way2self.in.ua Open in urlscan Pro
2a03:f480:1:26::70 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://way2self.in.ua/
Submission: On April 30 via api (April 30th 2022, 8:49:57 am UTC) from GB — Scanned from GB

Summary HTTP 479 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 50 IPs in 10 countries across 72 domains to perform 479 HTTP transactions. The main IP is 2a03:f480:1:26::70, located in Estonia and belongs to PAGM-AS, EE. The main domain is way2self.in.ua.

This is the only time way2self.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2a03:f480:1:2... 2a03:f480:1:26::70	198068 (PAGM-AS) (PAGM-AS)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
5 8	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
5	62.76.25.28 62.76.25.28	61400 (NETRACK-AS) (NETRACK-AS)
32 46	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
1	2a00:7a60:0:1... 2a00:7a60:0:10c3::1	200000 (UKRAINE-AS) (UKRAINE-AS)
1	2a06:98c1:312... 2a06:98c1:3120::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	91.218.215.18 91.218.215.18	42352 (QOS) (QOS)
1	168.119.0.153 168.119.0.153	24940 (HETZNER-AS) (HETZNER-AS)
1	185.230.90.30 185.230.90.30	56485 (THEHOST-AS) (THEHOST-AS)
1	92.223.84.84 92.223.84.84	199524 (GCORE) (GCORE)
1	185.233.39.242 185.233.39.242	200000 (UKRAINE-AS) (UKRAINE-AS)
1 2	2606:4700:303... 2606:4700:3030::ac43:c5d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.202.113.101 116.202.113.101	24940 (HETZNER-AS) (HETZNER-AS)
1	178.172.137.201 178.172.137.201	12406 (BN-AS Bel...) (BN-AS Belarussian data communication service provider.)
1	2606:4700:303... 2606:4700:3033::ac43:9890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	79.171.117.17 79.171.117.17	64494 (VARITI-AS) (VARITI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.16.85.20 104.16.85.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	109.248.237.51 109.248.237.51	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1 2	80.239.201.14 80.239.201.14	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
43	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4 8	142.251.36.70 142.251.36.70	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 14	176.9.60.211 176.9.60.211	24940 (HETZNER-AS) (HETZNER-AS)
7 7	104.92.93.175 104.92.93.175	16625 (AKAMAI-AS) (AKAMAI-AS)
7	104.92.93.177 104.92.93.177	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	104.92.94.3 104.92.94.3	16625 (AKAMAI-AS) (AKAMAI-AS)
1	5.187.1.114 5.187.1.114	() ()
1	2606:4700::68... 2606:4700::6811:3c3a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.248.59 18.66.248.59	16509 (AMAZON-02) (AMAZON-02)
1	104.16.105.108 104.16.105.108	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	51.250.76.213 51.250.76.213	200350 (YANDEXCLOUD) (YANDEXCLOUD)
19	104.92.106.193 104.92.106.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.92.70.33 104.92.70.33	() ()
479	50

19 2a03:f480:1:26::70 (Estonia)

ASN198068 (PAGM-AS, EE)

way2self.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.way2self.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany) 5 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

ddyipu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

46 142.132.202.70 (Germany) 32 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

share.itraffic.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
odnaknopka.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webcache.pp.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tsystatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:7a60:0:10c3::1 (Ukraine)

ASN200000 (UKRAINE-AS, UA)

megatrade-sm.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::7 (United States)

ASN13335 (CLOUDFLARENET, US)

wpg.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.218.215.18 (Ukraine)

ASN42352 (QOS, UA)
PTR: urok.osvita.ua

ru.childdevelop.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 168.119.0.153 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: s3.reserver.ru

presa.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.230.90.30 (Kyiv, Ukraine)

ASN56485 (THEHOST-AS, UA)
PTR: s26.thehost.com.ua

dachnaideya.cx.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.84.84 (Luxembourg)

ASN199524 (GCORE, LU)

img-cdn.tinkoffjournal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.233.39.242 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: vps-37976.vps-default-host.net

bituk.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3030::ac43:c5d9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

podosinki.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.podosinki.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.113.101 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.101.113.202.116.clients.your-server.de

coincryptobase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.172.137.201 (Belarus)

ASN12406 (BN-AS Belarussian data communication service provider., BY)
PTR: 178-172-137-201.hosterby.com

sundays.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9890 (United States)

ASN13335 (CLOUDFLARENET, US)

buki-repetitor.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)

leokross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.51 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

s.luxadv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.14 (Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-14.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

43 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.36.70 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: prg03s10-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 176.9.60.211 (Weimar, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.60.9.176.clients.your-server.de

pubmedya.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.92.93.175 (Frankfurt am Main, Germany) 7 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-93-175.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.92.93.177 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-93-177.deploy.static.akamaitechnologies.com

sale.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.94.3 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-94-3.deploy.static.akamaitechnologies.com

www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.187.1.114 (None, )

ASN- ()

www.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:3c3a (United States)

ASN13335 (CLOUDFLARENET, US)

paxful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-59.dus51.r.cloudfront.net

www.peopleperhour.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.105.108 (None, )

ASN13335 (CLOUDFLARENET, US)

www.rentalcars.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 51.250.76.213 (Russian Federation)

ASN200350 (YANDEXCLOUD, RU)

experience.tripster.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 104.92.106.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-193.deploy.static.akamaitechnologies.com

u.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.92.70.33 (None, )

ASN- ()

i.alicdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	846 KB
31	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 ad.doubleclick.net — Cisco Umbrella Rank: 182	242 KB
24	itraffic.su 12 redirects share.itraffic.su	10 KB
20	alicdn.com u.alicdn.com — Cisco Umbrella Rank: 40635 i.alicdn.com Failed ae01.alicdn.com Failed	200 KB
19	way2self.in.ua way2self.in.ua www.way2self.in.ua	206 KB
14	aliexpress.com 7 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 26839 sale.aliexpress.com — Cisco Umbrella Rank: 39066	56 KB
14	pubmedya.net 1 redirects pubmedya.net — Cisco Umbrella Rank: 243900	45 KB
12	criteo.net static.criteo.net — Cisco Umbrella Rank: 634 pix.eu.criteo.net — Cisco Umbrella Rank: 8363 csm.eu.criteo.net — Cisco Umbrella Rank: 8397	83 KB
11	pp.ua 11 redirects webcache.pp.ua — Cisco Umbrella Rank: 222819	4 KB
10	google.com 5 redirects www.google.com — Cisco Umbrella Rank: 5 adservice.google.com — Cisco Umbrella Rank: 63	2 KB
7	tripster.ru experience.tripster.ru — Cisco Umbrella Rank: 436040	56 KB
7	tsystatic.com 7 redirects tsystatic.com — Cisco Umbrella Rank: 225338	3 KB
7	yandex.ru 3 redirects informer.yandex.ru — Cisco Umbrella Rank: 59802 mc.yandex.ru — Cisco Umbrella Rank: 3455	5 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 158	219 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	251 KB
5	ddyipu.com ddyipu.com — Cisco Umbrella Rank: 728129	76 KB
4	odnaknopka.ru 2 redirects odnaknopka.ru — Cisco Umbrella Rank: 289001	2 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11867 ads.eu.criteo.com — Cisco Umbrella Rank: 8360 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10603	42 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5017	1 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 19411	734 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 133	85 KB
2	podosinki.su 1 redirects podosinki.su www.podosinki.su	39 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	2 KB
1	rentalcars.com www.rentalcars.com — Cisco Umbrella Rank: 61093
1	peopleperhour.com www.peopleperhour.com — Cisco Umbrella Rank: 212557
1	paxful.com paxful.com — Cisco Umbrella Rank: 222311
1	admitad.com www.admitad.com
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 18859	715 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 209	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 744	648 B
1	luxadv.com s.luxadv.com
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 430	58 KB
1	leokross.com leokross.com — Cisco Umbrella Rank: 492089
1	buki-repetitor.ru buki-repetitor.ru	58 KB
1	sundays.by sundays.by	71 KB
1	coincryptobase.com coincryptobase.com	24 KB
1	bituk.media bituk.media	82 KB
1	tinkoffjournal.ru img-cdn.tinkoffjournal.ru — Cisco Umbrella Rank: 580468	134 KB
1	cx.ua dachnaideya.cx.ua	65 KB
1	presa.com.ua presa.com.ua	26 KB
1	childdevelop.com.ua ru.childdevelop.com.ua	90 KB
1	wpg.com.ua wpg.com.ua	145 KB
1	megatrade-sm.com.ua megatrade-sm.com.ua	49 KB
0	vrbo.com Failed www.vrbo.com Failed
0	ssense.com Failed ssense.com Failed
0	semrush.com Failed www.semrush.com Failed
0	thetrainline.com Failed www.thetrainline.com Failed
0	ebay.co.uk Failed www.ebay.co.uk Failed
0	miniinthebox.com Failed www.miniinthebox.com Failed
0	revolut.com Failed www.revolut.com Failed
0	expedia.co.uk Failed www.expedia.co.uk Failed
0	lightinthebox.com Failed www.lightinthebox.com Failed
0	binance.com Failed www.binance.com Failed
0	stripchat.com Failed stripchat.com Failed
0	creativemarket.com Failed creativemarket.com Failed
0	fansly.com Failed fansly.com Failed
0	tomtop.com Failed www.tomtop.com Failed
0	wish.com Failed www.wish.com Failed
0	onlyfans.com Failed onlyfans.com Failed
0	aweber.com Failed www.aweber.com Failed
0	hotelscombined.com Failed www.hotelscombined.com Failed
0	bngpt.com Failed bngpt.com Failed
0	alibaba.com Failed offer.alibaba.com Failed
0	wise.com Failed wise.com Failed
0	chaturbate.com Failed chaturbate.com Failed
0	mandco.com Failed www.mandco.com Failed
0	stradivarius.com Failed www.stradivarius.com Failed
0	kayak.co.uk Failed www.kayak.co.uk Failed
0	momondo.co.uk Failed www.momondo.co.uk Failed
0	myprotein.com Failed www.myprotein.com Failed
0	aliexpress.ru Failed sale.aliexpress.ru Failed
479	72

