41:13 GMT
x-content-type-options: nosniff
age: 554731
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10243
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 06 Dec 2023 20:41:13 GMT

GET
H3 200 001.png
s0.2mdn.net/sadbundle/4550933954932244480/ Frame 630F 8 KB
8 KB 87ms
84ms Image
image/png 2a00:1450:4001:80b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/4550933954932244480/001.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

143e82c7d07494e4466e118b72d428f33cd3742bb16c7fe32133d52f560541dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4550933954932244480/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 01:30:17 GMT
x-content-type-options: nosniff
age: 278187
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7763
x-xss-protection: 0
last-modified: Tue, 23 Nov 2021 12:35:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Dec 2023 01:30:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 518D 7 KB
6 KB 206ms
95ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

154da7af64af07b7c8633411906e12b01b5261523d7431931d622e1084082c80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5714
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 208ms
104ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c035d4d34ec4d5ce70d6f563f9c9054ef98ed1ab28b0668a26656f94b8a569fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11122
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 518D 17 KB
6 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:46:47 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 13 Dec 2022 06:46:47 GMT

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 9500 36 KB
16 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 22:05:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DD62 13 KB
5 KB 57ms
57ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 8189
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 04:30:18 GMT
expires: Wed, 13 Dec 2023 04:30:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 507D 783 B
533 B 178ms
67ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ea6e293f724a23b387e2c4af33e076a0b375af256137495ac97d0af59c2904f3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-48SdMihiPo-uo_kGzsiOOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://angelyatko.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-48SdMihiPo-uo_kGzsiOOg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 13 Dec 2022 06:46:47 GMT
expires: Tue, 13 Dec 2022 06:46:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js Show response
pagead2.googlesyndication.com/bg/ Frame DD62 36 KB
16 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 22:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31279
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16071
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 12 Dec 2023 22:05:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 507D 0
0 91ms
91ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=4373964511245333&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame DD62 0
10 B 56ms
56ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kHruiQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Dec 2022 06:46:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 518D 42 B
64 B 89ms
89ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssE-i9kxqwJoZqNzLmRo8SoUOmurt8TEoMkpWUGDf7GzDmRWQZj4qkLFMRsXAYcsFu1MvcpC6vP2RPzOhas55ZJHXKHh7YN6vabzLoV1ehu9U3xYhEKuMBCLir6r3DcJU8-ClP1Ew&sai=AMfl-YSZjo-iw9q29TRxMiaHh_QZuHL7Hxoxj0gY5NSol2k0KoPl9WyjbOL7LyQjRqDBifWVWc7mu4Ta28SgaZQ&sig=Cg0ArKJSzKtgDhB3wzqhEAE&cid=CAQSGwDq26N9dGKAJTwy_VK4Zr4fT0RDXGnU6BJmDxgBIBM&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670914003654&rpt=3272&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 518D 0
