urlscan.io logo urlscan.io
SecurityTrails logo

muxtar.com.ua Open in urlscan Pro
88.99.219.19  Public Scan

Go To Rescan Add Verdict Report
URL: http://muxtar.com.ua/
Submission: On July 25 via api from KR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 29 IPs in 4 countries across 22 domains to perform 101 HTTP transactions. The main IP is 88.99.219.19, located in Germany and belongs to HETZNER-AS, DE. The main domain is muxtar.com.ua.
This is the only time muxtar.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
8 88.99.219.19 24940 (HETZNER-AS)
6 2a00:1450:400... 15169 (GOOGLE)
1 1 87.240.129.187 47541 (VKONTAKTE...)
6 87.240.190.78 47541 (VKONTAKTE...)
15 2a00:1450:400... 15169 (GOOGLE)
1 1 94.100.180.100 47764 (MAILRU-AS...)
1 3 94.100.180.55 47764 (MAILRU-AS...)
5 2a02:6b8:20::215 13238 (YANDEX)
1 172.67.38.97 13335 (CLOUDFLAR...)
1 81.19.89.1 24638 (RAMBLER-T...)
2 91.239.233.47 196645 (HOSTPRO-AS)
3 9 217.69.133.145 47764 (MAILRU-AS...)
1 3 81.19.89.17 24638 (RAMBLER-T...)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 185.5.137.210 47764 (MAILRU-AS...)
2 94.100.180.38 47764 (MAILRU-AS...)
1 104.22.53.65 13335 (CLOUDFLAR...)
1 216.58.212.162 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
6 95.142.206.1 60476 (MYCOM-AS)
4 8 2a02:6b8::1:119 13238 (YANDEX)
1 2a03:2880:f11... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 185.5.137.211 47764 (MAILRU-AS...)
1 2a00:1148:db0... 47764 (MAILRU-AS...)
101 29
8    88.99.219.19 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cp27.eskhosting.com
muxtar.com.ua
www.muxtar.com.ua
www.profidog.com.ua
6    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    87.240.129.187 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv187-129-240-87.vk.com
userapi.com
6    87.240.190.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-190-240-87.vk.com
vk.com
15    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
1    94.100.180.100 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: img.mail.ru
cdn.connect.mail.ru
3    94.100.180.55 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: connect.mail.ru
connect.mail.ru
5    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
yandex.st
yastatic.net
1    172.67.38.97 (United States)

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
1    81.19.89.1 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: top100.rambler.ru
top100-images.rambler.ru
2    91.239.233.47 (Ukraine)

ASN196645 (HOSTPRO-AS, UA)
PTR: afisha.zp.ua
misto.zp.ua
9    217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru
top-fwz1.mail.ru
3    81.19.89.17 (Moscow, Russian Federation)

ASN24638 (RAMBLER-TELECOM-AS, RU)
PTR: kraken.rambler.ru
counter.rambler.ru
kraken.rambler.ru
2    2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    185.5.137.210 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: mystatic10.i.mail.ru
my2.imgsmail.ru
2    94.100.180.38 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: my.mail.ru
my.mail.ru
1    104.22.53.65 (United States)

ASN13335 (CLOUDFLARENET, US)
c.statcounter.com
1    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
6    95.142.206.1 (Russian Federation)

ASN60476 (MYCOM-AS, NL)
PTR: srv1-206.vkontakte.ru
st6-21.vk.com
8    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)
mc.yandex.ru
mc.yandex.com
1    2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:800::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
accounts.google.com
15    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.gstatic.com
4    185.5.137.211 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: mystatic1.i.mail.ru
my1.imgsmail.ru
1    2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
rs.mail.ru
Domain Requested by
15 tpc.googlesyndication.com googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
9 top-fwz1.mail.ru 3 redirects muxtar.com.ua
vk.com
top-fwz1.mail.ru
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7 pagead2.googlesyndication.com muxtar.com.ua
pagead2.googlesyndication.com
tpc.googlesyndication.com
6 st6-21.vk.com vk.com
st6-21.vk.com
6 vk.com muxtar.com.ua
userapi.com
vk.com
6 apis.google.com muxtar.com.ua
apis.google.com
accounts.google.com
5 mc.yandex.com 2 redirects muxtar.com.ua
4 my1.imgsmail.ru connect.mail.ru
my1.imgsmail.ru
4 yastatic.net muxtar.com.ua
4 muxtar.com.ua muxtar.com.ua
3 www.google.com 1 redirects apis.google.com
tpc.googlesyndication.com
3 mc.yandex.ru 2 redirects muxtar.com.ua
3 connect.mail.ru 1 redirects muxtar.com.ua
my2.imgsmail.ru
2 www.googletagservices.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 my.mail.ru muxtar.com.ua
connect.mail.ru
2 connect.facebook.net muxtar.com.ua
connect.facebook.net
2 counter.rambler.ru 1 redirects muxtar.com.ua
2 misto.zp.ua muxtar.com.ua
2 www.profidog.com.ua muxtar.com.ua
2 www.muxtar.com.ua muxtar.com.ua
1 rs.mail.ru connect.mail.ru
1 ssl.gstatic.com accounts.google.com
1 accounts.google.com apis.google.com
1 www.facebook.com connect.facebook.net
1 kraken.rambler.ru muxtar.com.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 c.statcounter.com www.statcounter.com
1 my2.imgsmail.ru cdn.connect.mail.ru
1 top100-images.rambler.ru muxtar.com.ua
1 www.statcounter.com muxtar.com.ua
1 yandex.st muxtar.com.ua
1 cdn.connect.mail.ru 1 redirects
1 userapi.com 1 redirects
101 36
Subject Issuer Validity Valid
*.apis.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.vk.com
GlobalSign Organization Validation CA - SHA256 - G2		 2020-06-09 -
2022-06-10		 2 years crt.sh
*.mail.ru
GeoTrust ECC CA 2018		 2020-11-13 -
2021-11-17		 a year crt.sh
*.rambler.ru
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-05-20 -
2022-05-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
us-dallas.statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2020-10-13 -
2021-11-13		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
mc.yandex.ru
Yandex CA		 2021-02-27 -
2021-08-09		 5 months crt.sh
accounts.google.com
GTS CA 1O1		 2021-06-28 -
2021-09-20		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-28 -
2021-09-20		 3 months crt.sh
*.imgsmail.ru
GeoTrust RSA CA 2018		 2021-07-12 -
2022-08-12		 a year crt.sh
*.my.mail.ru
GeoTrust RSA CA 2018		 2020-05-06 -
2022-07-06		 2 years crt.sh

This page contains 14 frames:

Primary Page: http://muxtar.com.ua/
Frame ID: 70B4F1D9988C6C8C8B1020AE5FEAE03B
Requests: 51 HTTP requests in this frame

Frame: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Frame ID: 48B491A8EE4E44562F4FFAD61A290B8D
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Frame ID: 19C2CB1963D9569A3F6748A33011FCCD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=600&slotname=8354661122&adk=1408608796&adf=2795535319&pi=t.ma~as.8354661122&w=120&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785999&bpp=4&bdt=533&idt=59&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1705174938&correlator=4362156468550&frm=20&pv=1&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1449&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PCkPzlnlWV&p=http%3A//muxtar.com.ua&dtd=62
Frame ID: F782C0107DF1E0F534BB5100E56D864F
Requests: 1 HTTP requests in this frame

Frame: https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
Frame ID: A81269493653FD53495298C1A3486601
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ffb1fd5e10b48%26domain%3Dmuxtar.com.ua%26origin%3Dhttp%253A%252F%252Fmuxtar.com.ua%252Ff2374f41c4041d%26relation%3Dparent.parent&container_width=1096&font=arial&href=http%3A%2F%2Fmuxtar.com.ua%2F&locale=ru_RU&sdk=joey&send=true&show_faces=true&width=450
Frame ID: A928B7B97FFC9CCA00616525615A1863
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&hl=ru&origin=http%3A%2F%2Fmuxtar.com.ua&url=http%3A%2F%2Fmuxtar.com.ua%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Frame ID: 3E5F2BF00A4AC7BEBD2AEC30FD8E2CE0
Requests: 2 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fmuxtar.com.ua&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Frame ID: 731747BFF561C5D5C7407B31865D8B5B
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Frame ID: DA3720297ECF6795903FD6D147F11E39
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 4525083DDC982A5E91A1C561C9350864
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Frame ID: C1F600B4E4539EF5617C3BAFCB092E1B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&adk=1812271804&adf=3025194257&lmt=1627226787&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fmuxtar.com.ua%2F&ea=0&flash=0&pra=7&wgl=1&dt=1627226787390&bpp=2&bdt=1924&idt=2&shv=r20210720&mjsv=m202107220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a6ff9b860f113-222f389a76c9004e%3AT%3D1627226786%3ART%3D1627226786%3AS%3DALNI_MZoEzrrRR04UZDEnPrCwx2f04UNgw&prev_slotnames=1705174938%2C8354661122&nras=1&correlator=4362156468550&frm=20&pv=1&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&psts=AGkb-H-ohgoQqDu6gGXlkcmHhEOsil9S7OJuhOx_Es9ZO65cMP7is8-LLoob4o_5xXMBsRgA8Q1rgfn27YA&pvsid=1778599375704385&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=19
Frame ID: 567722EEAE5017F2F5D49C4B203D6A8F
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: BCF920234BE11883BC24DA45EF170AC1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: FFB30C11C7C5F34D365A6865F0E49963
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /apis\.google\.com\/js\/[a-z]*\.js/i

Page Statistics

101
Requests

78 %
HTTPS

47 %
IPv6

22
Domains

36
Subdomains

29
IPs

4
Countries

1836 kB
Transfer

4156 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://userapi.com/js/api/openapi.js?49 HTTP 301
  • https://vk.com/js/api/openapi.js?49
Request Chain 7
  • http://cdn.connect.mail.ru/js/loader.js HTTP 301
  • http://connect.mail.ru/js/loader.js
Request Chain 13
  • http://top-fwz1.mail.ru/counter?id=2453840;t=475;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter?id=2453840;t=475;l=1 HTTP 302
  • https://top-fwz1.mail.ru/counter2?id=2453840;t=475;l=1
Request Chain 14
  • http://counter.rambler.ru/top100.jcn?1845179 HTTP 307
  • https://counter.rambler.ru/top100.jcn?1845179
Request Chain 19
  • http://connect.facebook.net/ru_RU/all.js HTTP 307
  • https://connect.facebook.net/ru_RU/all.js
Request Chain 42
  • https://top-fwz1.mail.ru/counter?js=13;id=2453840;u=http%3A//muxtar.com.ua/;title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=e91a61c6d98f74a4;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.1//4g/0/0/;lvid=1627226786138%3A1627226786154%3A1%3A27b277a435299fabbee521f9d5c04c19;_=0.5251307922687762 HTTP 302
  • https://top-fwz1.mail.ru/counter2?js=13;id=2453840;u=http%3A//muxtar.com.ua/;title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=e91a61c6d98f74a4;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.1//4g/0/0/;lvid=1627226786138%3A1627226786154%3A1%3A27b277a435299fabbee521f9d5c04c19;_=0.5251307922687762
Request Chain 44
  • http://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1 HTTP 301
  • https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
Request Chain 48
  • http://mc.yandex.ru/metrika/watch.js HTTP 302
  • https://mc.yandex.ru/metrika/watch.js
Request Chain 72
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 84
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9345.os5rk28nUzbZwtnAt1X187gtylvIVecMrbTYDBYcVO7fRQoUg7v0Q_CzPC98UJ_g.0NdhGlw9tpPLMZy55PLNuN0IZ10%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9345.WJw2YCTg0ckaE1ZQqIbj6d3ipARx2ZP3Us6tkRGAN9nTcCBzkypYgToqjaNuB_9pCSeOOR4weKmTkX7o7ZorMQ%2C%2C.L0M4S8AbmGvnFAy3W7dAsm6dnGs%2C
Request Chain 89
  • https://mc.yandex.com/watch/26812653?wmode=7&page-url=http%3A%2F%2Fmuxtar.com.ua%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A632363516113%3Ahid%3A100791298%3Az%3A120%3Ai%3A20210725172626%3Aet%3A1627226787%3Ac%3A1%3Arn%3A791457252%3Au%3A1627226787126527838%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627226785349%3Ads%3A39%2C13%2C57%2C2%2C0%2C0%2C%2C903%2C35%2C%2C%2C%2C1020%3Adsn%3A38%2C14%2C56%2C2%2C%2C0%2C%2C908%2C36%2C%2C%2C%2C1019%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627226787%3At%3A%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F HTTP 302
  • https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fmuxtar.com.ua%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A632363516113%3Ahid%3A100791298%3Az%3A120%3Ai%3A20210725172626%3Aet%3A1627226787%3Ac%3A1%3Arn%3A791457252%3Au%3A1627226787126527838%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627226785349%3Ads%3A39%2C13%2C57%2C2%2C0%2C0%2C%2C903%2C35%2C%2C%2C%2C1020%3Adsn%3A38%2C14%2C56%2C2%2C%2C0%2C%2C908%2C36%2C%2C%2C%2C1019%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627226787%3At%3A%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80%21%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F