	Domain	Requested by
43	tpc.googlesyndication.com	googleads.g.doubleclick.net way2self.in.ua tpc.googlesyndication.com
24	share.itraffic.su	12 redirects way2self.in.ua
23	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net way2self.in.ua
19	u.alicdn.com	sale.aliexpress.com
18	way2self.in.ua	way2self.in.ua
16	pagead2.googlesyndication.com	way2self.in.ua pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
14	pubmedya.net	1 redirects odnaknopka.ru pubmedya.net
11	webcache.pp.ua	11 redirects
8	ad.doubleclick.net	4 redirects googleads.g.doubleclick.net
8	www.google.com	5 redirects way2self.in.ua googleads.g.doubleclick.net
7	experience.tripster.ru	pubmedya.net experience.tripster.ru
7	sale.aliexpress.com	odnaknopka.ru
7	s.click.aliexpress.com	7 redirects
7	tsystatic.com	7 redirects
7	static.criteo.net	ads.eu.criteo.com
6	www.googletagservices.com	googleads.g.doubleclick.net
6	mc.yandex.ru	3 redirects way2self.in.ua
5	fonts.gstatic.com	fonts.googleapis.com
5	ddyipu.com	way2self.in.ua ddyipu.com
4	odnaknopka.ru	2 redirects way2self.in.ua
3	pix.eu.criteo.net	ads.eu.criteo.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	adservice.google.com	pagead2.googlesyndication.com
2	mc.webvisor.org	1 redirects way2self.in.ua
2	www.google-analytics.com	way2self.in.ua www.google-analytics.com
2	connect.facebook.net	way2self.in.ua connect.facebook.net
2	fonts.googleapis.com	way2self.in.ua cdnjs.cloudflare.com
1	i.alicdn.com	sale.aliexpress.com
1	www.rentalcars.com	pubmedya.net
1	www.peopleperhour.com	pubmedya.net
1	paxful.com	pubmedya.net
1	www.admitad.com	pubmedya.net
1	www.zenaps.com	1 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.luxadv.com	way2self.in.ua
1	cdn.jsdelivr.net	way2self.in.ua
1	www.gstatic.com	www.google.com
1	leokross.com	way2self.in.ua
1	informer.yandex.ru	way2self.in.ua
1	www.way2self.in.ua	way2self.in.ua
1	buki-repetitor.ru	way2self.in.ua
1	sundays.by	way2self.in.ua
1	coincryptobase.com	way2self.in.ua
1	www.podosinki.su	way2self.in.ua
1	podosinki.su	1 redirects
1	bituk.media	way2self.in.ua
1	img-cdn.tinkoffjournal.ru	way2self.in.ua
1	dachnaideya.cx.ua	way2self.in.ua
1	presa.com.ua	way2self.in.ua
1	ru.childdevelop.com.ua	way2self.in.ua
1	wpg.com.ua	way2self.in.ua
1	megatrade-sm.com.ua	way2self.in.ua
0	ae01.alicdn.com Failed	sale.aliexpress.com
0	www.vrbo.com Failed	pubmedya.net
0	ssense.com Failed	pubmedya.net
0	www.semrush.com Failed	pubmedya.net
0	www.thetrainline.com Failed	pubmedya.net
0	www.ebay.co.uk Failed	pubmedya.net
0	www.miniinthebox.com Failed	pubmedya.net
0	www.revolut.com Failed	pubmedya.net
0	www.expedia.co.uk Failed	pubmedya.net
0	www.lightinthebox.com Failed	pubmedya.net
0	www.binance.com Failed	pubmedya.net
0	stripchat.com Failed	pubmedya.net
0	creativemarket.com Failed	pubmedya.net
0	fansly.com Failed	pubmedya.net
0	www.tomtop.com Failed	pubmedya.net
0	www.wish.com Failed	pubmedya.net
0	onlyfans.com Failed	pubmedya.net
0	www.aweber.com Failed	pubmedya.net
0	www.hotelscombined.com Failed	pubmedya.net
0	bngpt.com Failed	pubmedya.net
0	offer.alibaba.com Failed	pubmedya.net
0	wise.com Failed	pubmedya.net
0	chaturbate.com Failed	pubmedya.net
0	www.mandco.com Failed	pubmedya.net
0	www.stradivarius.com Failed	pubmedya.net
0	www.kayak.co.uk Failed	pubmedya.net
0	www.momondo.co.uk Failed	pubmedya.net
0	www.myprotein.com Failed	pubmedya.net
0	sale.aliexpress.ru Failed	odnaknopka.ru
479	86

This site contains links to these domains. Also see Links.

Domain
www.way2self.in.ua
annaputyatina.ru
designprof.com.ua
vulkancasino.ua
uden-s.org
feeds.feedburner.com
metrika.yandex.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.megatrade-sm.com.ua R3	`2022-04-05` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-05` - `2022-07-04`	a year	crt.sh
ru.childdevelop.com.ua Sectigo RSA Domain Validation Secure Server CA	`2022-01-21` - `2023-02-20`	a year	crt.sh
*.presa.com.ua R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
dachnaideya.cx.ua R3	`2022-02-24` - `2022-05-25`	3 months	crt.sh
*.tinkoffjournal.ru Thawte RSA CA 2018	`2021-08-31` - `2022-08-31`	a year	crt.sh
way2self.in.ua R3	`2022-03-18` - `2022-06-16`	3 months	crt.sh
bituk.media R3	`2022-04-19` - `2022-07-18`	3 months	crt.sh
coincryptobase.com Thawte RSA CA 2018	`2021-06-26` - `2022-07-10`	a year	crt.sh
sundays.by R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-06` - `2022-05-07`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
pubmedya.net R3	`2022-03-01` - `2022-05-30`	3 months	crt.sh
www.aliexpress.com DigiCert SHA2 Secure Server CA	`2022-02-14` - `2023-02-14`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
peopleperhour.com Amazon	`2022-03-31` - `2023-04-29`	a year	crt.sh
secure.rentalcars.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2021-10-12` - `2022-11-12`	a year	crt.sh
tripster.ru R3	`2022-04-26` - `2022-07-25`	3 months	crt.sh
ru.aliexpress.com DigiCert SHA2 Secure Server CA	`2022-02-15` - `2023-02-16`	a year	crt.sh
img.alicdn.com DigiCert SHA2 Secure Server CA	`2022-02-15` - `2023-02-16`	a year	crt.sh

This page contains 51 frames:

Primary Page: http://way2self.in.ua/
Frame ID: ADF51043F18C925163C730CC29E0A696
Requests: 84 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Frame ID: 15E7863ABAB175C03D75535A4BDCB449
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&adk=1812271804&adf=3025194257&lmt=1651307112&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fway2self.in.ua%2F&ea=0&pra=5&wgl=1&dt=1651308570383&bpp=2&bdt=4123&idt=16044&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2529304739431&frm=20&pv=2&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=16058
Frame ID: 4B3FC3B0F90D9DA3A8DE413CB094431C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=93734044&adf=4089702428&pi=t.ma~as.9890819785&w=877&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1651308570386&bpp=2&bdt=4126&idt=16060&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GF7ZwiCOXr&p=http%3A//way2self.in.ua&dtd=16064
Frame ID: 677A33B79E793F4CD0B201E7E8AB2576
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069
Frame ID: D0DB5EA02025E8F1597339E50328BE88
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16071&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0bfkdRXvC6&p=http%3A//way2self.in.ua&dtd=16073
Frame ID: 40D960959909FBFB121CD0D335882FF4
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymz4KgANApcH4-g1AAMwiXEhe2vGJat0foLpTQ&u=%7CYWSQ5r%2BZP%2F6JUduCxFgEtXP1A69uR18eUjbjJt6YGxo%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDWz9O--uBBTqjZood8ggmhUwtqCk0G0AfagEP530MZagyPh6lIp0P4D6w4TljJ9dAYqcUVNgKVn5JVB40nEf2eaY-x2CKb6nP3LS-9hnx0HeEBbYberVEpXwmy2BMLllptNZqM4INfBZBj4RllEWmnquEnHPqlzsOgMxR7wL1DzJn9oApXC3IKXAh0BlgT340Ar-fkngSjnMVO-QrSy9wkSKcb-Uj2ubm8IybdMxgKKgijUxE2V43OfDdc9U-ZW-Q5C-X6Vq9LISQuZ9K3xWlggFyWoO1p5xIl2v8RhpmrbAd8Nw-Jzmw0Va0tL8lqK3_DvHAO8JdCdvpxjf9sefFeB4fne8mY8Kkjgpz22zguX3G6gjpKjbFyG4GY1wjF4bZoMigS1QLuLcBsTWWUGsOs-maPg1YMH9u&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSB80KvhsYpeFNLXQj-8PieGMoALkj9KxXL_b_YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAG91IjrA8gBCakCDEDvtsYYtT6oAwGqBLQBT9AhaOgU4FtfY7VYr3ImSSB_M6hiMmRNhh4WP8F-AU7V8gNCUybhwwYvQANldrDjmzheuBo0a5orxDmpbitwMVnptcVVrWMYaE6m_4rJIV62S_6hRR57-P4ZGlcPKI367CXGUNO7wqPoOsdKE8QLkYTXSL3vsaHL1r8lJiAlDm9FJ-TXARBVdvbvdk1UoNpwF1PerqpK27EqN8TyVpWgTGVK0eSznR8uxN7rK4Aa8nAmwLkLgAar3cKy9__Ruo8BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0r68POGb5qzPgV7-BeablDHKhtJQ%26client%3Dca-pub-5667294504565912%26adurl%3D
Frame ID: B65CA03B2D43F2BDC97BF9F87E5C9721
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html
Frame ID: 6D077300025A073FCCB0D6D9ED9D3AAD
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CL_uz-6zu_cCFYjKdwodIDYPew;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1352206694;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: C2671644F70D78AE3A6D7C6537041BAD
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=393440491&adf=3333341471&pi=t.aa~a.242253185~i.17~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1651307112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=1&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1651308588159&bpp=1&bdt=21899&idt=-M&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280&nras=2&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bsz68SlP5U&p=http%3A//way2self.in.ua&dtd=10
Frame ID: 80E794E2A97045DEB54FE7F3E7FE90CA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=3027794953&adf=2189153592&pi=t.aa~a.573379464~rp.3&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&to=qs&pwprc=5291598837&psa=1&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1651308588159&bpp=1&bdt=21900&idt=0&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=2908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=R18HFyEICQ&p=http%3A//way2self.in.ua&dtd=13
Frame ID: 4C419E4B03B77493C8C91C1DB844EDC7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html
Frame ID: 23EC26A6C3F1B2C1B60C18E0717C85E9
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CMLxz-6zu_cCFYnXdwod4T0KQg;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1423781821;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 20A8D0496C0A4CE7F6B5154E4BF8473E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E428B83AB276F1BFCCA9E4E5BAD0938D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 6A58891A2157AF0F98D715B2DC85AFEB
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html
Frame ID: 9D74144B7E2341CF413B768D292961E9
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CJfjlO-zu_cCFUzxEQgdSCUIXQ;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=2533984242;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 18C7EF6EB53FA07BD69A948C54242361
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html
Frame ID: DCF2716CCF8FD6EB91B7BECB09FE6792
Requests: 6 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CNmxq--zu_cCFXqL_QcdVj4JXA;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=3328291942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 3FF285DA54CCF088940D6A447A0A164B
Requests: 8 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: E3464A1B3E2D9DAE4414E47461F78ADD
Requests: 3 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&41339&cn=-&cv=280575&dp=217.138.196.106&aff_fcid=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&terminal_id=126b46be60c04d71adc0126b92214142
Frame ID: 93E69D74421DC2ECC84A7F88F156451C
Requests: 19 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: FEDE4FDBEF07467FB336FFF4E3FE50A7
Requests: 3 HTTP requests in this frame

Frame: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5332&cn=-&cv=164645&dp=217.138.196.106&aff_fcid=fb77b25627a842f3be88d5b8bd856f81-1651308592076-09568-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=fb77b25627a842f3be88d5b8bd856f81-1651308592076-09568-_AtqYLP&terminal_id=3d96f18f617c4cb0a22af1103b6683d0
Frame ID: 452A4E1E1DB5123ABA00D23EDF656D19
Requests: 1 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: AB36C559EA61A3E0909E18BA8090F3AB
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6462&cn=-&cv=269771&dp=217.138.196.106&aff_fcid=0d39a0e40ac444eeb87fa133c012dfdb-1651308592067-05372-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=0d39a0e40ac444eeb87fa133c012dfdb-1651308592067-05372-_AtqYLP&terminal_id=b4d53c0c590f4eff94300894713fea84
Frame ID: D4CFD7BE366BAF09F65F1131FDDA542F
Requests: 1 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 92F80118317A60922C89CD8A431A908D
Requests: 3 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&33290&cn=-&cv=156444&dp=217.138.196.106&aff_fcid=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&terminal_id=335ee32ca9e74acfbbe4e4e2c1f5655b
Frame ID: A133D3CDA17858FEC2335953EBAD5417
Requests: 19 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 8B0017F3E4810E670636CE73CDD3D400
Requests: 117 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&32618&cn=-&cv=768739&dp=217.138.196.106&aff_fcid=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&terminal_id=d131e4aad85148608a71e2e1ca326bbe
Frame ID: 0C5E79F6D5BC72460D997D971AB299ED
Requests: 19 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 1C54E90E0BC058D7A50165EE6E9795DC
Requests: 3 HTTP requests in this frame