21 B 91ms
90ms Ping
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5393311956757&version=m202209210101&ct=119&x=1&cor=7330290317488447000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 13 Dec 2022 06:46:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 94ms
94ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=4373964511245333&bg=!IyClIGTNAAYgquz3AKo7ACkAdvg8Wq9JCSncIo-PCzQYza2uSbelIzShojGJBUWtEG42pNsX5pmkGQIAAABIUgAAAAJoAQcKACyuZ8BO6NshewzuJ9osr2kodXGDWO8cFFC8zgjJALjTVx2id4lvdBc4KMoMopkCk8YC2eMVPMf0x-Ejn6uS_5PEm4rCMajzaPJbTf2mkOklnvZco4hfjdmEYePhcdZZ1y4Y0_Gm5iiYmH8_CSxviKsIX_ZTpJCz_gaKeyQHsKDsnD5lbOClt_BYk1yJ_9a8pNZwB9ceizLc8FhR0jQX3UBYpKyDwnKz_uBzh2qB973AopARoUPSXP8SgddPOr-Zh0FXDUE1pPBIuIL00DzW5CxHDw2roj8XVOpW7TpwWqaCVhOxorE-Bqcvuerjd4v75e3Np3oU1iazttADhQC1Zbnp478COyG_sRuxNnqO81CBG5RNCM-Cwv9ud2WtLQ06YiEIN1UnH6H7sYqlUallcA3WZhyRHYg88Erq81osJFouk5j50cy85bXeEPFaWjLuVVL1OZ9dHUQAVLYwA3SuoE4r3-Voxu3gpnnKK_nverU5X5ynBqmnfWtGbHUhmJdB9WR4hs6mVXOEUgvXvX8DGmcmOrW4W5GTpgBz_qiWPnvpityD0wei0tX2bjfdYXH5TCl3detimcazPRIC4_5kMYifdZvPg7ZwpWYMFg4HNjI42Tg9hpFsqRaSHSUWOl6ALMNsH0G59ODNg6ZXUpPjvHXQwJETim5Cu0c1_HbINL402gmGCryolHvVH_MEiWE2tVGm-0lapRUUjpGxmZQ1ffhPpH-EpJeWjKCdFPpHT2avrTVM9CzLuCWYK7ECtalhePB79sYbXYtjNleuGLXL7fwP-NM2QmtbTyxBSe2yaOb-QvNdRnPKASFSRYmR9QKIWldtqrpeQ3t6RtGZsHzBRIx5xWWXTsPcI_CyFklpmGJ0jr6KKPDKT00vCbMCYaNEw88bqnjCcdVxVL8CUfY-Q-XFXSFDnC9ZcvYC5FZo1W871FV-
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://angelyatko.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.angelyatko.com.ua/	1970-01-20 17:44:34	Name: _ga_Q6H8S4SY17 Value: GS1.1.1670914002.1.0.1670914002.0.0.0
.angelyatko.com.ua/	1970-01-20 17:44:34	Name: _ga Value: GA1.3.487234436.1670914003
.angelyatko.com.ua/	1970-01-20 08:10:00	Name: _gid Value: GA1.3.1196366206.1670914003
.angelyatko.com.ua/	1970-01-20 08:08:34	Name: _gat_gtag_UA_197949678_1 Value: 1
.angelyatko.com.ua/	1970-01-20 17:30:10	Name: __gads Value: ID=8c5db3c87a5b5b72-22cd3dfcf7d900a8:T=1670914003:RT=1670914003:S=ALNI_MYfqZi6YR408o7PlnIrwZagrMVstg
.angelyatko.com.ua/	1970-01-20 17:30:10	Name: __gpi Value: UID=00000b91a388daba:T=1670914003:RT=1670914003:S=ALNI_MaAxkijWeSl30sLKW14yEVnnVtnHQ
.doubleclick.net/	1970-01-20 17:30:10	Name: IDE Value: AHWqTUlxHzfn7_TW6oMMKXE1py4YJV7fByAfO_4WO1UKnHhwb6cL4Op0QTXyXBkNqRM
.casalemedia.com/	1970-01-20 10:18:10	Name: CMPS Value: 5178
.casalemedia.com/	1970-01-20 10:18:10	Name: CMPRO Value: 5178
.casalemedia.com/	1970-01-20 16:54:10	Name: CMID Value: Y5gf1PONMMXqToeiqpJnaAAA
.3lift.com/	1970-01-20 10:18:10	Name: tluid Value: 492268799613357226042
.travelaudience.com/	1970-01-20 17:38:48	Name: _tracker Value: %7B%22UUID%22%3A%222EC10381-DEA8-43CD-9C13-DEDE7B3226FC%22%7D
.yahoo.com/	1970-01-20 16:54:31	Name: A3 Value: d=AQABBNQfmGMCEDBE_7ruxR_fkMQa0Z-sfJYFEgEBAQFxmWOiYwAAAAAA_eMAAA&S=AQAAAlvbl0MWzpSnNGlpvS1RFKo
.turn.com/	1970-01-20 12:27:46	Name: uid Value: 2931960542471245719
.adfarm1.adition.com/	1970-01-20 10:18:10	Name: UserID1 Value: 7176521001615227021
.adform.net/	1970-01-20 08:52:32	Name: C Value: 1
.1rx.io/	1970-01-20 16:54:10	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3153ff5c-1932-4e96-9d98-8cea3911e080-003%22%7D
.adform.net/	1970-01-20 09:34:58	Name: uid Value: 776750460462029761
.casalemedia.com/	1970-01-20 10:18:10	Name: CMTS Value: 2216
.adnxs.com/	1970-01-20 10:18:10	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GVIx.0d)!]tbPl1M>e)ZlrFUfJ+tGXxpK?0M)p[nnYJQS27O[Kh@XF!1Zr]5*$!(-G+k3If)y3KL9D3I?+GZE?<t