101 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
muxtar.com.ua/ 		23 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
88.99.219.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cp27.eskhosting.com
Software
nginx/1.20.1 / PHP/5.6.40
Resource Hash
3f15444fd4637e1edf4978cc8e519393d7efffb6fa4dfa7d99fadcb9a271ddce

Request headers

Host
muxtar.com.ua
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx/1.20.1
Date
Sun, 25 Jul 2021 15:26:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.40
Content-Encoding
gzip
plusone.js
apis.google.com/js/ 		54 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f6390c8d956a7f64e65782ade728dd1c30881b91d6c155e8b00930277fd74bef
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-791r07an6lRRrf1pY4Jb1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"d686fddac5457bf0de3b958d49856ad1"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-791r07an6lRRrf1pY4Jb1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 25 Jul 2021 15:26:25 GMT
openapi.js
vk.com/js/api/
Redirect Chain
  • http://userapi.com/js/api/openapi.js?49
  • https://vk.com/js/api/openapi.js?49
100 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/api/openapi.js?49
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:25 GMT
content-encoding
br
x-frontend
front225206
last-modified
Tue, 15 Jun 2021 09:11:55 GMT
server
kittenx
etag
"60c86edb-5802"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
22530
expires
Thu, 29 Jul 2021 15:26:25 GMT

Redirect headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
X-Frontend
front508124
Server
kittenx
Strict-Transport-Security
max-age=15768000
Content-Type
text/html
Location
https://vk.com/js/api/openapi.js?49
Access-Control-Expose-Headers
X-Frontend
Connection
keep-alive
Content-Length
164
nadpis.png
www.muxtar.com.ua/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.muxtar.com.ua/images/nadpis.png
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
88.99.219.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cp27.eskhosting.com
Software
nginx/1.20.1 /
Resource Hash
df66a811c7972c892a61bf73f73070b4fbe2d940bad7565d3ebeae01df36e53f

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Last-Modified
Thu, 03 Sep 2009 15:34:54 GMT
Server
nginx/1.20.1
ETag
"4a9fe21e-3f8e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16270
bnr_468x60.gif
www.profidog.com.ua/ 		361 KB
362 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.profidog.com.ua/bnr_468x60.gif
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
88.99.219.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cp27.eskhosting.com
Software
nginx/1.20.1 /
Resource Hash
ba9585e86eab9989249bcc9a97738f5780f0ac5f214f8c365b3442f65c61ab80

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Last-Modified
Sun, 23 Jul 2017 17:39:04 GMT
Server
nginx/1.20.1
ETag
"5974df38-5a5ba"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
370106
sobak.png
www.muxtar.com.ua/images/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.muxtar.com.ua/images/sobak.png
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
88.99.219.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cp27.eskhosting.com
Software
nginx/1.20.1 /
Resource Hash
48a7bb4c3019761d1408963c07a279d73bf1bb927a8e635970399d690e9bdb40

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Last-Modified
Thu, 03 Sep 2009 15:34:51 GMT
Server
nginx/1.20.1
ETag
"4a9fe21b-163dd"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91101
banner_150x180.gif
www.profidog.com.ua/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.profidog.com.ua/banner_150x180.gif
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
88.99.219.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cp27.eskhosting.com
Software
nginx/1.20.1 /
Resource Hash
95d9bb24682185be85b699a35df222ac6ec2a7760baf7d9e2241af9f17042d33

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Last-Modified
Mon, 06 Feb 2012 17:36:48 GMT
Server
nginx/1.20.1
ETag
"4f300fb0-17bba"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
97210
show_ads.js
pagead2.googlesyndication.com/pagead/ 		97 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d03b98e10261f4807504ce30bb32c443ca89a9b9d8b59c7a99130c3d1d1eca57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Sun, 25 Jul 2021 15:26:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
1125903639542399627
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
35425
X-XSS-Protection
0
Expires
Sun, 25 Jul 2021 15:26:25 GMT
loader.js
connect.mail.ru/js/
Redirect Chain
  • http://cdn.connect.mail.ru/js/loader.js
  • http://connect.mail.ru/js/loader.js
8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://connect.mail.ru/js/loader.js
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
94.100.180.55 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
connect.mail.ru
Software
nginx /
Resource Hash
749ac42703ade78a5ed1277ed14fb8adb16ee555cd0997b07c902371bc1fee07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 14 Jul 2021 12:42:39 GMT
Server
nginx
ETag
W/"60eedbbf-213e"
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options
DENY
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
application/javascript
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
X-Content-Type-Options
nosniff
Server
nginx
Content-Type
text/html
Location
http://connect.mail.ru/js/loader.js
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
178
share.js
yandex.st/share/ 		53 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://yandex.st/share/share.js
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Content-Encoding
gzip
NEL
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Transfer-Encoding
chunked
Report-To
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Connection
keep-alive
X-Nginx-Request-Id
ab5ce38371cfb4b3
Last-Modified
Wed, 24 Oct 2018 16:00:42 GMT
Server
nginx/1.17.9
Etag
W/"db7132f94e4730c128b638f72b46c899"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=43200000; includeSubDomains;
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216013
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Wed, 28 Jul 2021 03:22:05 GMT
counter.js
www.statcounter.com/counter/ 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.statcounter.com/counter/counter.js
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
172.67.38.97 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bd4667051083414e6918c646422069fdd0292fb55aff0e8b807ec4fbb496c09

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Last-Modified
Tue, 08 Jun 2021 08:51:42 GMT
Server
cloudflare
Age
22394
ETag
W/"60bf2f9e-9987"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=43200
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
67466813cd550204-ZRH
Expires
Sun, 25 Jul 2021 21:13:11 GMT
banner-88x31-rambler-green2.gif
top100-images.rambler.ru/top100/ 		949 B
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://top100-images.rambler.ru/top100/banner-88x31-rambler-green2.gif
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
81.19.89.1 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
top100.rambler.ru
Software
nginx /
Resource Hash
c29c08b5aa7ead079e0f37a61627f58283862e84c73b86d65fa03772305161ab

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-bytes-rcv
0
Date
Sun, 25 Jul 2021 15:26:25 GMT
via
1.1 varnish (Varnish/6.1)
x-upstream-addr
10.144.36.20:80
age
1392
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
x-upstream-responsetime
-3
x-varnish-hostname
cb57bbd3bcf9b7a988d53aa4ba029c04
x-upstream-headertime
0
Connection
keep-alive
Content-Length
949
Keep-Alive
timeout=40
x-upstream-connecttime
1
x-varnish
872741814 893835912
Server
nginx
etag
"7cd618dcd33252c6708a1e90e59c1907"
vary
Accept, Origin
x-amz-request-id
acd7d2c7-8d87-4a42-ad39-056f960ea1d2
x-bytes-snd
0
accept-ranges
bytes
Content-Type
image/gif
x-time
-2
misto_88x31.gif
misto.zp.ua/img/ 		28 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://misto.zp.ua/img/misto_88x31.gif
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
91.239.233.47 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
afisha.zp.ua
Software
nginx/1.14.2 /
Resource Hash
be97ea5d59044dec752f769edd2be499069643df0a6bee0035d78d704ec76240

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Content-Encoding
gzip
Last-Modified
Sun, 17 Aug 2008 14:54:11 GMT
Server
nginx/1.14.2
ETag
W/"48a83b93-710e"
Vary
Accept-Encoding
X-Cache
HIT from Backend
Content-Type
image/gif
Cache-Control
max-age=315360000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Thu, 31 Dec 2037 23:55:55 GMT
reiting_a19883fca95d0e5ec7ee6c94c6c32028.gif
misto.zp.ua/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://misto.zp.ua/img/reiting_a19883fca95d0e5ec7ee6c94c6c32028.gif
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
91.239.233.47 , Ukraine, ASN196645 (HOSTPRO-AS, UA),
Reverse DNS
afisha.zp.ua
Software
nginx/1.14.2 /
Resource Hash
76ca001f38fa090ea0fde19ebb7e969ea7b2bba584992a935f5a4fef858e90ae

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Content-Encoding
gzip
Server
nginx/1.14.2
Vary
Accept-Encoding
Content-Type
image/gif
Cache-Control
private, public
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=60
Expires
Fri, 30 Jul 2021 15:26:26GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • http://top-fwz1.mail.ru/counter?id=2453840;t=475;l=1
  • https://top-fwz1.mail.ru/counter?id=2453840;t=475;l=1
  • https://top-fwz1.mail.ru/counter2?id=2453840;t=475;l=1
2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://top-fwz1.mail.ru/counter2?id=2453840;t=475;l=1
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
8f6b572b1e2a73592ce3ef051e37a0466f4928896f1f910e95055ba360f90da8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
2338
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Sun, 25 Jul 2021 15:26:26 GMT
x-content-type-options
nosniff
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?id=2453840;t=475;l=1
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
top100.jcn
counter.rambler.ru/
Redirect Chain
  • http://counter.rambler.ru/top100.jcn?1845179
  • https://counter.rambler.ru/top100.jcn?1845179
74 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://counter.rambler.ru/top100.jcn?1845179
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
f0281752cc240dcd1b2478b12691b7822f4ff6ea649404bcd783920b5a5ffd44

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
server
nginx/1.19.4
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type
application/octet-stream, application/javascript