Frame: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&3940&cn=-&cv=373460&dp=217.138.196.106&aff_fcid=ced1a6e6f7a64484aafe9a890138feeb-1651308592348-08478-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=ced1a6e6f7a64484aafe9a890138feeb-1651308592348-08478-_AtqYLP&terminal_id=f23fd95e57ad4cdc98c5e637fee0e160
Frame ID: 342B97778BE4E3FD8AAAD3F1F2388807
Requests: 1 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 3B0BAF537660A98EC80A98AA29E16094
Requests: 4 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&5859&cn=-&cv=671244&dp=217.138.196.106&aff_fcid=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&terminal_id=235f51ebd6ca480d82a669a0a45c2e55
Frame ID: 8E1CDB708B737250AA3791E9958382DC
Requests: 19 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 3891AAE181D2634EA4BD770BF3F94390
Requests: 4 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&34717&cn=-&cv=157598&dp=217.138.196.106&aff_fcid=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&terminal_id=f9ee8573311a4b39a116222231a91b81
Frame ID: 53C90CE3FE83FB468AEAD4DC7AB598B0
Requests: 19 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 27A140A17C4610BB5CD25C8FE80C5D72
Requests: 3 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&87666&cn=-&cv=628906&dp=217.138.196.106&aff_fcid=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&terminal_id=e4cd0885a5de4f7c88408b5bbd4e5baa
Frame ID: 829B9706970E9F8A38816C7E80A5FB23
Requests: 19 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 7A74772F33BF0EE788FA49523A74DB09
Requests: 3 HTTP requests in this frame

Frame: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6881&cn=-&cv=498013&dp=217.138.196.106&aff_fcid=8c37397dce4a4e1892502f9c67cfae82-1651308592076-00844-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=8c37397dce4a4e1892502f9c67cfae82-1651308592076-00844-_AtqYLP&terminal_id=61cc1fcf8ede4ffdbc18bc53f1445810
Frame ID: 5A554E04C47BF1E2AFCBF03D8EFC786F
Requests: 1 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 1DD6A202431CDE55D76602ED2CC3D6A1
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&39961&cn=-&cv=902807&dp=217.138.196.106&aff_fcid=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&terminal_id=2840ad30a18d4abcba89ff512cc44133
Frame ID: 5771EF2F2EE6039F478D6CEBEA90F38C
Requests: 19 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 0E29837087F22D6A2CF9CA0172F54B07
Requests: 3 HTTP requests in this frame

Frame: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&4273&cn=-&cv=18807&dp=217.138.196.106&aff_fcid=69ca6ac3cac7487a818e873382399663-1651308592199-03181-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=69ca6ac3cac7487a818e873382399663-1651308592199-03181-_AtqYLP&terminal_id=9402f65d03874a6eb87d4c8b2a7632eb
Frame ID: 0F7A10D86756E3FA71B973E1F5598EBA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Frame ID: AD2A31C204BB278FBBCB82F15F0ABD9A
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/index.html
Frame ID: C11ACE4E765AE91F3E8915B4D345EE03
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 986748B44D52FAEE0EED165D6F393429
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 06A7665F67DAD3254F47B4FD1CEFA072
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 27C610AE5315851714FECC4542D16BB4
Requests: 2 HTTP requests in this frame

Frame: https://pubmedya.net/vu/uk/
Frame ID: 33FC8C08A601BC91E5F75D63C0500793
Requests: 3 HTTP requests in this frame

Frame: https://experience.tripster.ru/partner/?template=horizontal-list&partner=touristiktales&order=top&num=1&font_size=small&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313&version=2&is_context=true
Frame ID: 6B9D621B8CF157CA8E7AF72934570A3F
Requests: 1 HTTP requests in this frame

Frame: https://experience.tripster.ru/partner/?template=horizontal-list&partner=touristiktales&order=top&num=1&font_size=small&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313&version=2&is_context=true
Frame ID: 59A4104426F3EF7EF7A6F4C392D37185
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Путь к истинной себе

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

479
Requests

38 %
HTTPS

43 %
IPv6

72
Domains

86
Subdomains

50
IPs

10
Countries

3290 kB
Transfer

9320 kB
Size

30
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: http://www.way2self.in.ua/
Title: Главная

Search URL Search Domain Scan URL

URL: https://annaputyatina.ru/
Title: Цена психолога

Search URL Search Domain Scan URL

URL: https://designprof.com.ua/ru/uslugi/proekt-pod-klyuch/
Title: https://designprof.com.ua/ru/uslugi/proekt-pod-klyuch

Search URL Search Domain Scan URL

URL: https://annaputyatina.ru/uslugi/psiholog-konfliktolog-dlya-biznesa/
Title: услугами бизнес-психолога.

Search URL Search Domain Scan URL

URL: https://vulkancasino.ua/ru/category/allgames
Title: https://vulkancasino.ua/ru/category/allgames

Search URL Search Domain Scan URL

URL: https://uden-s.org/
Title: обогреватель

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/way2self

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=33112108&from=informer

Search URL Search Domain Scan URL

URL: http://www.way2self.in.ua/politika-konfidentsialnosti
Title: Узнать подробности

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30631_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30631_1

Request Chain 22

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30628_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30628_1

Request Chain 24

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30627_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30627_1

Request Chain 26

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30626_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30626_1

Request Chain 28

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1

Request Chain 30

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1

Request Chain 32

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1

Request Chain 34

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1

Request Chain 36

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1

Request Chain 37

https://podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg HTTP 301
http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg

Request Chain 38

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1

Request Chain 40

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1

Request Chain 42

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1

Request Chain 51

http://connect.facebook.net/ru_RU/sdk.js HTTP 307
https://connect.facebook.net/ru_RU/sdk.js

Request Chain 53

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 65

http://odnaknopka.ru/ok9.js HTTP 301
https://odnaknopka.ru/ok9.js

Request Chain 67

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A0%3Als%3A406195776273%3Ahid%3A602033534%3Az%3A0%3Ai%3A20220430084945%3Aet%3A1651308585%3Ac%3A1%3Arn%3A962938287%3Arqn%3A1%3Au%3A1651308585497765218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651308565430%3Ads%3A55%2C190%2C582%2C190%2C0%2C0%2C%2C7994%2C10%2C%2C%2C%2C9012%3Aco%3A0%3Ast%3A1651308585&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A0%3Als%3A406195776273%3Ahid%3A602033534%3Az%3A0%3Ai%3A20220430084945%3Aet%3A1651308585%3Ac%3A1%3Arn%3A962938287%3Arqn%3A1%3Au%3A1651308585497765218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651308565430%3Ads%3A55%2C190%2C582%2C190%2C0%2C0%2C%2C7994%2C10%2C%2C%2C%2C9012%3Aco%3A0%3Ast%3A1651308585&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 68

https://mc.yandex.ru/watch/33112108?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1204056308781%3Ahid%3A602033534%3Az%3A0%3Ai%3A20220430084945%3Aet%3A1651308585%3Ac%3A1%3Arn%3A259861765%3Arqn%3A1%3Au%3A1651308585497765218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651308565430%3Ads%3A55%2C190%2C582%2C190%2C0%2C0%2C%2C7994%2C10%2C%2C%2C%2C9012%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651308585%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1204056308781%3Ahid%3A602033534%3Az%3A0%3Ai%3A20220430084945%3Aet%3A1651308585%3Ac%3A1%3Arn%3A259861765%3Arqn%3A1%3Au%3A1651308585497765218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651308565430%3Ads%3A55%2C190%2C582%2C190%2C0%2C0%2C%2C7994%2C10%2C%2C%2C%2C9012%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651308585%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 71

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9624.Dspot-AglZtaQati6ZHFWW5bnvx2z9g9w1p5o84to3fmJHqyS15atfhMdGnlv_Cf.xnQQWB8_6B_U0yVO-gKzyd4nFsc%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9624.v2qcUokdpr7Z14vFHJD2_U_TxV50kTfCH5LlhW1WZwxOhVGophhEU8pb1HRPhA1xeeI775tgtUxqfWFUznjm610HNeAVplxPXSZ_AJg5Vv8%2C.rCaBgR_TMfuIXJLVt9z-qyxQr5M%2C

Request Chain 88

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1352206694;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CL_uz-6zu_cCFYjKdwodIDYPew;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1352206694;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 94

http://odnaknopka.ru/stat.js HTTP 301
https://odnaknopka.ru/stat.js

Request Chain 103

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1423781821;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CMLxz-6zu_cCFYnXdwod4T0KQg;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1423781821;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 123

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 124

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=2533984242;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CJfjlO-zu_cCFUzxEQgdSCUIXQ;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=2533984242;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 146

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=3328291942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CNmxq--zu_cCFXqL_QcdVj4JXA;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=3328291942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 153

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 154

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;41339&cn=-&cv=280575&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&41339&cn=-&cv=280575&dp=217.138.196.106&aff_fcid=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&terminal_id=126b46be60c04d71adc0126b92214142

Request Chain 155

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 156

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_AtqYLP?af=a;5332&cn=-&cv=164645&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5332&cn=-&cv=164645&dp=217.138.196.106&aff_fcid=fb77b25627a842f3be88d5b8bd856f81-1651308592076-09568-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=fb77b25627a842f3be88d5b8bd856f81-1651308592076-09568-_AtqYLP&terminal_id=3d96f18f617c4cb0a22af1103b6683d0

Request Chain 157

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 158

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_AtqYLP?af=a;6462&cn=-&cv=269771&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6462&cn=-&cv=269771&dp=217.138.196.106&aff_fcid=0d39a0e40ac444eeb87fa133c012dfdb-1651308592067-05372-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=0d39a0e40ac444eeb87fa133c012dfdb-1651308592067-05372-_AtqYLP&terminal_id=b4d53c0c590f4eff94300894713fea84

Request Chain 159

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 160

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;33290&cn=-&cv=156444&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&33290&cn=-&cv=156444&dp=217.138.196.106&aff_fcid=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&terminal_id=335ee32ca9e74acfbbe4e4e2c1f5655b

Request Chain 161

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 162

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;32618&cn=-&cv=768739&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&32618&cn=-&cv=768739&dp=217.138.196.106&aff_fcid=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&terminal_id=d131e4aad85148608a71e2e1ca326bbe

Request Chain 163

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 164

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_AtqYLP?af=a;3940&cn=-&cv=373460&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&3940&cn=-&cv=373460&dp=217.138.196.106&aff_fcid=ced1a6e6f7a64484aafe9a890138feeb-1651308592348-08478-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=ced1a6e6f7a64484aafe9a890138feeb-1651308592348-08478-_AtqYLP&terminal_id=f23fd95e57ad4cdc98c5e637fee0e160

Request Chain 165

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 166

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;5859&cn=-&cv=671244&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&5859&cn=-&cv=671244&dp=217.138.196.106&aff_fcid=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&terminal_id=235f51ebd6ca480d82a669a0a45c2e55

Request Chain 167

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 168

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;34717&cn=-&cv=157598&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&34717&cn=-&cv=157598&dp=217.138.196.106&aff_fcid=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&terminal_id=f9ee8573311a4b39a116222231a91b81

Request Chain 169

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 170

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;87666&cn=-&cv=628906&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&87666&cn=-&cv=628906&dp=217.138.196.106&aff_fcid=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&terminal_id=e4cd0885a5de4f7c88408b5bbd4e5baa

Request Chain 171

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 172

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_AtqYLP?af=a;6881&cn=-&cv=498013&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6881&cn=-&cv=498013&dp=217.138.196.106&aff_fcid=8c37397dce4a4e1892502f9c67cfae82-1651308592076-00844-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=8c37397dce4a4e1892502f9c67cfae82-1651308592076-00844-_AtqYLP&terminal_id=61cc1fcf8ede4ffdbc18bc53f1445810

Request Chain 173

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 174

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;39961&cn=-&cv=902807&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&39961&cn=-&cv=902807&dp=217.138.196.106&aff_fcid=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&terminal_id=2840ad30a18d4abcba89ff512cc44133

Request Chain 175

https://webcache.pp.ua/stat HTTP 302
https://pubmedya.net/vu/uk/

Request Chain 176

https://tsystatic.com/a HTTP 302
https://s.click.aliexpress.com/e/_AtqYLP?af=a;4273&cn=-&cv=18807&dp=217.138.196.106 HTTP 302
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&4273&cn=-&cv=18807&dp=217.138.196.106&aff_fcid=69ca6ac3cac7487a818e873382399663-1651308592199-03181-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=69ca6ac3cac7487a818e873382399663-1651308592199-03181-_AtqYLP&terminal_id=9402f65d03874a6eb87d4c8b2a7632eb