.adnxs.com/	1970-01-20 10:18:10	Name: uuid2 Value: 9195909329776663311
.targeting.unrulymedia.com/	1970-01-20 16:54:10	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-3153ff5c-1932-4e96-9d98-8cea3911e080-003%22%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
angelyatko.com.ua
c1.adform.net
cm.g.doubleclick.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
partner.googleadservices.com
pr-bh.ybp.yahoo.com
r.turn.com
region1.google-analytics.com
s0.2mdn.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.185.130
142.250.185.162
176.114.0.120
185.80.39.216
185.89.210.244
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
213.19.147.44
2a00:1450:4001:800::2002
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2002
2a05:d018:d29:3605:6c4b:f51b:1183:ef60
35.190.0.66
37.157.6.233
76.223.111.18
85.114.159.93
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
01470731bb779c4034127b5f1aa322e2f40dcbec05deae81d32050ce2ade3042
07e4203b9f313b587b1d53f896e63771ec85f9b0d4c2ac5fa64089457784d847
095f1d95c80fc71b0cd42f551727f1709aa58b088e97d2d38f2b6c5ef770095a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143e82c7d07494e4466e118b72d428f33cd3742bb16c7fe32133d52f560541dc
154da7af64af07b7c8633411906e12b01b5261523d7431931d622e1084082c80
16a2d691736db0bc6fc56b59ee65c166c3b27bf22360d2d33ce7353a4d480616
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1bd8d82c8ac7eba234a784e421a37fe49abe31ee7c48996bc6c35b84130b5d77
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e825af3c1bf39811427e1fc8c4ee79507a30981a5045c647ef5974d54b52de0
26f460684f12189fe824f07693fae9b331afe98783c8d324acd24b5869dc948b
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2fbb1bdf6a4402d54edad00c813a74a7073d16ceca8d096291ebb40efd719928
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
36fd600611f33f21909432f5c03114cd07eeff4d3b3303f7cedc5a62a9eb05ad
392d77cffdff39dc3f1a1b0f8f75dc53a84b0329bdb9d43908ead698ed004e9e
3e414b602ba303adb8956cc673b9644f28d82b2a2f55f5553cae386bd384ce2b
41b8cb55d67a6b903f36a48f0092c85a6810ca974a8710590da51ca68edef8c7
435a4083e8a4765a5a81a9282372d8727e5eaa9bbedc183f80db956af95d93e7
4461667f0c7538b160d94f370f45b99e61d5d66882586bb0643d3926d8227f2e
46036e9fbeecb68f6f9ca6dbc6cd0b7ece368756d9ab1be97890791147484590
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d12b68b5d1b7710c75351f06ca2395d759873e3c21154ef74bc7792a09b27e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
563fd70c2f98ba30da5563f89eb586ceea7ce17483adc043b29d5578e59cc430
5836e342b13c5e478c0587befc676af479166eefb14a1887f73783f2716cc31f
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d5575c28819cc80d5cf47729e998387ddc2d510a6adf37ce5a19b8f2127ee05
60a84abaf12e44b36fee2b789a4b6ef13cfdca1f3bd7f4912598b57cd29dc2d3
611bf8c01073c2d5803ced5986e6cc706deaa80b897a6cc6b60d1242585c9223
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e3f28f70175c2fdb3fe27720b51fb6121cba4204d0faeefa2921b2c8dc1075d
701bd818d578e319ba4026629ed09fb3cb12213bd2060716be8a79988d255822
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82338d2bf07bab2ebd4f5f2590170ea21578345c54fed63326204c2fd3702af8
836e8d4d7552b81ba8e3d4fd626f732bea74bdd0b561b54fe287bdead948cf9a
8654f07056ffa700c3b61927eeb0f282f1a9f26061158ac3457079be08824026
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
87c49906d9734363f6d084cb49f21aba8ae026adb4c2de6fbfcc7cba061ccb23
892af9f95c881cde5c6c1810e0f45e4687174a1171504c96b36218dd54bb1486
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8e83db047f5b908d27e6cbcd644a66728658f061946220731e1bfb7a786f1b59
8f4270bbc6255406cfffd5eb876dcc57d66e75f3698caeb3a3e9896a02dff415