Redirect headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Server
nginx/1.19.4
Access-Control-Allow-Methods
GET, POST, OPTIONS
P3P
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
Location
https://counter.rambler.ru/top100.jcn?1845179
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html
Access-Control-Allow-Headers
content-type
Content-Length
171
bg.gif
muxtar.com.ua/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://muxtar.com.ua/images/bg.gif
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
88.99.219.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cp27.eskhosting.com
Software
nginx/1.20.1 /
Resource Hash
9af956c2e071fc1e1d2190c49a6f4a6378db1fcbd46a7649c8b67eb248b2f81d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
muxtar.com.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://muxtar.com.ua/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Last-Modified
Wed, 12 Aug 2009 13:45:36 GMT
Server
nginx/1.20.1
ETag
"4a82c780-44b"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1099
nadpis.png
muxtar.com.ua/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://muxtar.com.ua/images/nadpis.png
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
88.99.219.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cp27.eskhosting.com
Software
nginx/1.20.1 /
Resource Hash
df66a811c7972c892a61bf73f73070b4fbe2d940bad7565d3ebeae01df36e53f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
muxtar.com.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://muxtar.com.ua/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Last-Modified
Thu, 03 Sep 2009 15:34:54 GMT
Server
nginx/1.20.1
ETag
"4a9fe21e-3f8e"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16270
sobak.png
muxtar.com.ua/images/ 		89 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://muxtar.com.ua/images/sobak.png
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
88.99.219.19 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cp27.eskhosting.com
Software
nginx/1.20.1 /
Resource Hash
48a7bb4c3019761d1408963c07a279d73bf1bb927a8e635970399d690e9bdb40

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
muxtar.com.ua
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer
http://muxtar.com.ua/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:25 GMT
Last-Modified
Thu, 03 Sep 2009 15:34:51 GMT
Server
nginx/1.20.1
ETag
"4a9fe21b-163dd"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
91101
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 		149 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1157556a79b9b9ed1f42f16a1b72326d21a57cf5efcef8c4d3b54264d2d4b94c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 16:02:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
343425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52298
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 13:43:54 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 16:02:40 GMT
all.js
connect.facebook.net/ru_RU/
Redirect Chain
  • http://connect.facebook.net/ru_RU/all.js
  • https://connect.facebook.net/ru_RU/all.js
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/all.js
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b216ac3521f384c732086fd6fcdf39542d8bd42407b76e5cb8fcf5fa4f12c4ba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
5Jxcxot5ijky2Mqz5MvFNA==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
zYdKk72rU9NQBKd5lqvPK71fpkd92m+GIIGKrWPUYYF+K9J33QHU3GTaRXsZNzjbQuLuAjTtcBOnFWhQHl9zjQ==
x-fb-trip-id
686109401
x-fb-content-md5
f5808fddb220bc1f34f068402c42c5d8
x-frame-options
DENY
date
Sun, 25 Jul 2021 15:26:25 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"54aa7519fb336a58061638d961781714"
timing-allow-origin
*
priority
u=3,i
expires
Sun, 25 Jul 2021 15:37:37 GMT

Redirect headers

Location
https://connect.facebook.net/ru_RU/all.js#xfbml=1
Non-Authoritative-Reason
HSTS
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/ 		250 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd53a305a61a6a7bfa3b7704e9eed801ffe058954baed4784f554fd3991155fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
95172
x-xss-protection
0
server
cafe
etag
13136452362334458347
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 25 Jul 2021 15:26:25 GMT
all.js
connect.facebook.net/ru_RU/ 		233 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/ru_RU/all.js?hash=a81e88954990666de4bf9c8678ee1df5
Requested by
Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/all.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
787b6fa1440172d52b8f0037f1efcddc370d354c79bc0cb41fb1e6d6031cc4ed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
http://muxtar.com.ua
Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
QDWmVc3x+8Uqr45iCHnoFw==
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
69141
x-fb-rlafr
0
x-fb-debug
sSxrZYUsuAOE1pdv+jZN3XF0JjNRhAFnMav5kNpGcf48qz9dVKuW3Lv7eORSzL35Cp/oMAbz3EF9v9CBvRgaIA==
x-fb-content-md5
2581e525e4a60f1c4f70778aeb48c651
x-frame-options
DENY
date
Sun, 25 Jul 2021 15:26:25 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"64dc2211dda0ad0fa8361c02cf594f38"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 25 Jul 2022 15:17:38 GMT
api_min.js
my2.imgsmail.ru/mail/ru/images/js/connect/api/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://my2.imgsmail.ru/mail/ru/images/js/connect/api/api_min.js?16
Requested by
Host: cdn.connect.mail.ru
URL: http://cdn.connect.mail.ru/js/loader.js
Protocol
HTTP/1.1
Server
185.5.137.210 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
mystatic10.i.mail.ru
Software
nginx /
Resource Hash
1b0d186bc810df942a3c3e3e435347dadbe3ed3965a8181ed4264879153042a0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 12:38:49 GMT
Server
nginx
ETag
W/"60eedad9-c525"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
http://my.mail.ru
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
grstat
my.mail.ru/ 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://my.mail.ru/grstat?name=my.api.browsers.total:my.api.browsers.chrome.89&r=0.7545944564319977
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
94.100.180.38 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
my.mail.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options
DENY
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
upload.gif
vk.com/images/ 		230 B
403 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vk.com/images/upload.gif
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-e6"
content-type
image/gif
cache-control
max-age=604800
accept-ranges
bytes
content-length
230
expires
Sun, 01 Aug 2021 15:26:26 GMT
t.php
c.statcounter.com/ 		380 B
747 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=4992122&u1=8948D13E355C4FB105FBCB291306E7E4&java=1&security=3447380f&sc_snum=1&sess=8987a3&sc_rum_e_s=656&sc_rum_e_e=660&sc_rum_f_s=0&sc_rum_f_e=566&p=0&rcat=d&rdom=d&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=http%3A//muxtar.com.ua/&t=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&get_config=true
Requested by
Host: www.statcounter.com
URL: http://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.53.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e0ff193ba02cc7fdee2e521893e94ea3f8d9605e044d56bc282c72c4d87b93c

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
67466814ce760204-ZRH
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-origin
http://muxtar.com.ua
access-control-allow-credentials
true
content-type
application/json
expires
Mon, 26 Jul 1997 05:00:00 GMT
code.js
top-fwz1.mail.ru/js/ 		24 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://top-fwz1.mail.ru/js/code.js
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
4d396cf09445102d6fbb4a89372a193497a4c9a60894707a55862ca13fc32c1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Connection
keep-alive
Access-Control-Allow-Headers
*
AMP-Access-Control-Allow-Source-Origin
*
Last-Modified
Thu, 15 Jul 2021 14:55:53 GMT
Server
nginx
ETag
W/"60f04c79-60e6"
Access-Control-Allow-Methods
GET, POST, HEAD, PUT, OPTIONS
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
AMP-Access-Control-Allow-Source-Origin
Cache-Control
max-age=3600, private
Access-Control-Allow-Credentials
true
Accept-CH-Lifetime
86400
Accept-CH
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
Timing-Allow-Origin
*
Keep-Alive
timeout=60
Expires
Sun, 25 Jul 2021 16:26:26 GMT
widget_like.php
vk.com/ Frame 48B4 		8 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Requested by
Host: userapi.com
URL: http://userapi.com/js/api/openapi.js?49
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107967
Resource Hash
975dae9ec12bdc3e02a04b8ead79c28b4f5730217fe12495cb3d19311deb1f40
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
Strict-Transport-Security max-age=15768000
X-Xss-Protection 1; report=/xss_reports

Request headers

:method
GET
:authority
vk.com
:scheme
https
:path
/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

server
kittenx
date
Sun, 25 Jul 2021 15:26:26 GMT
content-type
text/html; charset=windows-1251
content-length
3393
x-powered-by
KPHP/7.4.107967
set-cookie
remixir=DELETED; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/; domain=.vk.com; secure; HttpOnly; SameSite=None remixlang=3; expires=Tue, 19 Jul 2022 22:35:33 GMT; path=/; domain=.vk.com; secure; SameSite=None remixstid=2018457911_gPEzBkG5XaSyiCGXfIO4lS2POgH9zAo7pceGkFIooZD; expires=Sun, 24 Jul 2022 03:58:07 GMT; path=/; domain=.vk.com; secure; SameSite=None
cache-control
no-store
content-security-policy
default-src * data: blob: about: vkcalls:;script-src 'self' https://vk.com https://*.vk.com https://static.vk.me https://*.mail.ru https://r.mradx.net https://s.ytimg.com https://platform.twitter.com https://cdn.syndication.twimg.com https://www.instagram.com https://connect.facebook.net https://telegram.org https://*.yandex.ru https://*.google-analytics.com https://*.youtube.com https://maps.googleapis.com https://translate.googleapis.com https://*.google.com https://google.com https://*.vkpartner.ru https://*.moatads.com https://*.adlooxtracking.com https://*.gstatic.com https://*.google.ru https://securepubads.g.doubleclick.net https://cdn.ampproject.org https://www.googletagmanager.com https://googletagmanager.com https://*.vk-cdn.net https://*.hit.gemius.pl https://yastatic.net https://analytics.tiktok.com 'unsafe-inline' 'unsafe-eval' blob:;style-src https://vk.com https://*.vk.com https://static.vk.me https://ton.twimg.com https://tagmanager.google.com https://platform.twitter.com https://*.googleapis.com 'self' 'unsafe-inline'
x-xss-protection
1; report=/xss_reports
content-encoding
gzip
x-frontend
front225206
strict-transport-security
max-age=15768000
access-control-expose-headers
X-Frontend
cookie.js
partner.googleadservices.com/gampad/ 		203 B
657 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=muxtar.com.ua&callback=_gfp_s_&client=ca-pub-4605509088091413
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
8912575bd0f82d6cc7cfe1211b468d0ba262e4c50ab048fccdff575e0f675c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
192
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=muxtar.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=muxtar.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 19C2 		94 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0505f08376c9b9213154fc91e4bf7618ed3a29a5fc75ef0f76f9f0266a0db13b
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLKLtpTE_vECFROaewodn8QCyA&gqi=ooL9YNTjA-mW9u8P0vSaqA0&layout=/sadbundle/%24csp%253Der3%24/2603614729101620139/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLKLtpTE_vECFROaewodn8QCyA&gqi=ooL9YNTjA-mW9u8P0vSaqA0&layout=/sadbundle/%24csp%253Der3%24/2603614729101620139/index.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Sun, 25 Jul 2021 15:26:26 GMT
server
cafe
content-length
33726
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 15:41:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 15:26:26 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039897272555"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27998
x-xss-protection
0
expires
Sun, 25 Jul 2021 15:26:26 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F782 		0
159 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=600&slotname=8354661122&adk=1408608796&adf=2795535319&pi=t.ma~as.8354661122&w=120&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785999&bpp=4&bdt=533&idt=59&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1705174938&correlator=4362156468550&frm=20&pv=1&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1449&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PCkPzlnlWV&p=http%3A//muxtar.com.ua&dtd=62
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4605509088091413&output=html&h=600&slotname=8354661122&adk=1408608796&adf=2795535319&pi=t.ma~as.8354661122&w=120&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785999&bpp=4&bdt=533&idt=59&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&prev_slotnames=1705174938&correlator=4362156468550&frm=20&pv=1&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1449&ady=174&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7Cn&abl=XS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=PCkPzlnlWV&p=http%3A//muxtar.com.ua&dtd=62
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 15:26:26 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Sun, 25-Jul-2021 15:41:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 15:26:26 GMT
cache-control
private
loader_nav21558013818_3.js
vk.com/js/ Frame 48B4 		138 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/loader_nav21558013818_3.js
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107967
Resource Hash
08d39219c8286d86ad35fe77e118b324f1f490c129b932758d37fce80a6f08bc
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
x-frontend
front225206
server
kittenx
x-powered-by
KPHP/7.4.107967
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
no-store
content-length
36698
lite.d3add5d6f70e9dfd6157.css
st6-21.vk.com/css/al/ Frame 48B4 		324 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-21.vk.com/css/al/lite.d3add5d6f70e9dfd6157.css
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 , Russian Federation, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
1f80fc69c4d044628dda27c6dfb81864987dbaba51d797abbbf115fa2231d9ff
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
br
x-frontend
front6-21
last-modified
Fri, 16 Jul 2021 14:18:39 GMT
server
kittenx
etag
"60f1953f-a267"
strict-transport-security
max-age=15768000
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
41575
expires
Thu, 29 Jul 2021 15:26:26 GMT
lite.js
vk.com/js/al/ Frame 48B4 		266 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/al/lite.js?101
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx /
Resource Hash
a93426ee67ff3671a86acc9002fae39dd362f5e7b4e2cd252095c28f2dda5071