Request Chain 199

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 201

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 203

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 216

https://pubmedya.net/to2/myprotein.uk/ HTTP 307
https://www.zenaps.com/rclick.php?mid=3196&c_len=2592000&c_ts=1651307557&c_cnt=685769%7C0%7C0%7C1651307557%7Clb_vxg8bc%7Caw%7C0&ir=17553b01-c860-11ec-9b3a-22623ec29485&pr=https%3A%2F%2Fwww.myprotein.com%2F%3Faffil%3Dawin%26utm_content%3DLinkbux%26utm_term%3DSub%2BNetworks%26utm_source%3DAWin-685769%26utm_medium%3Daffiliate%26utm_campaign%3DAffiliateWin%26sv_campaign_id%3D685769%26sv_tax1%3Daffiliate%26sv_tax2%3D%26sv_tax3%3DLinkbux%26sv_tax4%3D0%26awc%3D3196_1651307557_159dbdb23610989756d178c5ca229e12&bId=HLEX_626cf425f9d6c0.56858870&cookie=1&c_d=zenaps.com HTTP 302
https://www.myprotein.com/?affil=awin&utm_content=Linkbux&utm_term=Sub+Networks&utm_source=AWin-685769&utm_medium=affiliate&utm_campaign=AffiliateWin&sv_campaign_id=685769&sv_tax1=affiliate&sv_tax2=&sv_tax3=Linkbux&sv_tax4=0&awc=3196_1651307557_159dbdb23610989756d178c5ca229e12

Request Chain 217

https://pubmedya.net/to2/momondo.co.uk/ HTTP 307
https://www.momondo.co.uk/in?a=tradetracker&encoder=19_4&enc_pubid=166408&enc_bid=0&enc_pid=20075&enc_refid=0%3A%3A166408%3A%3Av030300011382242b13eb2a0140fd8d4b8e763db44754%3A%3A%3A%3A1651305127&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=166408&utm_content=20075&url=https%3A%2F%2Fwww.momondo.co.uk%2F

Request Chain 218

https://pubmedya.net/to2/kayak.co.uk/ HTTP 307
https://www.kayak.co.uk/in?a=tradetracker&encoder=19_4&enc_pubid=166408&enc_bid=0&enc_pid=32925&enc_refid=0%3A%3A166408%3A%3Av0303000113820dd099dfb12642d5a02e5d6c4f1f0236%3A%3A%3A%3A1651307543&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=166408&utm_content=32925&url=https%3A%2F%2Fkayak.co.uk HTTP 301
https://kayak.co.uk/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=166408&utm_content=32925 HTTP 301
https://www.kayak.co.uk/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=166408&utm_content=32925

Request Chain 219

https://pubmedya.net/to2/stradivarius.uk/ HTTP 307
https://www.zenaps.com/rclick.php?mid=6164&c_len=604800&c_ts=1651299280&c_cnt=637513%7C0%7C0%7C1651299280%7C25455ac76dc3b2705c7e4c2d3da50af8%7Caw%7C0&ir=d1fa8a50-c84c-11ec-8f9a-2230a0859272&pr=https%3A%2F%2Fwww.stradivarius.com%2Fgb%2Fen%2F%3Fawc%3D6164_1651299280_22b351882e582657252b331e03f1d1e6%26utm_source%3Dawin%26utm_medium%3Daffiliation%26utm_content%3D637513%26utm_campaign%3DAffiliate_Window_Sale&bId=HLEX_626cd3d00576b1.55864236&cookie=1&c_d=zenaps.com HTTP 302
https://www.stradivarius.com/gb/en/?awc=6164_1651299280_22b351882e582657252b331e03f1d1e6&utm_source=awin&utm_medium=affiliation&utm_content=637513&utm_campaign=Affiliate_Window_Sale

Request Chain 220

https://pubmedya.net/to2/mandco.com/ HTTP 307
https://www.zenaps.com/rclick.php?mid=1685&c_len=2592000&c_ts=1651302806&c_cnt=685769%7C0%7C0%7C1651302806%7Clb_vxqs42%7Caw%7C0&ir=07428ca0-c855-11ec-9b3a-22623ec29485&pr=https%3A%2F%2Fwww.mandco.com%3Fawc%3D1685_1651302806_ba47462766c3a05cb397ad389e292f1f%26utm_source%3DLinkbux%26utm_medium%3Daffiliates%26utm_campaign%3DAffiliate%252BWindow&bId=HLEX_626ce196a89ab8.35826470&cookie=1&c_d=zenaps.com HTTP 302
https://www.mandco.com/?awc=1685_1651302806_ba47462766c3a05cb397ad389e292f1f&utm_source=Linkbux&utm_medium=affiliates&utm_campaign=Affiliate%2BWindow

Request Chain 221

https://pubmedya.net/to2/goldsmiths.co.uk/ HTTP 307
https://www.zenaps.com/rclick.php?mid=2174&c_len=2592000&c_ts=1651302919&c_cnt=632098%7C0%7C0%7C1651302919%7Cbafe60bba7d3f55fe6d862a7cef021ed%7Caw%7C0&ir=4afb95e1-c855-11ec-8a8b-22638a30c8d7&pr=https%3A%2F%2Fwww.admitad.com%2Fen%2F%26awc%3D2174_1651302919_018d2f8a385ecbf8eb2d1fd6c4f4a50c&bId=HLEX_626ce207f77d51.10887284&cookie=1&c_d=zenaps.com HTTP 302
https://www.admitad.com/en/&awc=2174_1651302919_018d2f8a385ecbf8eb2d1fd6c4f4a50c

Request Chain 226

https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n HTTP 302
https://chaturbate.com/toproom/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0 HTTP 302
https://chaturbate.com/coy_amina/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0

479 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
way2self.in.ua/ 95 KB
22 KB 827ms
582ms Document
text/html 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7e1277df15b7fbabed255c2534be05fe62cb8eeb0b9b3457c9029a1e58e808b3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=3, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 22485
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:25 GMT
Last-Modified: Sat, 30 Apr 2022 08:25:12 GMT
Server: nginx/1.16.1
Vary: Accept-Encoding,Cookie

GET
H/1.1 200
OK styles.css
way2self.in.ua/wp-content/plugins/contact-form-7/includes/css/ 1 KB
761 B 845ms
675ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:53:00 GMT
Server: nginx/1.16.1
ETag: W/"5e15fadc-44f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK cli-style.css
way2self.in.ua/wp-content/plugins/cookie-law-info/css/ 2 KB
948 B 868ms
678ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/cookie-law-info/css/cli-style.css?ver=1.5.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e54b12f091001a29558f0c4c6e33fe512f71ba0215fc6630f6afc159f2ba40a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:46 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbfa-8ca"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK wpfront-scroll-top.css
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/css/ 113 B
365 B 380ms
190ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.css?ver=1.4.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4ea65470b3930c46d36c89f4f3db45b677fb3c15b820de53959ce66ad4112d59

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:26 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbe6-71"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK quads.css
way2self.in.ua/wp-content/plugins/quick-adsense-reloaded/assets/css/ 218 B
432 B 864ms
674ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/quick-adsense-reloaded/assets/css/quads.css?ver=1.4.7
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ee98562eed7d7a378016b2d3f26f8dd8242440049855b277341248a0b42e5291

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:53:05 GMT
Server: nginx/1.16.1
ETag: W/"5e15fae1-da"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
way2self.in.ua/wp-content/themes/smartline-lite/ 43 KB
11 KB 381ms
191ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/style.css?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b91d3b081a858473f2923c4a8e4a3ec66216b151194ded0cc4fc3b12a94e53ad

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 16:08:45 GMT
Server: nginx/1.16.1
ETag: W/"5ebaca0d-abb6"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK genericons.css
way2self.in.ua/wp-content/themes/smartline-lite/css/genericons/ 27 KB
17 KB 382ms
191ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/css/genericons/genericons.css?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 041d0bfd5e5587f4e66e409ad9205d2ed8ead9582e3afb98611044380816108e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:27:57 GMT
Server: nginx/1.16.1
ETag: W/"5e16030d-6c59"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK css
fonts.googleapis.com/ 5 KB
1 KB 567ms
162ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7952ed5c1c2cb5ee45e6b5f998ddeea2bf037813617d7b328213a780847bed03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Sat, 30 Apr 2022 08:49:26 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sat, 30 Apr 2022 08:49:26 GMT

GET
H/1.1 200
OK jquery.js Show response
way2self.in.ua/wp-includes/js/jquery/ 94 KB
38 KB 572ms
192ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-includes/js/jquery/jquery.js?ver=1.11.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:29:16 GMT
Server: nginx/1.16.1
ETag: W/"5e16035c-176e9"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate.min.js Show response
way2self.in.ua/wp-includes/js/jquery/ 7 KB
3 KB 763ms
192ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:26 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:29:16 GMT
Server: nginx/1.16.1
ETag: W/"5e16035c-1c20"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK cookielawinfo.js Show response
way2self.in.ua/wp-content/plugins/cookie-law-info/js/ 7 KB
2 KB 953ms
191ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/cookie-law-info/js/cookielawinfo.js?ver=1.5.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 17830f4c96e1949e1d48c60c12ce45533ed0276f1310ebc083acc2c59a280af3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:45 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbf9-1cbe"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK wpfront-scroll-top.js Show response
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/js/ 3 KB
1 KB 1035ms
191ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.js?ver=1.4.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a5ac529d240812c2725fdb0d65eeb2863c8523a42a9a684068b1620071a9b3af

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:19 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbdf-d6e"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK navigation.js Show response
way2self.in.ua/wp-content/themes/smartline-lite/js/ 4 KB
2 KB 1054ms
190ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/js/navigation.js?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 429a39b5d5be375d2ef17c332187e24d6a34dfdc2f3ea1b3d39d892d423e449d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:27:54 GMT
Server: nginx/1.16.1
ETag: W/"5e16030a-f39"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
55 KB 2405ms
186ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc7048cb2a2e4fb6124d287cbd60686c4ff85dea83874c0dc337712c28499ffa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56244
x-xss-protection: 0
server: cafe
etag: 16113221612289705641
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 08:49:30 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 161 KB
56 KB 668ms
515ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bf6834126fd32f1ec14789424b4f0cc235b0eda5bfa5ef68e584edfa61ae4b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Sat, 30 Apr 2022 08:49:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 3886830615817700897
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 56248
X-XSS-Protection: 0
Expires: Sat, 30 Apr 2022 08:49:28 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
970 B 631ms
315ms Script
text/javascript 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

142d7e946013c923e6530d5ac543354d09611339c9b8093282f5dcae721aaaff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 1; mode=block
expires: Sat, 30 Apr 2022 08:49:26 GMT

GET
H/1.1 200
OK pykwb612g.php Show response
ddyipu.com/1wyl71192vilm0py03h8q/876/vuq876/ 58 KB
19 KB 388ms
188ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ddyipu.com/1wyl71192vilm0py03h8q/876/vuq876/pykwb612g.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 699f198d535c2064699c6b89716fa70027f0cf3154cb1861ceeba4665fdb7ff3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 13:54:29 GMT
Server: nginx/1.14.2
ETag: "6256d615-4aa5"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19109

GET
H/1.1 200
OK 0y3qh8768uvq876pkyjo.php Show response
ddyipu.com/z7y1l7192lvip0m/ 58 KB
19 KB 576ms
375ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ddyipu.com/z7y1l7192lvip0m/0y3qh8768uvq876pkyjo.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 699f198d535c2064699c6b89716fa70027f0cf3154cb1861ceeba4665fdb7ff3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 13:54:29 GMT
Server: nginx/1.14.2
ETag: "6256d615-4aa5"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19109