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
91bdd744c11191d5019e24869b32059539bda2902e84eed9d8f25b6be3e8babf
99f060e2751e5f3be50952e2e56369b1dbc56253d6b7232f2cec6b58f8ff2d4d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b2fd968e7317b58d1a588c748f0a92bf3d997ccfd169d70e6596a9bc8a57a1e
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9e202864f4267c224b69b432f85ddf838ee7b59f3bd54454628ae0a00b07a6ae
9fa0f4513eaf62288b7843b7cff59bd539d068488a802e3a3903d041038d7940
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0ea735f765d5bc1230beb63bcb701b69c80d77c48572a61bb159a8915903278
a33adcfba92f816e4a0112a4de6019f6da75a28d61c8f4587c249ee62506c85e
a3e1439a00ea92885f7c270adec9b574cd194e88c311b8e20a6b664d6c1f7767
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f4b3895fce89a976e861285a29b4d8565bb45c565a753704b093338c8ea3b5
a6571c6d9766f45ec66306165fcf650f70d84b555900f56fb0a8222be597a348
aab0e12caa48fffa7e90cf517db4b75d9986b24b6bcbabb27d657d79e5555688
ac66d6838b453a19c347779984a0c513ad08be8b31ed70407ae9b0ae903af7be
ad345c4dc19acc3847ce67e8ff2fb2a28c1d6915649571707b4d9c35060f78c3
ae410b42d80cc88198c95ba3b8bf1efce4909d4345d750af1f11a93fd2719874
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b51dbf86a17f7d2f2a669805bff48a8fe61320e904e8b758ebfef66a2319dfff
bdb541b6523c0059d132059a21b2467e3ce7f8f04a66e5fbd9628cb1d03d3f13
bf5cb64e3e210508151a0c776ad80e36a84b183f7327962650b2b3d072f01375
c0048c779e4ba43a40bb7a05a769c4a6875d2d16225d7a6285e5325e60f5a4aa
c01ee3fd9b61da2152a80e590ebe902318b87f6b22a938f470471f3747349b62
c035d4d34ec4d5ce70d6f563f9c9054ef98ed1ab28b0668a26656f94b8a569fc
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c4d60e53476012ab254ca2f3f479903a6be9ead3cb39a9ea353c51ec75c618c8
d20859be350f0ddead4d264bbd118577dcc1046abef44566c221a2edf4c0c214
d37690ad54b6565adf208a7d7221cef2d3ef718b7015cb0a26d4fcda69804d9a
d8c3d954ddc0e205d052ce2237f8651099a540b58a1b7583edc397e699b19b5f
dc1755fa21db07b9a03bd2b92deabad9fae832df0b9c445300a33bfe1547ebe7
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
dd94cedd0e1b172381daa660ae1ddd3b1ee60008e61c47814de87d662ca7dc95
def1424f4f259a4cf927fe1f7ea7ec24bdc2fc78edca55fdb593cc0c293dbec5
defb20e43cce9cae26c0f036e325e76c1aeb9e909c3b9675efba535cb74dd735
df866570450a3f82bf7b6ca44bf61f53f98688dc23b5d0dd1ec82a2789b244a5
dff8d4c34b364bf1cb62c7a88b1ab708182341faf3fe6b18e863559353d859e8
e13275ece1211f5e0c1959c0d97102eba8700fef791a117fcbafc5702ea27950
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6a0a1052507da3e010b9ba03a4ce8884f96e4676c11f8567c3a6ba14ad0ee13
ea6e293f724a23b387e2c4af33e076a0b375af256137495ac97d0af59c2904f3
ecb575ab1a32cbb2fffef99efdb1ba19767227802d078aa76ca3b84846ea21e9
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef84761e8c4763abb21c46e289bed7e5df61de5b3a643c46cb3be81f213dd06d
ef9459f9c38dffb7c4fa60f30be00ad3d1650fdacc793f666239e33affd03577
fbc10b06e7879f8e72d422925467c68872eb9e3ee18d8ee331105f861e90460e
fd71a52e2493f784b17e8fcc5d250d28a590c851c6399ec49e2022c357f6eb27

angelyatko.com.ua Open in urlscan Pro 176.114.0.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

146 Requests

90 %HTTPS

62 %IPv6

22 Domains

28 Subdomains

21 IPs

7 Countries

2028 kBTransfer

3696 kBSize

22 Cookies

2 Outgoing links

Page URL History

Redirected requests

146 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

angelyatko.com.ua Open in urlscan Pro
176.114.0.120 Public Scan

Screenshot
Live screenshot

Full Image

146
Requests

90 %
HTTPS

62 %
IPv6

22
Domains

28
Subdomains

21
IPs

7
Countries

2028 kB
Transfer

3696 kB
Size

22
Cookies

146 HTTP transactions
2 data transactions