Request headers

Referer
https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
br
x-frontend
front225206
last-modified
Tue, 13 Jul 2021 12:12:37 GMT
server
kittenx
etag
"60ed8335-f3e2"
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
62434
expires
Thu, 29 Jul 2021 15:26:26 GMT
lang3_0.js
vk.com/js/ Frame 48B4 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vk.com/js/lang3_0.js?27120446
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
87.240.190.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS
srv78-190-240-87.vk.com
Software
kittenx / KPHP/7.4.107967
Resource Hash
02832722693c48c5d33a299600c36fd408a9d39ecdb6be023a7efd9ecd780edf
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
x-frontend
front225206
server
kittenx
x-powered-by
KPHP/7.4.107967
strict-transport-security
max-age=15768000
content-type
text/javascript; charset=windows-1251
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
content-length
11596
xdm.js
st6-21.vk.com/js/api/ Frame 48B4 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-21.vk.com/js/api/xdm.js?9
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 , Russian Federation, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
br
x-frontend
front6-21
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-b1e"
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
2846
expires
Thu, 29 Jul 2021 15:26:26 GMT
widgets.73e6565c4bebf0a749e3.css
st6-21.vk.com/css/al/ Frame 48B4 		26 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-21.vk.com/css/al/widgets.73e6565c4bebf0a749e3.css
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 , Russian Federation, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
41df0d9772d211749a5feb51196106f25eb3ba40814a584381255e71e91225c5
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
br
x-frontend
front6-21
last-modified
Tue, 13 Jul 2021 12:17:49 GMT
server
kittenx
etag
"60ed846d-f8a"
strict-transport-security
max-age=15768000
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
3978
expires
Thu, 29 Jul 2021 15:26:26 GMT
al_like.js
st6-21.vk.com/js/api/widgets/ Frame 48B4 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://st6-21.vk.com/js/api/widgets/al_like.js?30
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 , Russian Federation, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
43fe62030092e73be7d24ffff01910b0046174c3e61f2a3a4a01de13bb367a6e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
br
x-frontend
front6-21
last-modified
Tue, 22 Sep 2020 20:30:00 GMT
server
kittenx
etag
"5f6a5ec8-e8f"
strict-transport-security
max-age=15768000
content-type
application/x-javascript
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
3727
expires
Thu, 29 Jul 2021 15:26:26 GMT
base.94387d2404a2a224e395.css
st6-21.vk.com/css/al/ Frame 48B4 		109 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st6-21.vk.com/css/al/base.94387d2404a2a224e395.css
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 , Russian Federation, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
85ca9a330378bc7b6fdc5d293392086097d9746969e3406c13bcdd1c27583c8f
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
br
x-frontend
front6-21
last-modified
Thu, 22 Jul 2021 08:47:11 GMT
server
kittenx
etag
"60f9308f-451e"
strict-transport-security
max-age=15768000
content-type
text/css
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
17694
expires
Thu, 29 Jul 2021 15:26:26 GMT
counter2
top-fwz1.mail.ru/
Redirect Chain
  • https://top-fwz1.mail.ru/counter?js=13;id=2453840;u=http%3A//muxtar.com.ua/;title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D...
  • https://top-fwz1.mail.ru/counter2?js=13;id=2453840;u=http%3A//muxtar.com.ua/;title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%...
43 B
959 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter2?js=13;id=2453840;u=http%3A//muxtar.com.ua/;title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=e91a61c6d98f74a4;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.1//4g/0/0/;lvid=1627226786138%3A1627226786154%3A1%3A27b277a435299fabbee521f9d5c04c19;_=0.5251307922687762
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
*
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

date
Sun, 25 Jul 2021 15:26:26 GMT
x-content-type-options
nosniff
access-control-allow-origin
http://muxtar.com.ua
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
0
pragma
no-cache
amp-access-control-allow-source-origin
http://muxtar.com.ua
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
location
https://top-fwz1.mail.ru/counter2?js=13;id=2453840;u=http%3A//muxtar.com.ua/;title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=e91a61c6d98f74a4;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.1//4g/0/0/;lvid=1627226786138%3A1627226786154%3A1%3A27b277a435299fabbee521f9d5c04c19;_=0.5251307922687762
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
http://muxtar.com.ua
access-control-allow-headers
*
truncated
/ 		193 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
daf6bd753b8e71772c43fcb672e05df9c28359debd96af19f8e41a3de11303e6

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
share_button
connect.mail.ru/ Frame A812
Redirect Chain
  • http://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=2...
  • https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
Requested by
Host: my2.imgsmail.ru
URL: http://my2.imgsmail.ru/mail/ru/images/js/connect/api/api_min.js?16
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.100.180.55 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
connect.mail.ru
Software
nginx /
Resource Hash
cced6635b7d12420896e6626292e254c407c3959bc86e0fe97cfe3ffb5c8d7f2

Request headers

Host
connect.mail.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
http://muxtar.com.ua/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
FTID=0bU8aD0IkFY3:1627226786:2453840:::
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

Server
nginx
Date
Sun, 25 Jul 2021 15:26:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Pragma
no-cache
Expires
Sat, 25 Jul 2020 15:26:26 GMT
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Sun, 25 Jul 2021 15:26:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Location
https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
like_widget.png
st6-21.vk.com/images/icons/ Frame 48B4 		538 B
802 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st6-21.vk.com/images/icons/like_widget.png
Requested by
Host: st6-21.vk.com
URL: https://st6-21.vk.com/css/al/widgets.73e6565c4bebf0a749e3.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.142.206.1 , Russian Federation, ASN60476 (MYCOM-AS, NL),
Reverse DNS
srv1-206.vkontakte.ru
Software
kittenx /
Resource Hash
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://st6-21.vk.com/css/al/widgets.73e6565c4bebf0a749e3.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
x-frontend
front6-21
last-modified
Tue, 22 Sep 2020 20:29:56 GMT
server
kittenx
etag
"5f6a5ec4-21a"
strict-transport-security
max-age=15768000
content-type
image/png
access-control-expose-headers
X-Frontend
cache-control
max-age=345600
accept-ranges
bytes
content-length
538
expires
Thu, 29 Jul 2021 15:26:26 GMT
code.js
top-fwz1.mail.ru/js/ Frame 48B4 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/js/code.js
Requested by
Host: vk.com
URL: https://vk.com/widget_like.php?app=2900497&width=100%25&_ver=1&page=0&url=http%3A%2F%2Fmuxtar.com.ua%2F&type=full&verb=0&color=&title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&description=&image=&text=&h=22&startWidth=1276&referrer=&17ade4648ce
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
4d396cf09445102d6fbb4a89372a193497a4c9a60894707a55862ca13fc32c1b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin
*
last-modified
Thu, 15 Jul 2021 14:55:53 GMT
server
nginx
etag
W/"60f04c79-60e6"
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
max-age=3600, private
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
*
access-control-allow-headers
*
expires
Sun, 25 Jul 2021 16:26:26 GMT
/
kraken.rambler.ru/cnt/ 		595 B
988 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kraken.rambler.ru/cnt/?et=pv&pid=1845179&rid=1627226786.363-1496223536&tid=t1.-1.261657471.1627226786364&v=1.18.17i&exp=exp_bot%2Csplit_b%2Cexp_ab3%2Cc&rn=590120464&bs=1600x1200&ce=1&rf&en=UTF-8&pt=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F&sr=1600x1200&cd=24-bit&la=en-US&ja=0&acn=Mozilla&an=Netscape&pl=Linux%20x86_64&tz=-120&fv&sv&lv&le=0&url=http%3A%2F%2Fmuxtar.com.ua%2F
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
81.19.89.17 Moscow, Russian Federation, ASN24638 (RAMBLER-TELECOM-AS, RU),
Reverse DNS
kraken.rambler.ru
Software
nginx/1.19.4 /
Resource Hash
2b6654f9a40a3eeb4380e98097b497e2c6ea9b27960733bbe52cebbef20f6b61

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
last-modified
Tue, 12 Nov 2019 12:50:59 GMT
x-srv
1node0038.top100.rambler.tech
etag
"5dcaaab3-253"
access-control-allow-methods
GET, POST, OPTIONS
p3p
CP="NON DSP NID ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
access-control-allow-headers
content-type
content-length
595
server
nginx/1.19.4
watch.js
mc.yandex.ru/metrika/
Redirect Chain
  • http://mc.yandex.ru/metrika/watch.js
  • https://mc.yandex.ru/metrika/watch.js
133 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6777ffd74911fce66a21f4c72e17c2384d0ea6a2752a813a768a12d3ef3a020a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
br
last-modified
Fri, 23 Jul 2021 14:42:53 GMT
etag
"60f95590-bac9"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
47817
expires
Sun, 25 Jul 2021 16:26:26 GMT

Redirect headers

Location
https://mc.yandex.ru/metrika/watch.js
Content-Length
0
b-share-form-button.png
yastatic.net/share/static/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yastatic.net/share/static/b-share-form-button.png
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
0fabebfd33907918ef76b3063b0139f31b3d08fc80f783cae1beb16a80b35efa
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Strict-Transport-Security
max-age=43200000; includeSubDomains;
NEL
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection
keep-alive
Content-Length
1057
X-Nginx-Request-Id
1ccabbc5d95d236e
Last-Modified
Wed, 24 Oct 2018 16:00:42 GMT
Server
nginx/1.17.9
Etag
"c100391be309efda6e7e7b3f2cbfa511"
Vary
Accept-Encoding
Report-To
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216009
Accept-Ranges
bytes
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Wed, 28 Jul 2021 03:24:21 GMT
b-share-form-button_share__icon.png
yastatic.net/share/static/ 		531 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yastatic.net/share/static/b-share-form-button_share__icon.png
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
a099d68e34e33bb313e2b6defc561beefd64db26ffe61d91619d11d877231dde
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Strict-Transport-Security
max-age=43200000; includeSubDomains;
NEL
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection
keep-alive
Content-Length
531
X-Nginx-Request-Id
a04078db03faaf7b
Last-Modified
Wed, 24 Oct 2018 16:00:42 GMT
Server
nginx/1.17.9
Etag
"72e573a824d005d4393c17ae435fa25b"
Vary
Accept-Encoding
Report-To
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216009
Accept-Ranges
bytes
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Wed, 28 Jul 2021 03:24:40 GMT
b-share-icon.png
yastatic.net/share/static/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yastatic.net/share/static/b-share-icon.png
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
4518d4c73cc79f597d32c09c25b38ef44da466f502c31e2023d1005f2f899713
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Strict-Transport-Security
max-age=43200000; includeSubDomains;
NEL
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection
keep-alive
Content-Length
4637
X-Nginx-Request-Id
d6893e169d62f8f9
Last-Modified
Wed, 24 Oct 2018 16:00:42 GMT
Server
nginx/1.17.9
Etag
"24bc3d4a0d287d95c0fb2ec150c1776e"
Vary
Accept-Encoding
Report-To
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216009
Accept-Ranges
bytes
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Wed, 28 Jul 2021 03:21:51 GMT
b-share-popup_down__tail.png
yastatic.net/share/static/ 		305 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://yastatic.net/share/static/b-share-popup_down__tail.png
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
23aca3eb9d500bc7291222cb8b42c2b4587c14e93e2d677aeaf6ffd7a97d8036
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Strict-Transport-Security
max-age=43200000; includeSubDomains;
NEL
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection
keep-alive
Content-Length
305
X-Nginx-Request-Id
58dd10ba98572c84
Last-Modified
Wed, 24 Oct 2018 16:00:42 GMT
Server
nginx/1.17.9
Etag
"aa51277c3fccebc88a582e9c81e1424e"
Vary
Accept-Encoding
Report-To
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216009
Accept-Ranges
bytes
Timing-Allow-Origin
*
Keep-Alive
timeout=5
Expires
Wed, 28 Jul 2021 03:24:44 GMT
like.php
www.facebook.com/plugins/ Frame A928 		0
883 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ffb1fd5e10b48%26domain%3Dmuxtar.com.ua%26origin%3Dhttp%253A%252F%252Fmuxtar.com.ua%252Ff2374f41c4041d%26relation%3Dparent.parent&container_width=1096&font=arial&href=http%3A%2F%2Fmuxtar.com.ua%2F&locale=ru_RU&sdk=joey&send=true&show_faces=true&width=450
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/all.js?hash=a81e88954990666de4bf9c8678ee1df5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
www.facebook.com
:scheme
https
:path
/plugins/like.php?app_id=&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df2ffb1fd5e10b48%26domain%3Dmuxtar.com.ua%26origin%3Dhttp%253A%252F%252Fmuxtar.com.ua%252Ff2374f41c4041d%26relation%3Dparent.parent&container_width=1096&font=arial&href=http%3A%2F%2Fmuxtar.com.ua%2F&locale=ru_RU&sdk=joey&send=true&show_faces=true&width=450
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