GET
H/1.1 200
OK 768quv678ykpjh.php Show response
ddyipu.com/k1i1l7912/ivl/0mp3y0h8q/ 58 KB
19 KB 1352ms
1149ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ddyipu.com/k1i1l7912/ivl/0mp3y0h8q/768quv678ykpjh.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 699f198d535c2064699c6b89716fa70027f0cf3154cb1861ceeba4665fdb7ff3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 13:54:29 GMT
Server: nginx/1.14.2
ETag: "6256d615-4aa5"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19109

GET
H/1.1 200
OK pky7sdz.php Show response
ddyipu.com/ghx1l7/219lvipm0/0y3q8h768vuq/876/ 58 KB
19 KB 964ms
761ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ddyipu.com/ghx1l7/219lvipm0/0y3q8h768vuq/876/pky7sdz.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 699f198d535c2064699c6b89716fa70027f0cf3154cb1861ceeba4665fdb7ff3

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 13 Apr 2022 13:54:29 GMT
Server: nginx/1.14.2
ETag: "6256d615-4aa5"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19109

GET
H/1.1 200
OK logo2-1340-350.jpg
way2self.in.ua/wp-content/uploads/2015/10/ 69 KB
69 KB 385ms
382ms Image
image/jpeg 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/uploads/2015/10/logo2-1340-350.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 8572c258d3889163b189d01120b0f12cb115cdab19cc9e278d2b192625cf9fe9

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:28 GMT
Last-Modified: Wed, 08 Jan 2020 16:14:55 GMT
Server: nginx/1.16.1
ETag: "5e15ffff-11381"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 70529

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30631_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30631_1

312 B
516 B

1651ms
665ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30631_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:34 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30631_1
Date: Sat, 30 Apr 2022 08:49:33 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 stroitelnaya-kraska2.jpg
megatrade-sm.com.ua/uploads/images/articles/ 48 KB
49 KB 3008ms
2197ms Image
image/jpeg 2a00:7a60:0:10c3::1
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://megatrade-sm.com.ua/uploads/images/articles/stroitelnaya-kraska2.jpg?1584434301832
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:7a60:0:10c3::1 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 87074670e2939fb6c27cf4dda3663342c94d39671cd4849b5be190a866ad60dd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-ray: p17866:0.002/wn21564:0.000/
last-modified: Tue, 17 Mar 2020 08:38:02 GMT
server: nginx
etag: "5e708c6a-c12e"
content-type: image/jpeg
cache-control: max-age=604800
date: Sat, 30 Apr 2022 08:49:29 GMT
accept-ranges: bytes
content-length: 49454
expires: Sat, 07 May 2022 08:49:29 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30628_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30628_1

312 B
516 B

1295ms
979ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30628_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:34 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30628_1
Date: Sat, 30 Apr 2022 08:49:34 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 22.png
wpg.com.ua/wp-content/uploads/2020/07/ 144 KB
145 KB 932ms
327ms Image
image/png 2a06:98c1:3120::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wpg.com.ua/wp-content/uploads/2020/07/22.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0bf60019342230fc2ae821f2b0b0e2f597d673a862bd362391742e8e398bba5

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:29 GMT
cf-cache-status: MISS
last-modified: Thu, 02 Jul 2020 03:50:58 GMT
server: cloudflare
etag: "5efd59a2-23f91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JSTJSeukbI9s6ee6p%2FFiaYPGDlLg%2F5ReO2HiuTb8junzDGRTY3FwW4AyCOVTrkX52B5mbCPUQKi4yLZi3zl1TvEivQKAMs2zO6SM2y%2BEtAQr1%2F9KFEU6lFd%2FD7JHZoyUb%2FOAPThbd4gp"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 703f063d4ddd839c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 147345

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30627_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30627_1

312 B
516 B

1107ms
790ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30627_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:34 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30627_1
Date: Sat, 30 Apr 2022 08:49:34 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK bigemotions_i.jpg
ru.childdevelop.com.ua/doc/images/news/6/672/ 90 KB
90 KB 1474ms
1020ms Image
image/jpeg 91.218.215.18
QOS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ru.childdevelop.com.ua/doc/images/news/6/672/bigemotions_i.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.218.215.18 , Ukraine, ASN42352 (QOS, UA),
Reverse DNS: urok.osvita.ua
Software: nginx /
Resource Hash: bd56bb6054bbc3c31db40da615225db581a37ea7d330eb04d0316b4fea76000f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:34 GMT
Last-Modified: Mon, 15 Feb 2021 12:32:52 GMT
Server: nginx
ETag: "602a69f4-167eb"
Content-Type: image/jpeg
Cache-Control: max-age=300
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 92139
Expires: Sat, 30 Apr 2022 08:54:34 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30626_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30626_1

312 B
516 B

157ms
157ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30626_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:35 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30626_1
Date: Sat, 30 Apr 2022 08:49:35 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 slipy5_large.jpg
presa.com.ua/images/2021/09/10/ 26 KB
26 KB 726ms
157ms Image
image/jpeg 168.119.0.153
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://presa.com.ua/images/2021/09/10/slipy5_large.jpg

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

168.119.0.153 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

s3.reserver.ru

Software

Apache /

Resource Hash

49b8a8dc76bdc7982a5304545079dbc5c29d301586276a716bf549122be08291

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:36 GMT
x-content-type-options: nosniff
last-modified: Mon, 06 Dec 2021 03:22:32 GMT
server: Apache
accept-ranges: bytes
content-length: 26641
content-type: image/jpeg

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1

312 B
516 B

3326ms
3326ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:35 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30625_1
Date: Sat, 30 Apr 2022 08:49:35 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 psdpi-678x381.jpg
dachnaideya.cx.ua/wp-content/uploads/2019/10/ 65 KB
65 KB 1448ms
183ms Image
image/jpeg 185.230.90.30
THEHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dachnaideya.cx.ua/wp-content/uploads/2019/10/psdpi-678x381.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.230.90.30 Kyiv, Ukraine, ASN56485 (THEHOST-AS, UA),
Reverse DNS: s26.thehost.com.ua
Software: nginx /
Resource Hash: 27008ef6af777bd6183b0d9c556e6a354eb66d5fa6cf3c899a36c34fc0511c6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:37 GMT
last-modified: Thu, 24 Feb 2022 22:59:41 GMT
server: nginx
accept-ranges: bytes
etag: "62180ddd-1025c"
content-length: 66140
content-type: image/jpeg

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1

312 B
516 B

157ms
157ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
Date: Sat, 30 Apr 2022 08:49:37 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 Zw
img-cdn.tinkoffjournal.ru/i/S-cjY9Q2Ct0NcyUocj3rNXrVRZrM2o15-uUt1Fu4x_Y/w:1200/aHR0cHM6Ly9pbWct/Y2RuLnRpbmtvZmZq/b3VybmFsLnJ1Ly0v/bWFpbl9fX195YXpo/cHNpaG9sb2cuYnZ3/Y254NW5uNWdlLmpw/ 133 KB
134 KB 1164ms
809ms Image
image/webp 92.223.84.84
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cdn.tinkoffjournal.ru/i/S-cjY9Q2Ct0NcyUocj3rNXrVRZrM2o15-uUt1Fu4x_Y/w:1200/aHR0cHM6Ly9pbWct/Y2RuLnRpbmtvZmZq/b3VybmFsLnJ1Ly0v/bWFpbl9fX195YXpo/cHNpaG9sb2cuYnZ3/Y254NW5uNWdlLmpw/Zw
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.84.84 , Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: db8d470fcb7b5fe2a19a10083ea345b5e9f5e92bf3d62465fac44c73ef703449

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: am3-up-gc82
date: Sat, 30 Apr 2022 08:49:38 GMT
server: nginx
x-proxy-cache-status: MISS
etag: d3bf5d5ab0c3d37ceaf6e90d58d2e76bf6f0536f7b8639421491257b4cc9b6d0
vary: Accept
content-type: image/webp
cache-control: max-age=157680000
x-envoy-upstream-service-time: 253
content-disposition: inline; filename="main____yazhpsiholog.bvwcnx5nn5ge.webp"
accept-ranges: bytes
content-length: 136650
cache: MISS
x-request-id: 713fa5d4-f35c-4486-9415-61a192cae04e
expires: Thu, 29 Apr 2027 08:49:38 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1

312 B
516 B

157ms
157ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
Date: Sat, 30 Apr 2022 08:49:38 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK Screenshot_12.jpg
way2self.in.ua/wp-content/uploads/2022/02/ 160 KB
0 2915ms
1717ms Image
image/jpeg 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://way2self.in.ua/wp-content/uploads/2022/02/Screenshot_12.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:39 GMT
Last-Modified: Sun, 20 Feb 2022 06:42:13 GMT
Server: nginx/1.16.1
ETag: "6211e2c5-46e71"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290417

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1

312 B
516 B

1001ms
1001ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:39 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
Date: Sat, 30 Apr 2022 08:49:39 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK photo_2021-09-19_01-02-50-1024x505.jpg
bituk.media/wp-content/uploads/2021/09/ 81 KB
82 KB 1331ms
718ms Image
image/jpeg 185.233.39.242
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bituk.media/wp-content/uploads/2021/09/photo_2021-09-19_01-02-50-1024x505.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.233.39.242 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: vps-37976.vps-default-host.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b3f6c6b1ecd1c79b3289035b660e537b8010d86ae9d5663b93d80019e6061716

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:39 GMT
Last-Modified: Sat, 18 Sep 2021 22:02:00 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "144e1-5cc4c327a2600"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 83169

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1

312 B
516 B

159ms
159ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
Date: Sat, 30 Apr 2022 08:49:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

4ef42a42c182f1c8b6c93ba43ead1a45.jpg
www.podosinki.su/wp-content/uploads/4/e/f/
Redirect Chain

https://podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg

38 KB
39 KB

458ms
276ms

Image
image/jpeg

2606:4700:3030::ac43:c5d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:c5d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5026639059f689fcceeddefe8af1a6e26e5642a0fe1efaf02db641d97ca5b1f

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:41 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 38811
Last-Modified: Thu, 28 Apr 2022 13:00:16 GMT
Server: cloudflare
ETag: "626a8fe0-979b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RGGr%2B0iws2yeiSe8VJh9Y8VlilgICYCoqqVBg2CiQnZJ%2BkLzrsxpudD9BM15N9X%2B4RCok4IL7fov%2F7IONKkoVS2Gel47k1yCB2Mijcscn3aqQc03nzeb6Ovl7NfbGJuxLcdWUAqGKUaoho7WKqJW"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Referer: http://way2self.in.ua/
Accept-Ranges: bytes
CF-RAY: 703f068a0f5483a9-MXP

Redirect headers

date: Sat, 30 Apr 2022 08:49:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2BQ2JDtPnddf8TPFkcqoJKwFUF92LeKEI8zzdUVTXuWis3U%2BWlBLZqFriKyvv84ZZ%2FDUUe7e%2BTRoo3DcMxoyqv7NkZQni8ugfN7NdM%2BzzN%2BniObEaXND1WYZYbfOvnZgPtRWSx0Q8egvdqg%3D"}],"group":"cf-nel","max_age":604800}
location: http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
cache-control: max-age=3600
cf-ray: 703f06866eab0e2a-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 30 Apr 2022 09:49:40 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1

312 B
516 B

157ms
157ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
Date: Sat, 30 Apr 2022 08:49:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 4(2).jpeg
coincryptobase.com/storage/journal/December2020/ 24 KB
24 KB 2984ms
1579ms Image
image/jpeg 116.202.113.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coincryptobase.com/storage/journal/December2020/4(2).jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.113.101 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.101.113.202.116.clients.your-server.de
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: a6acbcf8b6f128cd689868adc2787451f6114be57992ace33b325235ba24d207

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:41 GMT
last-modified: Thu, 17 Dec 2020 12:24:36 GMT
server: nginx/1.16.1 (Ubuntu)
etag: "5fdb4e04-5e63"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24163
expires: Sun, 30 Apr 2023 08:49:41 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1