content-type
text/html;charset=utf-8
pragma
no-cache
cache-control
private, no-cache, no-store, must-revalidate
expires
Sat, 01 Jan 2000 00:00:00 GMT
content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
cross-origin-opener-policy
same-origin-allow-popups
x-content-type-options
nosniff
x-xss-protection
0
x-fb-debug
hc0KjKsekDwF6T5jXYcrzIhXaEBI6owxD1EnK+zajhnyov3tYs/MmcjYF6uqTi8EkqSti5r3Pij+kou9oYI68w==
content-length
0
date
Sun, 25 Jul 2021 15:26:26 GMT
priority
u=3,i
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ 		96 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_1?le=ili,ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fc82df2f8041f07089f9f1de17bde75873054929b9b291768798401c210a7cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 19:20:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
331577
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34128
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 13:43:54 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 19:20:09 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 3E5F 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&hl=ru&origin=http%3A%2F%2Fmuxtar.com.ua&url=http%3A%2F%2Fmuxtar.com.ua%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8

Request headers

:method
GET
:authority
apis.google.com
:scheme
https
:path
/u/0/se/0/_/+1/fastbutton?usegapi=1&hl=ru&origin=http%3A%2F%2Fmuxtar.com.ua&url=http%3A%2F%2Fmuxtar.com.ua%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=219=A6UO_TPIkjPLkwXW05NeanZy3iNTG3mJpP2udsHn7EcYi8elCveS2HpjZssbokFNiizapnvttNAS8RNKtC_JfjLtijXSckDXrY1JQPpNtuFjqymic8lmOm8Bm10S8GxzNNJtoSKosu-DA5zQ-O-AwCvMOXmn7fEcYFQsB1fQTaU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

content-type
text/html; charset=UTF-8
referrer-policy
no-referrer
content-length
1585
date
Sun, 25 Jul 2021 15:26:26 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
postmessageRelay
accounts.google.com/o/oauth2/ Frame 7317 		566 B
882 B 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fmuxtar.com.ua&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_1?le=ili,ipu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4f0f1e17ac4d18cdd50ac4ec911a60fcfeec7fb2831058801fa4a0db9972100a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DZLzTuvkKx8giVl3xQ6XIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fmuxtar.com.ua&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=219=A6UO_TPIkjPLkwXW05NeanZy3iNTG3mJpP2udsHn7EcYi8elCveS2HpjZssbokFNiizapnvttNAS8RNKtC_JfjLtijXSckDXrY1JQPpNtuFjqymic8lmOm8Bm10S8GxzNNJtoSKosu-DA5zQ-O-AwCvMOXmn7fEcYFQsB1fQTaU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 25 Jul 2021 15:26:26 GMT
content-security-policy
script-src 'report-sample' 'nonce-DZLzTuvkKx8giVl3xQ6XIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/ Frame 19C2 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:23:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
194
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7622
x-xss-protection
0
server
cafe
etag
16178317465966918049
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 15:23:12 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 19C2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:25:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 15:25:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 19C2 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1627039891503395"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38153
x-xss-protection
0
expires
Sun, 25 Jul 2021 15:26:26 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/ Frame 19C2 		14 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210720/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:23:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
201
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6195
x-xss-protection
0
server
cafe
etag
10716856519410487149
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 08 Aug 2021 15:23:05 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/ Frame DA37 		11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eee6c99ecb427ef540e86bab62ceda70b3cf3e490d3b8a630e9e0cb1f93bbfa
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/2603614729101620139/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3272
date
Tue, 20 Jul 2021 14:43:48 GMT
expires
Wed, 20 Jul 2022 14:43:48 GMT
last-modified
Wed, 30 Jun 2021 17:48:17 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
age
434558
cache-control
public, max-age=31536000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 19C2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=ClIhAooL9YLKyBJO07gOfiYvADJ7qy9hjwbmw-JkOrgIQASD1k8sUYJUCoAHQxqPhA8gBCakC_yE_AJDkfj6oAwHIA0iqBKwBT9Da3eIDcp1QUQyKU1gPWfVKD--YbxFx_gqg_abaZhTtfyyTrQVoK1-i7016DoPzFhZ8_kwjNRmmdGe-0SylZ_Hum6wUT3Y0jA4dV7XiQ2gcbUKcGkOGA9adUatcY4bmAhkK-J6FtX5ztUBub8ktFS04PL6Oj7wZ2VK5HiajdxdYAkbWFu0aaDnc_vNt_3IVvgaeqSu634jSNyY4rWwCLmo5fXhkRK-RFsqwSsAEhabPutwBkgUECAQYAZIFBAgFGASgBi6AB5i53B6oB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQnrcB0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshcaChgIABIUcHViLTQ2MDU1MDkwODgwOTE0MTM&sigh=c86UaTbdEG8&template_id=419
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 25 Jul 2021 15:26:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 25 Jul 2021 15:26:26 GMT
googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 3E5F 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png
Requested by
Host: apis.google.com
URL: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&hl=ru&origin=http%3A%2F%2Fmuxtar.com.ua&url=http%3A%2F%2Fmuxtar.com.ua%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:30:00 GMT
server
sffe
content-type
image/png
cache-control
private, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3170
x-xss-protection
0
expires
Sun, 25 Jul 2021 15:26:26 GMT
counter
top-fwz1.mail.ru/ Frame 48B4 		43 B
900 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/counter?js=13;id=2685520;u=http%3A//muxtar.com.ua/;st=1627226786356;pid=0;title=%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80!%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F;s=1600*1200;vp=350*22;touch=0;hds=1;frame=1;flash=;sid=9adc35c08d9b3478;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=10//4g/0/0/;lvid=1627226786487%3A1627226786488%3A1%3A319f0b1913ce51a3629ab2f82728093a;_=0.6539090247685238
Requested by
Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
https://vk.com
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
https://vk.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
https://vk.com
access-control-allow-headers
*
s
googleads.g.doubleclick.net/pagead/drt/ Frame 4525 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Sun, 25 Jul 2021 14:42:56 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2610
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 19C2 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c1505db69b59103f40d0dd62f0f66546edd72be8b654b64e7663367bc8b5e655

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
2038943760-postmessagerelay.js
ssl.gstatic.com/accounts/o/ Frame 7317 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fmuxtar.com.ua&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Jul 2021 12:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269664
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4265
x-xss-protection
0
last-modified
Wed, 21 Jul 2021 02:25:18 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Jul 2022 12:32:02 GMT
rpc:shindig_random.js
apis.google.com/js/ Frame 7317 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/rpc:shindig_random.js?onload=init
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Fmuxtar.com.ua&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US.4sn9RO63fqo.O%2Fam%3DAQ%2Fd%3D1%2Frs%3DAGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag%2Fm%3D__features__
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d99dccc4af2dcb8e3b64249fb88549b5f0368708eec4b4c0acadc177b3ddce75
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FdA9eOwEOZKFT+EpSXzyfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"27112d2024262eac57ac21d95a79218e"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-FdA9eOwEOZKFT+EpSXzyfQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Sun, 25 Jul 2021 15:26:26 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DA37 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 19:35:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
71436
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 25 Jul 2021 19:35:50 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DA37 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 12:37:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10133
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10382
x-xss-protection
0
server
cafe
etag
12806417668659483808
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 26 Jul 2021 12:37:33 GMT
efd5af212b790b949ef103480dddb5e7.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/ Frame DA37 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/efd5af212b790b949ef103480dddb5e7.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
459033
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18481
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 17:48:17 GMT
server
sffe
date
Tue, 20 Jul 2021 07:55:53 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 07:55:53 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 4525
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&h=60&slotname=1705174938&adk=1790509131&adf=2627746307&pi=t.ma~as.1705174938&w=468&lmt=1627226786&url=http%3A%2F%2Fmuxtar.com.ua%2F&flash=0&wgl=1&dt=1627226785887&bpp=29&bdt=421&idt=150&shv=r20210720&mjsv=m202107220101&ptt=5&saldr=sa&abxe=1&correlator=4362156468550&frm=20&pv=2&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=636&ady=1389&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&pvsid=1778599375704385&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=ZU69yA7cIw&p=http%3A//muxtar.com.ua&dtd=166
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnHqlvCMJrV73t_oIJwqVas5V7-1lv4_cN454ZLksWV0zuXrSOjxzKq3llriBE; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 15:26:26 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Sun, 25-Jul-2021 16:26:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 15:26:26 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 15:26:26 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
jquery.js
my1.imgsmail.ru/r/js/ru/jsCore/jquery/ Frame A812 		214 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my1.imgsmail.ru/r/js/ru/jsCore/jquery/jquery.js
Requested by
Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.5.137.211 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
mystatic1.i.mail.ru
Software
nginx /
Resource Hash
c915b48765a756aecea1bde59036e7d4db96e0a7f17c39e8fe4187026f5ccf59

Request headers

Referer
https://connect.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 12:38:49 GMT
Server
nginx
ETag
W/"60eedad9-35795"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://my.mail.ru
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
uber-share.js
my1.imgsmail.ru/r/js/connect/share/ Frame A812 		45 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://my1.imgsmail.ru/r/js/connect/share/uber-share.js?1_2
Requested by
Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.5.137.211 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
mystatic1.i.mail.ru
Software
nginx /
Resource Hash
ba7bc979694591a79dbf8a8894fdd972478d91be79c6386520bab30fa5213b85