312 B
516 B

539ms
539ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
Date: Sat, 30 Apr 2022 08:49:40 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 vybrat-obogrevatel-1.jpg
sundays.by/images/stati/ 71 KB
71 KB 810ms
203ms Image
image/jpeg 178.172.137.201
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sundays.by/images/stati/vybrat-obogrevatel-1.jpg

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.172.137.201 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-137-201.hosterby.com

Software

nginx /

Resource Hash

c571c146ca5e8750a690ee9e2fe076f51e37aebcfbc50171d5f85d66e355a6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 07:14:50 GMT
server: nginx
etag: "5ecb706a-11baa"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 72618
expires: Mon, 30 May 2022 08:49:41 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1

312 B
516 B

160ms
159ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:43 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
Date: Sat, 30 Apr 2022 08:49:42 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 15979239853711.jpg
buki-repetitor.ru/data/files/news/ 57 KB
58 KB 1171ms
565ms Image
image/jpeg 2606:4700:3033::ac43:9890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buki-repetitor.ru/data/files/news/15979239853711.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 154d6b9ef9acb788970a8dd3ea34b2e752356cb3dccf87f69f5dcaaf6547ef99

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:43 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58308
last-modified: Thu, 20 Aug 2020 11:46:25 GMT
server: cloudflare
etag: "5f3e6291-e3c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zPHS8McfcY2lhD6egwHUVJMFIwB%2FbgNGOY2i2K30Yqjixsa6wcx1sDQziLlMqV23oeou9n5hWJiWh9BNMztfmnCOzodmyLEVewDVQizFlO8lOAD7kxCWqawX6fWLXmuJh5g1mUVXpyTA4srbvMTSTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 703f0699bd7c5a25-MXP
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK rss-icon-1.png
www.way2self.in.ua/wp-content/uploads/2015/11/ 20 KB
20 KB 615ms
381ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.way2self.in.ua/wp-content/uploads/2015/11/rss-icon-1.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fa299f977b0c6d1ae285d7dc7d4b17876f8b6ddc063eefa410dc1d0fd1116908

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:28 GMT
Last-Modified: Wed, 08 Jan 2020 16:10:30 GMT
Server: nginx/1.16.1
ETag: "5e15fef6-4f20"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20256

GET
H2 200 3_0_B9ECFFFF_99CCFFFF_0_pageviews
informer.yandex.ru/informer/33112108/ 1 KB
2 KB 655ms
203ms Image
image/png 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/33112108/3_0_B9ECFFFF_99CCFFFF_0_pageviews

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

4778e358dfdcd920a579912ae962ad6f18a4f3f3581244faf6d9406382f00b54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Sat, 30-Apr-2022 08:49:43 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1450
x-xss-protection: 1; mode=block
expires: Sat, 30-Apr-2022 08:49:43 GMT

GET
H/1.1 200
OK 2.png
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/images/icons/ 5 KB
5 KB 765ms
764ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/images/icons/2.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3a8d61ec4f9d08132d1e4d1dcd8fbf220c50d294ce07242737bc315562f2880d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:43 GMT
Last-Modified: Wed, 08 Jan 2020 15:57:21 GMT
Server: nginx/1.16.1
ETag: "5e15fbe1-136f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4975

GET
H/1.1 200
OK jquery.form.min.js Show response
way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/ 15 KB
7 KB 192ms
191ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:52:58 GMT
Server: nginx/1.16.1
ETag: W/"5e15fada-3b90"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK scripts.js Show response
way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/ 11 KB
4 KB 191ms
191ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7b9c44cf87a0ef3fb6de18543dc2d3bf2864b52d385f4bdcf1834ae3df4c44a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:27 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:52:58 GMT
Server: nginx/1.16.1
ETag: W/"5e15fada-2d41"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 504
Gateway Time-out LQ.js
leokross.com/_yMj/ 0
0 6333ms
6157ms Script
text/html 79.171.117.17
VARITI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leokross.com/_yMj/LQ.js
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/ 360 KB
143 KB 718ms
154ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/2W_gRz39xX8G13fM-OdyQPlc/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83495
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 145349
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 04:02:19 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 09:38:09 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/sdk.js
https://connect.facebook.net/ru_RU/sdk.js

3 KB
2 KB

903ms
345ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5be9becb6bd353ea0ea4460d4c86ffbcf22418d649b520c57a083960f14ddc1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: weCsEwGb/uI6cSywXMhMQg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: gmodUTzqDkC1udzGKikqj7WnSCa4AJLmnUQ8bbwGuloHDTSh5im1QBIaeGei+yQrp7suztmGkGKlcgpAGTXqFQ==
x-fb-trip-id: 686109401
x-fb-content-md5: 0bdcc9613d4a8bacf7e21b0bca61d40f
x-frame-options: DENY
date: Sat, 30 Apr 2022 08:49:44 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "92fe4bf47b22d6947462095aaa942163"
timing-allow-origin: *
expires: Sat, 30 Apr 2022 09:09:07 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/sdk.js#xfbml=1&version=v2.6&appId=957403467676178
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 139 KB
58 KB 1018ms
428ms Script
application/javascript 104.16.85.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

29af6f3c9ffdd98527789fc73f96e7e3306c23ed743a10836c1a13d10ba3977f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:44 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 21699
x-jsd-version: 1.227.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19155-FRA, cache-itm18833-ITM
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"22d85-/p2NE0BgYqj58n//OMSTEIQNssg"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tA%2FhNYTuupHYFLxLVvpTk%2ByFchLwZhXfhrztAtXuaKjtxSKdHYuAMGIiziZkzsIBgbZAl7%2FKQuFGYTx1SVSp1DuaJhalCsTsPrXLw0kewnF1VM7qwZ37wFBI6JMFxUiDCVg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 703f069d1e3cd224-MAN
access-control-expose-headers: *

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

1747ms
154ms

Script
text/javascript

2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1954
date: Sat, 30 Apr 2022 08:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 30 Apr 2022 10:17:11 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK background.png
way2self.in.ua/wp-content/themes/smartline-lite/images/ 3 KB
3 KB 190ms
190ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/images/background.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 97212b12104c856919d44f21b8cbecd7397e7ef9e698fa6a14b692a5408c302a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:28 GMT
Last-Modified: Wed, 08 Jan 2020 16:27:55 GMT
Server: nginx/1.16.1
ETag: "5e16030b-aee"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2798

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyCkIT5lu.woff2
fonts.gstatic.com/s/raleway/v27/ 25 KB
26 KB 307ms
154ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyCkIT5lu.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c28cf9531a92b13f64e6bde8578d730da9920d06883a826a944ba161e3cda818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 23:35:53 GMT
X-Content-Type-Options: nosniff
Age: 206015
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 25584
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 15:50:26 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 27 Apr 2023 23:35:53 GMT

GET
H/1.1 200
OK raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2
fonts.gstatic.com/s/bitter/v26/ 16 KB
16 KB 317ms
154ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/bitter/v26/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7ef73c7b1a8aeafcd4803e18c3741f15487b5c5c758381c1885878729044673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 19:35:48 GMT
X-Content-Type-Options: nosniff
Age: 220420
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 16120
X-XSS-Protection: 0
Last-Modified: Tue, 19 Apr 2022 19:43:14 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 27 Apr 2023 19:35:48 GMT

GET
H/1.1 200
OK raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLzOXWh2.woff2
fonts.gstatic.com/s/bitter/v26/ 10 KB
11 KB 311ms
154ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/bitter/v26/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLzOXWh2.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5802377e5ae732c57af6115215ad4968ad20a6b2e9c6414d6692ed37125eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 20:29:01 GMT
X-Content-Type-Options: nosniff
Age: 217227
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 10400
X-XSS-Protection: 0
Last-Modified: Tue, 19 Apr 2022 19:26:46 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 27 Apr 2023 20:29:01 GMT

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v27/ 46 KB
47 KB 543ms
154ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v27/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 27 Apr 2022 19:37:02 GMT
X-Content-Type-Options: nosniff
Age: 220346
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 47312
X-XSS-Protection: 0
Last-Modified: Wed, 27 Apr 2022 15:53:13 GMT
Server: sffe
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Expires: Thu, 27 Apr 2023 19:37:02 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK render Show response
ddyipu.com/v4/ 209 B
438 B 382ms
194ms XHR
text/html 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://ddyipu.com/v4/render?surfer_uuid=9028f337-2245-4126-958a-4a638d179d18&referrer=http%3A%2F%2Fway2self.in.ua%2F&page_load_uuid=bc40e91c-9d51-46cf-83e6-d7602264efe5&page_depth=1&24suyg8juza=3a7530d7-59f4-4c35-b15c-08fd30e13d70&block_uuid=3a7530d7-59f4-4c35-b15c-08fd30e13d70&refresh_depth=1&safari_multiple_request=225
Requested by: Host: ddyipu.com
URL: http://ddyipu.com/z7y1l7192lvip0m/0y3qh8768uvq876pkyjo.php
Protocol: HTTP/1.1
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: ab06ae4ad38bde039c1cdd5d3c3eed4099ccbe75667ea2409ab7de0acf7b4ae9

Request headers

Referer: http://way2self.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Sat, 30 Apr 2022 08:49:29 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: keep-alive

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ 308 KB
110 KB 349ms
349ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5667294504565912&plah=way2self.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e1756687cc640b4cbd61e803317d788794f20bb68feb0b823f7dc7c6bc48014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112583
x-xss-protection: 0
server: cafe
etag: 16690133522905000907
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 08:49:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/ Frame 15E7 10 KB
5 KB 469ms
153ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 36990
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 22:33:00 GMT
etag: 3347421328414474149
expires: Fri, 13 May 2022 22:33:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 1160ms
1160ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20Ap%20(http%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A227%3A323)%0Aat%20zp%20(adsbygoogle.js%3A226%3A1240)%0Aat%20Gp%20(adsbygoogle.js%3A233%3A365)%0Aat%20c%20(adsbygoogle.js%3A234%3A38)%0Aat%20Hp%20(adsbygoogle.js%3A234%3A156)%0Aat%20Sp%20(adsbygoogle.js%3A243%3A285)%0Aat%20Ip%20(adsbygoogle.js%3A240%3A89)%0Aat%20adsbygoogle.js%3A235%3A47%0Aat%20li.m.oa%20(adsbygoogle.js%3A87%3A794)%0Aat%20cj%20(adsbygoogle.js%3A102%3A1098)&shv=r20220427&mjsv=m202204260101&eid=44759875%2C44759926%2C44759837%2C44761792&client=ca-pub-5667294504565912&url=http%3A%2F%2Fway2self.in.ua%2F

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK lb212289_3.js
s.luxadv.com/t/ 31 KB
0 2610ms
2247ms Script
application/javascript 109.248.237.51
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s.luxadv.com/t/lb212289_3.js?rt=85744520098
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 109.248.237.51 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:45 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2019 21:06:26 GMT
Server: nginx
ETag: W/"5da4e352-145e6"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Connection: keep-alive
Expires: Sat, 30 Apr 2022 08:50:45 GMT

GET
H/1.1

200
OK

ok9.js Show response
odnaknopka.ru/
Redirect Chain

http://odnaknopka.ru/ok9.js
https://odnaknopka.ru/ok9.js

143 B
379 B

1076ms
758ms

Script
text/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/ok9.js
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
ETag: 59dfef8d3fb9f0901b090901fa525be4
Transfer-Encoding: chunked
Content-Type: text/javascript; charset=UTF-8

Redirect headers

Location: https://odnaknopka.ru/ok9.js
Date: Sat, 30 Apr 2022 08:49:46 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 290 KB
83 KB 309ms
153ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=1f84371c67dcfe46f9936be9ae2396c2

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e7a9141ac6a2916f9054a41776173f407c89448553324fee1e65f56de121ff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: WgS0WDmFg4MiVwfpyJtVVA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84548
x-fb-rlafr: 0
x-fb-debug: LHoeVUoy+1rVUE9Z7bgMbWzePEx3dqoPetLdmvLnDwMi2bgQKS38INoK3AP9DMYiJ9PFyNTVgVDafHCDGuZ7bw==
x-fb-content-md5: 844a24ac9cae0465e55f67d3e7b4ac9d
x-frame-options: DENY
date: Sat, 30 Apr 2022 08:49:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "b0c7e99d67aa1d95fca8a9ede679a636"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 30 Apr 2023 07:10:51 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3A...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3...

174 B
256 B

454ms
454ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A0%3Als%3A406195776273%3Ahid%3A602033534%3Az%3A0%3Ai%3A20220430084945%3Aet%3A1651308585%3Ac%3A1%3Arn%3A962938287%3Arqn%3A1%3Au%3A1651308585497765218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651308565430%3Ads%3A55%2C190%2C582%2C190%2C0%2C0%2C%2C7994%2C10%2C%2C%2C%2C9012%3Aco%3A0%3Ast%3A1651308585&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ddc29fdcb749dde1c7b243e41364663a32daaa5902dddbe6ee6d5d1b90d7b5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:45 GMT
x-content-type-options: nosniff
last-modified: Sat, 30-Apr-2022 08:49:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 174
x-xss-protection: 1; mode=block
expires: Sat, 30-Apr-2022 08:49:45 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:45 GMT
last-modified: Sat, 30-Apr-2022 08:49:45 GMT
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A2%3Adp%3A0%3Als%3A406195776273%3Ahid%3A602033534%3Az%3A0%3Ai%3A20220430084945%3Aet%3A1651308585%3Ac%3A1%3Arn%3A962938287%3Arqn%3A1%3Au%3A1651308585497765218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651308565430%3Ads%3A55%2C190%2C582%2C190%2C0%2C0%2C%2C7994%2C10%2C%2C%2C%2C9012%3Aco%3A0%3Ast%3A1651308585&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 30-Apr-2022 08:49:45 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/33112108/
Redirect Chain

https://mc.yandex.ru/watch/33112108?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Al...

392 B
427 B

454ms
454ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1204056308781%3Ahid%3A602033534%3Az%3A0%3Ai%3A20220430084945%3Aet%3A1651308585%3Ac%3A1%3Arn%3A259861765%3Arqn%3A1%3Au%3A1651308585497765218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651308565430%3Ads%3A55%2C190%2C582%2C190%2C0%2C0%2C%2C7994%2C10%2C%2C%2C%2C9012%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651308585%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

84f248be5e4b5cdc4c969a88c7d8fabb1a630d8637eca81d3a29fded4802f404

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:45 GMT
x-content-type-options: nosniff
last-modified: Sat, 30-Apr-2022 08:49:45 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 392
x-xss-protection: 1; mode=block
expires: Sat, 30-Apr-2022 08:49:45 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:45 GMT
last-modified: Sat, 30-Apr-2022 08:49:45 GMT
location: /watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5k1gtogow%3Afp%3A3096%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A790%3Acn%3A1%3Adp%3A0%3Als%3A1204056308781%3Ahid%3A602033534%3Az%3A0%3Ai%3A20220430084945%3Aet%3A1651308585%3Ac%3A1%3Arn%3A259861765%3Arqn%3A1%3Au%3A1651308585497765218%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1651308565430%3Ads%3A55%2C190%2C582%2C190%2C0%2C0%2C%2C7994%2C10%2C%2C%2C%2C9012%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651308585%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 30-Apr-2022 08:49:45 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
241 B 199ms
199ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:47 GMT
last-modified: Mon, 18 Apr 2022 12:16:58 GMT
etag: "625d2c8a-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 30 Apr 2022 09:49:47 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 461ms
160ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1298360782&t=pageview&_s=1&dl=http%3A%2F%2Fway2self.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1877456715&gjid=196261714&cid=598413088.1651308586&tid=UA-68999546-1&_gid=161590079.1651308586&_r=1&_slc=1&z=1350063448

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://way2self.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://way2self.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9624.Dspot-AglZtaQati6ZHFWW5bnvx2z9g9w1p5o84to3fmJHqyS15atfhMdGnlv_Cf.xnQQWB8_6B_U0yVO-gKzyd4nFsc%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9624.v2qcUokdpr7Z14vFHJD2_U_TxV50kTfCH5LlhW1WZwxOhVGophhEU8pb1HRPhA1xeeI775tgtUxqfWFUznjm610HNeAVplxPXSZ_AJg5Vv8%2C.rCaBgR_TMfuIXJLVt9z-qyxQr5...

43 B
383 B

189ms
189ms

Image
image/gif

80.239.201.14
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9624.v2qcUokdpr7Z14vFHJD2_U_TxV50kTfCH5LlhW1WZwxOhVGophhEU8pb1HRPhA1xeeI775tgtUxqfWFUznjm610HNeAVplxPXSZ_AJg5Vv8%2C.rCaBgR_TMfuIXJLVt9z-qyxQr5M%2C

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

80.239.201.14 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

80-239-201-14.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:50 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9624.v2qcUokdpr7Z14vFHJD2_U_TxV50kTfCH5LlhW1WZwxOhVGophhEU8pb1HRPhA1xeeI775tgtUxqfWFUznjm610HNeAVplxPXSZ_AJg5Vv8%2C.rCaBgR_TMfuIXJLVt9z-qyxQr5M%2C
date: Sat, 30 Apr 2022 08:49:49 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
648 B 713ms
359ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=way2self.in.ua&callback=_gfp_s_&client=ca-pub-5667294504565912

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5667294504565912&plah=way2self.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d536de06f7380817f7ccabc1f32cffe5a056b587455e0cf3f8036ac93409f9a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 479ms
163ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 08:49:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 2809ms
316ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 08:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 383ms
382ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fway2self.in.ua%2F&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4B3F 187 KB
49 KB 918ms
617ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&adk=1812271804&adf=3025194257&lmt=1651307112&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fway2self.in.ua%2F&ea=0&pra=5&wgl=1&dt=1651308570383&bpp=2&bdt=4123&idt=16044&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2529304739431&frm=20&pv=2&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=16058

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bfe30a3a05b48586c772352e7fdd8b2ed01e6bdb07c73eae9a26d7e7d6f0ff4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 50036
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 08:49:47 GMT
expires: Sat, 30 Apr 2022 08:49:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 677A 23 KB
9 KB 982ms
680ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=93734044&adf=4089702428&pi=t.ma~as.9890819785&w=877&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1651308570386&bpp=2&bdt=4126&idt=16060&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GF7ZwiCOXr&p=http%3A//way2self.in.ua&dtd=16064

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8ea5609100d60856334266118e0179b0a8b1da107145348c0b4444009f6d096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9692
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 08:49:47 GMT
expires: Sat, 30 Apr 2022 08:49:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D0DB 132 KB
42 KB 1157ms
863ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3da102648509a3b25001cfe70b54c3c485ca2c172f5913bb99c061be8a62ec96

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJCi7-2zu_cCFbApswAdV2wNcA&gqi=KvhsYrXvL6jH1fAP9uKGEA&layout=/sadbundle/%24csp%253Der3%24/12864005244746916417/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42906
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJCi7-2zu_cCFbApswAdV2wNcA&gqi=KvhsYrXvL6jH1fAP9uKGEA&layout=/sadbundle/%24csp%253Der3%24/12864005244746916417/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 08:49:47 GMT
expires: Sat, 30 Apr 2022 08:49:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 40D9 146 KB
46 KB 1153ms
862ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16071&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0bfkdRXvC6&p=http%3A//way2self.in.ua&dtd=16073

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81efce0ba4673a5a00b185fbf0b14d278aa110bb92a1bbd5ea10c0ce78955203

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLiY7-2zu_cCFd8jswAddDAIOQ&gqi=KvhsYqXwL-qv1fAPh_OR-A4&layout=/sadbundle/%24csp%253Der3%24/12864005244746916417/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 47385
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLiY7-2zu_cCFd8jswAddDAIOQ&gqi=KvhsYqXwL-qv1fAPh_OR-A4&layout=/sadbundle/%24csp%253Der3%24/12864005244746916417/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 08:49:47 GMT
expires: Sat, 30 Apr 2022 08:49:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 677A 0
0 365ms
365ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C9f8MKvhsYpeFNLXQj-8PieGMoALkj9KxXL_b_YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAG91IjrA8gBCakCDEDvtsYYtT6oAwGqBLEBT9AhaOgU4FtfY7VYr3ImSSB_M6hiMmRNhh4WP8F-AU7V8gNCUybhwwYvQANldrDjmzheuBo0a5orxDmpbitwMVnptcVVrWMYaE6m_4rJIV62S_6hRR57-P4ZGlcPKI367CXGUNO7wqPoOsdKE8QLkYTXSL3vsaHL1r8lJiAlDm9FJ-TXARBVdvbvdg9WgUijtaHbPVhFQzJOq2_xQp8cRktSCmoo-YOPe8DHM1GdGHW1gAar3cKy9__Ruo8BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=Yfpa5rnzc6U&uach_m=[UACH]&cid=CAQSGwCNIrLMKQ6moy3F7nKfMzDYq7SDIRYkXrH9BBgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=93734044&adf=4089702428&pi=t.ma~as.9890819785&w=877&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1651308570386&bpp=2&bdt=4126&idt=16060&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GF7ZwiCOXr&p=http%3A//way2self.in.ua&dtd=16064

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=93734044&adf=4089702428&pi=t.ma~as.9890819785&w=877&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1651308570386&bpp=2&bdt=4126&idt=16060&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=GF7ZwiCOXr&p=http%3A//way2self.in.ua&dtd=16064
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 30 Apr 2022 08:49:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 30 Apr 2022 08:49:47 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 677A 0
0 734ms
172ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=ks6uD7_6RO0GmAKH-lcYAgAAAI2i1XSGhSf5FTyPnBAq-GxigHBGCAWfUvD2cH8AEgAA&wp=Ymz4KgANApcH4-g1AAMwiXEhe2vGJat0foLpTQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:48 GMT
server: Kestrel
server-processing-duration-in-ticks: 244213
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame 40D9 67 B
196 B 487ms
167ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16071&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0bfkdRXvC6&p=http%3A//way2self.in.ua&dtd=16073

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 18:59:48 GMT
x-content-type-options: nosniff
server: cafe
age: 49799
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Sat, 30 Apr 2022 18:59:48 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B65C 120 KB
42 KB 1129ms
354ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymz4KgANApcH4-g1AAMwiXEhe2vGJat0foLpTQ&u=%7CYWSQ5r%2BZP%2F6JUduCxFgEtXP1A69uR18eUjbjJt6YGxo%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDWz9O--uBBTqjZood8ggmhUwtqCk0G0AfagEP530MZagyPh6lIp0P4D6w4TljJ9dAYqcUVNgKVn5JVB40nEf2eaY-x2CKb6nP3LS-9hnx0HeEBbYberVEpXwmy2BMLllptNZqM4INfBZBj4RllEWmnquEnHPqlzsOgMxR7wL1DzJn9oApXC3IKXAh0BlgT340Ar-fkngSjnMVO-QrSy9wkSKcb-Uj2ubm8IybdMxgKKgijUxE2V43OfDdc9U-ZW-Q5C-X6Vq9LISQuZ9K3xWlggFyWoO1p5xIl2v8RhpmrbAd8Nw-Jzmw0Va0tL8lqK3_DvHAO8JdCdvpxjf9sefFeB4fne8mY8Kkjgpz22zguX3G6gjpKjbFyG4GY1wjF4bZoMigS1QLuLcBsTWWUGsOs-maPg1YMH9u&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSB80KvhsYpeFNLXQj-8PieGMoALkj9KxXL_b_YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAG91IjrA8gBCakCDEDvtsYYtT6oAwGqBLQBT9AhaOgU4FtfY7VYr3ImSSB_M6hiMmRNhh4WP8F-AU7V8gNCUybhwwYvQANldrDjmzheuBo0a5orxDmpbitwMVnptcVVrWMYaE6m_4rJIV62S_6hRR57-P4ZGlcPKI367CXGUNO7wqPoOsdKE8QLkYTXSL3vsaHL1r8lJiAlDm9FJ-TXARBVdvbvdk1UoNpwF1PerqpK27EqN8TyVpWgTGVK0eSznR8uxN7rK4Aa8nAmwLkLgAar3cKy9__Ruo8BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0r68POGb5qzPgV7-BeablDHKhtJQ%26client%3Dca-pub-5667294504565912%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1bc8314a3fb450be488102f1b27f308f275558b1bd407fb1b2bf2c27a7928cb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 08:49:48 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=_6E_ETHjecSlnm1uAt7JrnWjI9Whr51lQxAnyBP2cQOQdxK3Uj_S-KwOxxWkupUE3JH_ilk-qrlSU5gW-7tycIztGQhEi1v0DjX2wOUIEJ0jeFwgBWkoQaXRUUpy82m_val1a3YzVSRHr9nzsKTWHycTGfv3rGaOBkpV7VdffhPzlXjQNmZrgB25JUhwwv2f8V9VtT6wsdGRUsowhtW9JpAHff_Bn-iIc_zEdBSPxG8ecAwD9CW7VVfc06OF6SFOZWScMw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 201490754
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 677A 3 KB
1 KB 338ms
162ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:48:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 677A 15 KB
7 KB 328ms
153ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:49:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 677A 120 KB
37 KB 489ms
162ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Apr 2022 08:49:48 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame 6D07 2 KB
2 KB 311ms
311ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6014135b205368c636d181a040df869d927b8f1a7f540f2a64aff49e0914f147