Request headers

Referer
https://connect.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 12:38:49 GMT
Server
nginx
ETag
W/"60eedad9-b478"
Transfer-Encoding
chunked
Content-Type
application/javascript
Access-Control-Allow-Origin
https://my.mail.ru
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
20.css
my1.imgsmail.ru/mail/ru/css/new/share/compiled/ Frame A812 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2
Requested by
Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.5.137.211 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
mystatic1.i.mail.ru
Software
nginx /
Resource Hash
7d2fc381aebbeca6bc929c34ff3af23c94352463c9233894221bb9120f030e63

Request headers

Referer
https://connect.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:26 GMT
Content-Encoding
gzip
Last-Modified
Wed, 14 Jul 2021 12:38:49 GMT
Server
nginx
ETag
W/"60eedad9-2294"
Transfer-Encoding
chunked
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Expires
Thu, 31 Dec 2037 23:55:55 GMT
59df5ba64fc990563b3920f9327216ed.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/ Frame DA37 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/59df5ba64fc990563b3920f9327216ed.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f855bb73f7367d93773ef9ea339ec13d1f975ec2227ef74a34158b4f4886d104
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
495016
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 17:48:17 GMT
server
sffe
date
Mon, 19 Jul 2021 21:56:10 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Jul 2022 21:56:10 GMT
a68a48a3788c89521b0a08db628cf5da.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/ Frame DA37 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/a68a48a3788c89521b0a08db628cf5da.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f3254cbd24c031588b3fc27f9e027d3f426b22219c7e8ad9dcbb5250972c0871
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
424785
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18307
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 17:48:17 GMT
server
sffe
date
Tue, 20 Jul 2021 17:26:41 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 17:26:41 GMT
6b8dd078cfe4efa188262de7394fda82.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/ Frame DA37 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/6b8dd078cfe4efa188262de7394fda82.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c05b105ff7755a63433495cfd6e27ce7587b9ddbaf9d835fef5b3c8227c21343
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
443633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2397
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 17:48:17 GMT
server
sffe
date
Tue, 20 Jul 2021 12:12:33 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:12:33 GMT
2b3adcca8a1337928d60a7c53293531f.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/ Frame DA37 		7 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/2b3adcca8a1337928d60a7c53293531f.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59369ee0cb901244b3340cae33becc5e92960686819ee7b72525c61d3061be34
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
443633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1710
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 17:48:17 GMT
server
sffe
date
Tue, 20 Jul 2021 12:12:33 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:12:33 GMT
da1599ceb131023918c95a0ac7351b88.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/ Frame DA37 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/da1599ceb131023918c95a0ac7351b88.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bd7794609b4b15fb09cb3266ea55904c0727bc2b0479cedc4f22594f909acd7d
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
443633
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5019
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 17:48:17 GMT
server
sffe
date
Tue, 20 Jul 2021 12:12:33 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:12:33 GMT
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/ Frame 7317 		50 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US.4sn9RO63fqo.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCO5GqPeHrbNQGs79bP09BnjVkdwag/cb=gapi.loaded_0?le=ili,ipu
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ded3de6711e90ee906834dbd64ff18636b3f1a2463825e13f2fa0600417bfe2f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Jul 2021 16:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
342569
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17956
x-xss-protection
0
last-modified
Wed, 07 Jul 2021 13:43:54 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Jul 2022 16:16:57 GMT
24801f6d128cff0bc68ef5b2143ed5ec.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/ Frame DA37 		4 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/media/24801f6d128cff0bc68ef5b2143ed5ec.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2603614729101620139/index.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a64d2c1d8552f2ffe138c1688656745193026b699c8e461b7a4e116ce2c61c44
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
459033
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1317
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 17:48:17 GMT
server
sffe
date
Tue, 20 Jul 2021 07:55:53 GMT
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 20 Jul 2022 07:55:53 GMT
9ed6_nQfnMrUg05r027NxL2aUp_091DFxQGup7yyecw.js
pagead2.googlesyndication.com/bg/ Frame DA37 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9ed6_nQfnMrUg05r027NxL2aUp_091DFxQGup7yyecw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e77afe741f9ccad4834e6bd36ecdc4bd9a529ff4f750c5c501aea7bcb279cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
182
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13294
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Jul 2022 15:23:24 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9345.os5rk28nUzbZwtnAt1X187gtylvIVecMrbTYDBYcVO7fRQoUg7v0Q_CzPC98UJ_g.0NdhGlw9tpPLMZy55PLNuN0IZ10%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9345.WJw2YCTg0ckaE1ZQqIbj6d3ipARx2ZP3Us6tkRGAN9nTcCBzkypYgToqjaNuB_9pCSeOOR4weKmTkX7o7ZorMQ%2C%2C.L0M4S8AbmGvnFAy3W7dAsm6dnGs%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9345.WJw2YCTg0ckaE1ZQqIbj6d3ipARx2ZP3Us6tkRGAN9nTcCBzkypYgToqjaNuB_9pCSeOOR4weKmTkX7o7ZorMQ%2C%2C.L0M4S8AbmGvnFAy3W7dAsm6dnGs%2C
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:27 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9345.WJw2YCTg0ckaE1ZQqIbj6d3ipARx2ZP3Us6tkRGAN9nTcCBzkypYgToqjaNuB_9pCSeOOR4weKmTkX7o7ZorMQ%2C%2C.L0M4S8AbmGvnFAy3W7dAsm6dnGs%2C
date
Sun, 25 Jul 2021 15:26:26 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:26 GMT
last-modified
Fri, 23 Jul 2021 14:42:53 GMT
etag
"60f95590-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Sun, 25 Jul 2021 16:26:26 GMT
mm-oval.png
my1.imgsmail.ru/mail/ru/images/my/app/connect/share/presets/20/ Frame A812 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my1.imgsmail.ru/mail/ru/images/my/app/connect/share/presets/20/mm-oval.png
Requested by
Host: my1.imgsmail.ru
URL: https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.5.137.211 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
mystatic1.i.mail.ru
Software
nginx /
Resource Hash
b531632cd2388f2cfbfd5ebf18b8b8d73092b54250c8ddd75ebaea3e89cf2f80

Request headers

Referer
https://my1.imgsmail.ru/mail/ru/css/new/share/compiled/20.css?1_2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:27 GMT
Last-Modified
Thu, 16 Nov 2017 11:32:21 GMT
Server
nginx
ETag
"5a0d7745-1af7"
Content-Type
image/png
Cache-Control
max-age=604800
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6903
Expires
Sun, 01 Aug 2021 15:26:27 GMT
grstat
my.mail.ru/ Frame A812 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://my.mail.ru/grstat?name=shows&connect=1
Requested by
Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.100.180.38 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
my.mail.ru
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
https://connect.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:27 GMT
X-Content-Type-Options
nosniff
Server
nginx
X-WebKit-CSP-Report-Only
default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options
DENY
P3P
policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control
no-cache, no-store, must-revalidate, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
1; mode=block; report=https://cspreport.mail.ru/xxssprotection
d525461.gif
rs.mail.ru/ Frame A812 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rs.mail.ru/d525461.gif?0.9432218674515569
Requested by
Host: connect.mail.ru
URL: https://connect.mail.ru/share_button?type=insertable&caption-mm=3&caption-ok=3&width=100%25&nc=1&nt=1&domain=muxtar.com.ua&url=http%3A%2F%2Fapi.mail.ru&buttonID=5285161&faces_count=10&height=21&sz=21&st=oval&tp=small&caption=%D0%9D%D1%80%D0%B0%D0%B2%D0%B8%D1%82%D1%81%D1%8F&cp=1&host=http%3A%2F%2Fmuxtar.com.ua&wid=5582417&app_id=-1&appid=-1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://connect.mail.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 25 Jul 2021 15:26:27 GMT
Server
nginx
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSAo PSDo OUR BUS UNI NAV STA INT"
Content-Type
image/gif
Cache-Control
private, no-cache, no-store
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
43
1
mc.yandex.com/watch/26812653/
Redirect Chain
  • https://mc.yandex.com/watch/26812653?wmode=7&page-url=http%3A%2F%2Fmuxtar.com.ua%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3...
  • https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fmuxtar.com.ua%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf...
316 B
398 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fmuxtar.com.ua%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A632363516113%3Ahid%3A100791298%3Az%3A120%3Ai%3A20210725172626%3Aet%3A1627226787%3Ac%3A1%3Arn%3A791457252%3Au%3A1627226787126527838%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627226785349%3Ads%3A39%2C13%2C57%2C2%2C0%2C0%2C%2C903%2C35%2C%2C%2C%2C1020%3Adsn%3A38%2C14%2C56%2C2%2C%2C0%2C%2C908%2C36%2C%2C%2C%2C1019%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627226787%3At%3A%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80%21%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F
Requested by
Host: muxtar.com.ua
URL: http://muxtar.com.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
/
Resource Hash
6a04f576442335229cacfeb8ff03d70dc5f753b25484535dd25ad5a073840ec3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 15:26:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 25-Jul-2021 15:26:27 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
http://muxtar.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
316
x-xss-protection
1; mode=block
expires
Sun, 25-Jul-2021 15:26:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 25 Jul 2021 15:26:27 GMT
last-modified
Sun, 25-Jul-2021 15:26:27 GMT
location
/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Fmuxtar.com.ua%2F&charset=utf-8&site-info=%7B%22jquery%22%3Afalse%2C%22version%22%3Afalse%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aaldhbh95bz4klu53%3Afp%3A543%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A591%3Acn%3A1%3Adp%3A0%3Als%3A632363516113%3Ahid%3A100791298%3Az%3A120%3Ai%3A20210725172626%3Aet%3A1627226787%3Ac%3A1%3Arn%3A791457252%3Au%3A1627226787126527838%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1627226785349%3Ads%3A39%2C13%2C57%2C2%2C0%2C0%2C%2C903%2C35%2C%2C%2C%2C1020%3Adsn%3A38%2C14%2C56%2C2%2C%2C0%2C%2C908%2C36%2C%2C%2C%2C1019%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1627226787%3At%3A%D0%9A%D0%BE%20%D0%BC%D0%BD%D0%B5%2C%20%D0%9C%D1%83%D1%85%D1%82%D0%B0%D1%80%21%20-%20%D0%92%D1%81%D0%B5%20%D0%BE%20%D0%BD%D0%B5%D0%BC%D0%B5%D1%86%D0%BA%D0%BE%D0%B9%20%D0%BE%D0%B2%D1%87%D0%B0%D1%80%D0%BA%D0%B5%20%3A%3A%20%D0%93%D0%BB%D0%B0%D0%B2%D0%BD%D0%B0%D1%8F
strict-transport-security
max-age=31536000
access-control-allow-origin
http://muxtar.com.ua
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Sun, 25-Jul-2021 15:26:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		136 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f16a935d459a3bf85554bc55742924f23066053190a78a54904b6bf3e8a0140e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49260
x-xss-protection
0
server
cafe
etag
17688924842044148777
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 25 Jul 2021 15:26:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210720&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c85e6bc422bdb420d4447c40abe55e304620014568f4f559bbadfc5c47fc33d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8623
x-xss-protection
0
tracker
top-fwz1.mail.ru/ 		43 B
914 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://top-fwz1.mail.ru/tracker?js=13;id=2453840;u=http%3A//muxtar.com.ua/;st=1627226786369;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=e91a61c6d98f74a4;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1627226785349/////0/1/40/40/53//53/110/112/117/1020/1020/1055/1982/1982/;ni=9.1//4g/0/0/;lvid=1627226786138%3A1627226787335%3A2%3A27b277a435299fabbee521f9d5c04c19;_=0.8234381144681118;e=RT/load;et=1627226787334
Requested by
Host: top-fwz1.mail.ru
URL: http://top-fwz1.mail.ru/js/code.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
top-fwz1.mail.ru
Software
nginx /
Resource Hash
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 25 Jul 2021 15:26:27 GMT
x-content-type-options
nosniff
p3p
CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length
43
pragma
no-cache
amp-access-control-allow-source-origin
http://muxtar.com.ua
server
nginx
access-control-allow-methods
GET, POST, HEAD, PUT, OPTIONS
content-type
image/gif
access-control-allow-origin
http://muxtar.com.ua
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
private, no-cache, no-store, max-age=0
access-control-allow-credentials
true
accept-ch-lifetime
86400
accept-ch
DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin
http://muxtar.com.ua
access-control-allow-headers
*
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Sun, 25 Jul 2021 15:26:27 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/ Frame C1F6 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210720/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210720/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnHqlvCMJrV73t_oIJwqVas5V7-1lv4_cN454ZLksWV0zuXrSOjxzKq3llriBE; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Sun, 25 Jul 2021 01:27:57 GMT
expires
Sun, 08 Aug 2021 01:27:57 GMT
content-type
text/html; charset=UTF-8
etag
4389807852502320046
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
50310
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=muxtar.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=muxtar.com.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 25 Jul 2021 15:26:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5677 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4605509088091413&output=html&adk=1812271804&adf=3025194257&lmt=1627226787&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fmuxtar.com.ua%2F&ea=0&flash=0&pra=7&wgl=1&dt=1627226787390&bpp=2&bdt=1924&idt=2&shv=r20210720&mjsv=m202107220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a6ff9b860f113-222f389a76c9004e%3AT%3D1627226786%3ART%3D1627226786%3AS%3DALNI_MZoEzrrRR04UZDEnPrCwx2f04UNgw&prev_slotnames=1705174938%2C8354661122&nras=1&correlator=4362156468550&frm=20&pv=1&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&psts=AGkb-H-ohgoQqDu6gGXlkcmHhEOsil9S7OJuhOx_Es9ZO65cMP7is8-LLoob4o_5xXMBsRgA8Q1rgfn27YA&pvsid=1778599375704385&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=19
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202107220101/show_ads_impl_with_ama_fy2019.js?client=pub-4605509088091413&plah=muxtar.com.ua&amaexp=1&bust=31061979
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-4605509088091413&output=html&adk=1812271804&adf=3025194257&lmt=1627226787&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fmuxtar.com.ua%2F&ea=0&flash=0&pra=7&wgl=1&dt=1627226787390&bpp=2&bdt=1924&idt=2&shv=r20210720&mjsv=m202107220101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Db15a6ff9b860f113-222f389a76c9004e%3AT%3D1627226786%3ART%3D1627226786%3AS%3DALNI_MZoEzrrRR04UZDEnPrCwx2f04UNgw&prev_slotnames=1705174938%2C8354661122&nras=1&correlator=4362156468550&frm=20&pv=1&ga_vid=1295837626.1627226786&ga_sid=1627226786&ga_hid=1131861881&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31061979%2C20211866%2C21065725&oid=3&psts=AGkb-H-ohgoQqDu6gGXlkcmHhEOsil9S7OJuhOx_Es9ZO65cMP7is8-LLoob4o_5xXMBsRgA8Q1rgfn27YA&pvsid=1778599375704385&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=3&uci=a!3&fsb=1&dtd=19
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnHqlvCMJrV73t_oIJwqVas5V7-1lv4_cN454ZLksWV0zuXrSOjxzKq3llriBE; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Sun, 25 Jul 2021 15:26:27 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 25 Jul 2021 15:26:27 GMT
cache-control
private
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame BCF9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Sun, 25 Jul 2021 15:24:01 GMT
expires
Mon, 25 Jul 2022 15:24:01 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
146
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame FFB3 		783 B
532 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
abadaeaf4301eb917fb4c24515d356b0006f0c2677482df8fd6389f4c4f3e6b5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6/x09RXdEQa1uKayNgo82Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://muxtar.com.ua/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
NID=219=A6UO_TPIkjPLkwXW05NeanZy3iNTG3mJpP2udsHn7EcYi8elCveS2HpjZssbokFNiizapnvttNAS8RNKtC_JfjLtijXSckDXrY1JQPpNtuFjqymic8lmOm8Bm10S8GxzNNJtoSKosu-DA5zQ-O-AwCvMOXmn7fEcYFQsB1fQTaU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
http://muxtar.com.ua/

Response headers

expires
Sun, 25 Jul 2021 15:26:27 GMT
date
Sun, 25 Jul 2021 15:26:27 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-6/x09RXdEQa1uKayNgo82Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
9ed6_nQfnMrUg05r027NxL2aUp_091DFxQGup7yyecw.js
pagead2.googlesyndication.com/bg/ Frame BCF9 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/9ed6_nQfnMrUg05r027NxL2aUp_091DFxQGup7yyecw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e77afe741f9ccad4834e6bd36ecdc4bd9a529ff4f750c5c501aea7bcb279cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Jul 2021 15:23:24 GMT
content-encoding
br
x-content-type-options
nosniff
age
183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13294
x-xss-protection
0
last-modified
Wed, 14 Jul 2021 07:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 25 Jul 2022 15:23:24 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210720&jk=1778599375704385&bg=!eXqlej7NAAbnC78O5ws7ACkAdvg8WhDn9dY2axNQcMN9EVssxbe90AB3oTLYp1OOkTf56lbz7lC-jAIAAABgUgAAAAxoAQcKAR0vSn0sRVaVBBBGnLsBXrDHeOi9oCMOCdrJHGYkdrZJroHqBz-ZNhYMOdvI1MLvTvRtsbrX3_LhNGr1N4RBaTw38_4Ex_SB6Djcl7hXCCUGvD_XUvyNb03ciYkjA6BtGjt31ISEWVFbcUL24bFoTPUXc-VQJvsNgbXcW8tv1vzS4QMomCPsLGsXRm1ifnEwYnu4mS2zqnBQdGidOJwNH6gBEmYRFHDd7ESo9nzNEfkvoilitUFeUh--MdYsjRAbXNc31MJX0alRFDYdGO7CLoj4uR-D8yc5TX8SMvxv_PAXvlDeYBzeqyEeFSFlT7rpgwgeyWBBDH4mKP4sQMjV3uMPMuvfPp1ZmIgukzs8NwDuDogcoEEDpTJ-DGVlIFyZAnfIBHSXe4x7s8uxLk4L1AEkWAiQcedY5MwxtOaSqb28jzfqw0sgDElmk0-rmSXEEqOdVTbIf41VwQRKqjrzRR-kt49Us2-W3dlZVPFGlQsa8RnBYFYGU3w4CyR1SePyM3qYWCpY5D8cFFgXDnPkHMYxNxCghmj1ugMETBq9GhKulsbfWv425sx7WLEgZlGlJwYahe87FsT3VQBzhopR1RMN2WGPDJNowytxf_KCu5Lb-I9tLXdwJprck4NqtmiaxOfdsiOMHZoROpUq9gz87iX2hv4pQu-PLHrdDep0ZsCpXfl9nFoJMAeOougKV2rBUAxOJLxWbSb8GENceS3as3JjbQFv11lEYvwLuZBZ47ST-ktZEYAnfUqVT2FOw974s9EnxPKgqN3DQkAXKZOcvic9GkTOZ2W5P7g3QjrhbyEQ-sPjd6BnqrExa3sPUsqU7H_SblzYBUo766n6crwoAvVEjXrxPM2qV35r3IKwOklGGBe-Uz2WVzsYG-rSH4ci4EEn6GBI0Rq29ya7j-oRfrfHFDl1-IS5OIiPXEzVo1ntrTScQpiZP3WEDrhUvwfgPBKVIwJQrT5upLFrU010kLNZYaPctILueaHlKDhKkftJK-37WLKQFEbCoekINvQn9F31bE2E1fbwEFlgD88jNedX7CxSRvbcMpRDIHzCQpANj1_2DzfQfBdtCEQklZY_G0wSIcd2slTI4lao8-NKunHFh1ZkHi4oNqeU7ieCsbKu_9dHndw8pMe7DgCaAIxZkxZL7ymQpToc95r-8zsaocZrLd2VmuHZlbcI3ZawVnjhnTMmIBlPH3IoRORpw6x66n2Vz72VousB
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://muxtar.com.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 25 Jul 2021 15:26:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

222 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| im1 object| im2 object| im3 function| flipBtn function| nothing object| gapi object| ___jsl function| obj2qs object| fastXDM object| VK function| getAbsolutePos function| replaceText function| clearText function| absPosition object| google_ad_client object| google_ad_slot object| google_ad_width object| google_ad_height object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state boolean| google_onload_fired object| google_sa_queue object| google_sl_win function| google_process_slots number| google_unique_id object| google_ad_block object| google_ad_channel object| google_ad_format object| google_ad_host object| google_ad_host_channel object| google_ad_host_tier_id object| google_ad_layout object| google_ad_layout_key object| google_ad_output object| google_ad_region object| google_ad_section object| google_ad_type object| google_ad_unit_key object| google_ad_dom_fingerprint object| google_ad_semantic_area object| google_placement_id object| google_adtest object| google_allow_expandable_ads object| google_alternate_ad_url object| google_alternate_color object| google_apsail object| google_captcha_token object| google_city object| google_color_bg object| google_color_border object| google_color_line object| google_color_link object| google_color_text object| google_color_url object| google_container_id object| google_content_recommendation_ad_positions object| google_content_recommendation_columns_num object| google_content_recommendation_rows_num object| google_content_recommendation_ui_type object| google_content_recommendation_use_square_imgs object| google_contents object| google_country object| google_cpm object| google_ctr_threshold object| google_cust_age object| google_cust_ch object| google_cust_criteria object| google_cust_gender object| google_cust_id object| google_cust_interests object| google_cust_job object| google_cust_l object| google_cust_lh object| google_cust_u_url object| google_disable_video_autoplay object| google_enable_content_recommendations object| google_enable_ose object| google_encoding object| google_font_face object| google_font_size object| google_frame_id object| google_full_width_responsive_allowed object| efwr object| google_full_width_responsive object| gfwroh object| gfwrow object| gfwroml object| gfwromr object| gfwroz object| gfwrnh object| gfwrnwer object| gfwrnher object| google_gl object| google_hints object| google_image_size object| google_kw object| google_kw_type object| google_language object| google_loeid object| google_max_num_ads object| google_max_radlink_len object| google_max_responsive_height object| google_ml_rank object| google_mtl object| google_native_ad_template object| google_native_settings_key object| google_num_radlinks object| google_num_radlinks_per_unit object| google_override_format object| google_page_url object| google_pgb_reactive object| google_pucrd object| google_referrer_url object| google_region object| google_resizing_allowed object| google_resizing_height object| google_resizing_width object| rpe object| google_responsive_formats object| google_responsive_auto_format object| armr object| google_rl_dest_url object| google_rl_filtering object| google_rl_mode object| google_rt object| google_safe object| google_safe_for_responsive_override object| google_video_play_muted object| google_source_type object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_tag_origin object| google_tag_partner object| google_targeting object| google_tfs object| google_video_doc_id object| google_video_product_type object| google_webgl_support object| google_package object| google_debug_params object| dash object| google_restrict_data_processing boolean| google_apltlad object| google_sv_map object| FB object| osapi object| gapix object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow object| mailru object| Ya number| sc_project number| sc_invisible number| sc_partition number| sc_click_stat string| sc_security function| _statcounter object| _tmr function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ boolean| _gfp_a_ function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| goog function| Kraken function| top100 object| _top100q object| closure_lm_66610 object| _top100 object| yaCounter26812653 object| adsbygoogle object| GoogleGcLKhOms function| google_spfd object| google_image_requests

17 Cookies

Domain/Path Name / Value
.google.com/ Name: NID
Value: 219=A6UO_TPIkjPLkwXW05NeanZy3iNTG3mJpP2udsHn7EcYi8elCveS2HpjZssbokFNiizapnvttNAS8RNKtC_JfjLtijXSckDXrY1JQPpNtuFjqymic8lmOm8Bm10S8GxzNNJtoSKosu-DA5zQ-O-AwCvMOXmn7fEcYFQsB1fQTaU
.mail.ru/ Name: VID
Value: 1P0pp528HMo300000V0-D4o3:::0-0-0-617db62:CAASEGrQETiFJ3ifMb1trene5GgaYMgvD8FcFEj8dAEdLDbm1n_HA0SWRZMQ82-wd50bE-Pa1lXfdNs426WsGw7PxpfHtcSddrzqU38cOUahbIg9QUWs7doajo-b-Ae5IXo1rxkVJaUJhde9vkq2nGuOAvPalQ
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.mail.ru/ Name: p
Value: tB8BAJz0FwAA
.vk.com/ Name: remixstid
Value: 2018457911_gPEzBkG5XaSyiCGXfIO4lS2POgH9zAo7pceGkFIooZD
.vk.com/ Name: remixlang
Value: 3
.muxtar.com.ua/ Name: tmr_reqNum
Value: 2
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUnHqlvCMJrV73t_oIJwqVas5V7-1lv4_cN454ZLksWV0zuXrSOjxzKq3llriBE
.muxtar.com.ua/ Name: _ym_d
Value: 1627226787
.muxtar.com.ua/ Name: tmr_lvidTS
Value: 1627226786138
.muxtar.com.ua/ Name: __gads
Value: ID=b15a6ff9b860f113-222f389a76c9004e:T=1627226786:RT=1627226786:S=ALNI_MZoEzrrRR04UZDEnPrCwx2f04UNgw
.muxtar.com.ua/ Name: last_visit
Value: 1627219586366::1627226786366
.muxtar.com.ua/ Name: _ym_uid
Value: 1627226787126527838
.muxtar.com.ua/ Name: tmr_lvid
Value: 27b277a435299fabbee521f9d5c04c19
.muxtar.com.ua/ Name: _ym_isad
Value: 2
.muxtar.com.ua/ Name: sc_is_visitor_unique
Value: rx4992122.1627226786.8948D13E355C4FB105FBCB291306E7E4.1.1.1.1.1.1.1.1.1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
c.statcounter.com
cdn.connect.mail.ru
connect.facebook.net
connect.mail.ru
counter.rambler.ru
googleads.g.doubleclick.net
kraken.rambler.ru
mc.yandex.com
mc.yandex.ru
misto.zp.ua
muxtar.com.ua
my.mail.ru
my1.imgsmail.ru
my2.imgsmail.ru
pagead2.googlesyndication.com
partner.googleadservices.com
rs.mail.ru
ssl.gstatic.com
st6-21.vk.com
top-fwz1.mail.ru
top100-images.rambler.ru
tpc.googlesyndication.com
userapi.com
vk.com
www.facebook.com
www.google.com
www.googletagservices.com
www.muxtar.com.ua
www.profidog.com.ua
www.statcounter.com
yandex.st
yastatic.net
104.22.53.65
172.67.38.97
185.5.137.210
185.5.137.211
216.58.212.162
217.69.133.145
2a00:1148:db00::17
2a00:1450:4001:800::200d
2a00:1450:4001:800::200e
2a00:1450:4001:801::2001
2a00:1450:4001:802::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a02:6b8:20::215
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
81.19.89.1
81.19.89.17
87.240.129.187
87.240.190.78
88.99.219.19
91.239.233.47
94.100.180.100
94.100.180.38
94.100.180.55
95.142.206.1
02832722693c48c5d33a299600c36fd408a9d39ecdb6be023a7efd9ecd780edf
0505f08376c9b9213154fc91e4bf7618ed3a29a5fc75ef0f76f9f0266a0db13b
08d39219c8286d86ad35fe77e118b324f1f490c129b932758d37fce80a6f08bc
0d7e358637c1b1caa66949aefc529c1e4488923f99e499d6be09eb8cdd0b4202
0fabebfd33907918ef76b3063b0139f31b3d08fc80f783cae1beb16a80b35efa
1157556a79b9b9ed1f42f16a1b72326d21a57cf5efcef8c4d3b54264d2d4b94c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b0d186bc810df942a3c3e3e435347dadbe3ed3965a8181ed4264879153042a0
1b1a4081a8a32bc714fbb7a2509141683bc3eb707a421c0db556ed856f6d8e99
1f80fc69c4d044628dda27c6dfb81864987dbaba51d797abbbf115fa2231d9ff
23aca3eb9d500bc7291222cb8b42c2b4587c14e93e2d677aeaf6ffd7a97d8036
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2b6654f9a40a3eeb4380e98097b497e2c6ea9b27960733bbe52cebbef20f6b61
3795726557f64bf66677a94511e34f7d67dd58c73baef60ddb3f9a0cb8f38c1e
3f15444fd4637e1edf4978cc8e519393d7efffb6fa4dfa7d99fadcb9a271ddce
41df0d9772d211749a5feb51196106f25eb3ba40814a584381255e71e91225c5
43fe62030092e73be7d24ffff01910b0046174c3e61f2a3a4a01de13bb367a6e
4409f886851d18b5071cc08d25845e0d959d51fd1e9eec92118d0f12a44e5eeb
4518d4c73cc79f597d32c09c25b38ef44da466f502c31e2023d1005f2f899713
48a7bb4c3019761d1408963c07a279d73bf1bb927a8e635970399d690e9bdb40
4a59afde8e0c966992b4cf31107f3e706e78572223f8f28162c218673bf7a71b
4d396cf09445102d6fbb4a89372a193497a4c9a60894707a55862ca13fc32c1b
4eee6c99ecb427ef540e86bab62ceda70b3cf3e490d3b8a630e9e0cb1f93bbfa
4f0f1e17ac4d18cdd50ac4ec911a60fcfeec7fb2831058801fa4a0db9972100a
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5073fab4fddb9f037315ac9c663dce6681b03976250cab681638dfe17475466f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
59369ee0cb901244b3340cae33becc5e92960686819ee7b72525c61d3061be34
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
5d1310353e02e0a006b79b7d607131cb6d9411543a8957b772f565816fdf3ce4
6777ffd74911fce66a21f4c72e17c2384d0ea6a2752a813a768a12d3ef3a020a
6a04f576442335229cacfeb8ff03d70dc5f753b25484535dd25ad5a073840ec3
6e0ff193ba02cc7fdee2e521893e94ea3f8d9605e044d56bc282c72c4d87b93c
7438cd6d98fc8e372c9a87e319ab965229ce2ba37798db808c8408f791db86ca
749ac42703ade78a5ed1277ed14fb8adb16ee555cd0997b07c902371bc1fee07
76ca001f38fa090ea0fde19ebb7e969ea7b2bba584992a935f5a4fef858e90ae
787b6fa1440172d52b8f0037f1efcddc370d354c79bc0cb41fb1e6d6031cc4ed
7d2fc381aebbeca6bc929c34ff3af23c94352463c9233894221bb9120f030e63
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
85ca9a330378bc7b6fdc5d293392086097d9746969e3406c13bcdd1c27583c8f
8912575bd0f82d6cc7cfe1211b468d0ba262e4c50ab048fccdff575e0f675c52
8994af594d5b44a2244155d9e567be672557846242b3c65ce86eaaeb652c3744
8f6b572b1e2a73592ce3ef051e37a0466f4928896f1f910e95055ba360f90da8
944979b576ee52348d5c63d35f566c11df26f70ed15d2ceba61180662a49b114
95d9bb24682185be85b699a35df222ac6ec2a7760baf7d9e2241af9f17042d33
975dae9ec12bdc3e02a04b8ead79c28b4f5730217fe12495cb3d19311deb1f40
9af956c2e071fc1e1d2190c49a6f4a6378db1fcbd46a7649c8b67eb248b2f81d
9bd4667051083414e6918c646422069fdd0292fb55aff0e8b807ec4fbb496c09
a099d68e34e33bb313e2b6defc561beefd64db26ffe61d91619d11d877231dde
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a64d2c1d8552f2ffe138c1688656745193026b699c8e461b7a4e116ce2c61c44
a93426ee67ff3671a86acc9002fae39dd362f5e7b4e2cd252095c28f2dda5071
abadaeaf4301eb917fb4c24515d356b0006f0c2677482df8fd6389f4c4f3e6b5
ac15d1868a55adcea61641c78efbb86feda3a65882f21bfe9fedd7348fb54be8
b216ac3521f384c732086fd6fcdf39542d8bd42407b76e5cb8fcf5fa4f12c4ba
b531632cd2388f2cfbfd5ebf18b8b8d73092b54250c8ddd75ebaea3e89cf2f80
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
ba7bc979694591a79dbf8a8894fdd972478d91be79c6386520bab30fa5213b85
ba9585e86eab9989249bcc9a97738f5780f0ac5f214f8c365b3442f65c61ab80
bd7794609b4b15fb09cb3266ea55904c0727bc2b0479cedc4f22594f909acd7d
be97ea5d59044dec752f769edd2be499069643df0a6bee0035d78d704ec76240
c05b105ff7755a63433495cfd6e27ce7587b9ddbaf9d835fef5b3c8227c21343
c1505db69b59103f40d0dd62f0f66546edd72be8b654b64e7663367bc8b5e655
c29c08b5aa7ead079e0f37a61627f58283862e84c73b86d65fa03772305161ab
c85e6bc422bdb420d4447c40abe55e304620014568f4f559bbadfc5c47fc33d0
c915b48765a756aecea1bde59036e7d4db96e0a7f17c39e8fe4187026f5ccf59
cced6635b7d12420896e6626292e254c407c3959bc86e0fe97cfe3ffb5c8d7f2
cd53a305a61a6a7bfa3b7704e9eed801ffe058954baed4784f554fd3991155fd
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d03b98e10261f4807504ce30bb32c443ca89a9b9d8b59c7a99130c3d1d1eca57
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d99dccc4af2dcb8e3b64249fb88549b5f0368708eec4b4c0acadc177b3ddce75
daf6bd753b8e71772c43fcb672e05df9c28359debd96af19f8e41a3de11303e6
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
ded3de6711e90ee906834dbd64ff18636b3f1a2463825e13f2fa0600417bfe2f
df66a811c7972c892a61bf73f73070b4fbe2d940bad7565d3ebeae01df36e53f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed89697436c213e02c99f290a0f8a3d20c4bde9ccdb2ddf025b0849cdfe11347
f0281752cc240dcd1b2478b12691b7822f4ff6ea649404bcd783920b5a5ffd44
f16a935d459a3bf85554bc55742924f23066053190a78a54904b6bf3e8a0140e
f3254cbd24c031588b3fc27f9e027d3f426b22219c7e8ad9dcbb5250972c0871
f5e77afe741f9ccad4834e6bd36ecdc4bd9a529ff4f750c5c501aea7bcb279cc
f6390c8d956a7f64e65782ade728dd1c30881b91d6c155e8b00930277fd74bef
f855bb73f7367d93773ef9ea339ec13d1f975ec2227ef74a34158b4f4886d104
fc82df2f8041f07089f9f1de17bde75873054929b9b291768798401c210a7cd5