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 248718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 883
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:44:30 GMT
expires: Thu, 27 Apr 2023 11:44:30 GMT
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2

200

B27666548.334426119;dc_pre=CL_uz-6zu_cCFYjKdwodIDYPew;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1352206694;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame C267
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1352206694;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CL_uz-6zu_cCFYjKdwodIDYPew;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1352206694;dc_lat=;dc_rdid=;tag...

42 B
118 B

490ms
187ms

Fetch
image/gif

142.251.36.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CL_uz-6zu_cCFYjKdwodIDYPew;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1352206694;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Protocol

Server

142.251.36.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CL_uz-6zu_cCFYjKdwodIDYPew;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1352206694;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C267 0
0 200ms
199ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CV_eiKvhsYrjbM9_HzLUP9OCgyAP_o4nracG_m_6CENrZHhABIJf9sCpgu4aAgNAKoAH0uL_FA8gBCagDAcgDSKoExwFP0Dvg3BzTDvmjU5TJLoVMlO8202gALl1oAee2Vfp8kBK3frtNHpwfsgL0W2gPZCjyHzzaN61DikoJq0MN8_cVs299as0y6swpH8nLy9a7F92qRTefDPNlFEJFazUTCjbbUX9nHoqYgOaI1HLzdEcG1e1m2ooFGcKmO3S8DFxOohy5EG7bFZ7VsyQvyJWhTStvHtMnibpyTmnT2NzND6fruaHAe8DuSpljZZfYE-kOlONPBfeB4-QHoXzueP3AgUS7HobNX3WuwAT8qOfy9QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHmeqRowGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCl8BnSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=NpOHCCdjLKc&uach_m=[UACH]&template_id=419

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16071&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0bfkdRXvC6&p=http%3A//way2self.in.ua&dtd=16073
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 30 Apr 2022 08:49:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame C267 19 KB
8 KB 310ms
309ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:46:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame C267 3 KB
1 KB 1046ms
745ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:48:10 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame C267 15 KB
6 KB 322ms
322ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:49:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C267 120 KB
37 KB 665ms
616ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Apr 2022 08:49:48 GMT

GET
H/1.1

200
OK

stat.js Show response
odnaknopka.ru/
Redirect Chain

http://odnaknopka.ru/stat.js
https://odnaknopka.ru/stat.js

766 B
955 B

162ms
162ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://odnaknopka.ru/stat.js
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 4c483342f6b6854fd49a77996a70c99e0f502a44c34d3119ab3fdb87f287d68e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

Redirect headers

Location: https://odnaknopka.ru/stat.js
Date: Sat, 30 Apr 2022 08:49:49 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ 146 KB
52 KB 333ms
332ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b2910698018a32c6bae7df0ea25685f9c3fd8a72fd608df49c3a1269a8c972e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52967
x-xss-protection: 0
server: cafe
etag: 12275411638629496229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 30 Apr 2022 08:49:49 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 413ms
413ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pm&rt=2&c=ca-pub-5667294504565912&eid=44759875%2C44759926%2C44759837%2C44761792

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 677A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f01d42a1c6adb4d1fb2b16a9fa373091b13c2f8343681adb5bdeda7b50cd4c10

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 414ms
413ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=4&wpc=ca-pub-5667294504565912&warn=12%2C13&w=1600&h=1200&eatf=false&eatfAbg=false&reatf=true&a=6%2C1%2C5%2C7&apv=20220427_113708&sat=1651184401130&afm=0&as_count=4&d_count=0&ng_count=0&am_count=4&atf_count=2&mdns=0.079&alldns=0.158&allp=84&fd=(0%2C12%2C1)%2C(2%2C8%2C8)&pgh=14339&abl=false&rr=n&su=way2self.in.ua&pvc=1151207064649946&r=0.1&eid=44759875%2C44759926%2C44759837%2C44761792

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
165 B 464ms
162ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 08:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 80E7 133 KB
42 KB 910ms
909ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=393440491&adf=3333341471&pi=t.aa~a.242253185~i.17~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1651307112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=1&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1651308588159&bpp=1&bdt=21899&idt=-M&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280&nras=2&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bsz68SlP5U&p=http%3A//way2self.in.ua&dtd=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3161e15e2d0efe916b4571964bd9fcb893e936712895ceac5d1c9775875d949

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNvZxe6zu_cCFTrh4wcd1XcIIA&gqi=LPhsYvOqDIeA1fAPsaOL4A4&layout=/sadbundle/%24csp%253Der3%24/18262327861242342046/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 43084
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNvZxe6zu_cCFTrh4wcd1XcIIA&gqi=LPhsYvOqDIeA1fAPsaOL4A4&layout=/sadbundle/%24csp%253Der3%24/18262327861242342046/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 08:49:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C41 132 KB
42 KB 888ms
888ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=3027794953&adf=2189153592&pi=t.aa~a.573379464~rp.3&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&to=qs&pwprc=5291598837&psa=1&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1651308588159&bpp=1&bdt=21900&idt=0&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=2908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=R18HFyEICQ&p=http%3A//way2self.in.ua&dtd=13

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d169c29f8731b7ff6cea33fd1035fcf52733145cb4133280dd01e242a075868

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CICOxu6zu_cCFZMuswAdxMUPRg&gqi=LPhsYoPEDI6I1fAP0dqr0Ak&layout=/sadbundle/%24csp%253Der3%24/12864005244746916417/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 43088
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CICOxu6zu_cCFZMuswAdxMUPRg&gqi=LPhsYoPEDI6I1fAP0dqr0Ak&layout=/sadbundle/%24csp%253Der3%24/12864005244746916417/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 30 Apr 2022 08:49:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame 23EC 2 KB
947 B 453ms
153ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6014135b205368c636d181a040df869d927b8f1a7f540f2a64aff49e0914f147

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 248718
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 883
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:44:30 GMT
expires: Thu, 27 Apr 2023 11:44:30 GMT
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2

200

B27666548.334426119;dc_pre=CMLxz-6zu_cCFYnXdwod4T0KQg;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1423781821;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 20A8
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1423781821;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CMLxz-6zu_cCFYnXdwod4T0KQg;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1423781821;dc_lat=;dc_rdid=;tag...

42 B
107 B

694ms
392ms

Fetch
image/gif

142.251.36.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CMLxz-6zu_cCFYnXdwod4T0KQg;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1423781821;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069

Protocol

Server

142.251.36.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:48 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CMLxz-6zu_cCFYnXdwod4T0KQg;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=1423781821;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 20A8 0
0 202ms
202ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CtgiHKvhsYpDlM7DTzLUP19i1gAf_o4nracG_m_6CENrZHhABIJf9sCpgu4aAgNAKoAH0uL_FA8gBCagDAcgDSKoEwQFP0IjXKAQ-V-txcFlUjahU4wtRsAP7_79FSrN6PD00l60fWwjA4BLCKoOGfsLh9vlqeB6BGzrt6tpVPR3RVpkyGOuEQ1viIOU7BBsva4-eaUlA18l2wA2DatvQ6J-iSW7l9jbPKRKMv6aW4PDFe2PVWpqd4robeT6BPFn6kj0WiSwBdgXH5KHTeDQUTDs6lZsQsYWfDoXmPLkHVGo_9P8z55vR3_lywuHIg1uNAozatcoFQcHZFhV892WRb5l-zudawAT8qOfy9QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHmeqRowGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCvxgTSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=Ols2i6JeeiI&uach_m=[UACH]&template_id=419

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 30 Apr 2022 08:49:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 20A8 19 KB
8 KB 606ms
305ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 185
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:46:43 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 20A8 3 KB
1 KB 2335ms
2034ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 99
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:48:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 20A8 120 KB
37 KB 833ms
833ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Apr 2022 08:49:48 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 20A8 15 KB
6 KB 606ms
306ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:49:05 GMT

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 6D07 9 KB
3 KB 454ms
152ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83614
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 09:36:14 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 6D07 26 KB
10 KB 459ms
158ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 16:13:39 GMT

GET
H2 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame 6D07 140 KB
39 KB 727ms
426ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975493b36ff51cc1a52bb40cb7249b2b742b04be006435d698c2651562f1e513

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 247649
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40229
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
server: sffe
date: Wed, 27 Apr 2022 12:02:19 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 12:02:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E428 143 B
163 B 678ms
678ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16071&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=1&fsb=1&xpc=0bfkdRXvC6&p=http%3A//way2self.in.ua&dtd=16073
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:09:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C267 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cbfb8eac193f3325495d86e589b56966ab2c637fb970bb7f92267f004902e65

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 23EC 9 KB
3 KB 762ms
461ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83615
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 09:36:14 GMT

GET
H2 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 23EC 26 KB
10 KB 762ms
460ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 16:13:39 GMT

GET
H2 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame 23EC 140 KB
39 KB 812ms
510ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975493b36ff51cc1a52bb40cb7249b2b742b04be006435d698c2651562f1e513

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 247650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40229
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
server: sffe
date: Wed, 27 Apr 2022 12:02:19 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 12:02:19 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A58 143 B
163 B 252ms
252ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2427
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:09:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B65C 2 KB
1 KB 525ms
179ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ymz4KgANApcH4-g1AAMwiXEhe2vGJat0foLpTQ&u=%7CYWSQ5r%2BZP%2F6JUduCxFgEtXP1A69uR18eUjbjJt6YGxo%3D%7C&c1=glLBMxGOcDk-vbOOpZWuiwL9OpXS6gVV0_Ig_J1IpPwRDCJxJvxJzDfeVglSmwvDWz9O--uBBTqjZood8ggmhUwtqCk0G0AfagEP530MZagyPh6lIp0P4D6w4TljJ9dAYqcUVNgKVn5JVB40nEf2eaY-x2CKb6nP3LS-9hnx0HeEBbYberVEpXwmy2BMLllptNZqM4INfBZBj4RllEWmnquEnHPqlzsOgMxR7wL1DzJn9oApXC3IKXAh0BlgT340Ar-fkngSjnMVO-QrSy9wkSKcb-Uj2ubm8IybdMxgKKgijUxE2V43OfDdc9U-ZW-Q5C-X6Vq9LISQuZ9K3xWlggFyWoO1p5xIl2v8RhpmrbAd8Nw-Jzmw0Va0tL8lqK3_DvHAO8JdCdvpxjf9sefFeB4fne8mY8Kkjgpz22zguX3G6gjpKjbFyG4GY1wjF4bZoMigS1QLuLcBsTWWUGsOs-maPg1YMH9u&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSB80KvhsYpeFNLXQj-8PieGMoALkj9KxXL_b_YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAG91IjrA8gBCakCDEDvtsYYtT6oAwGqBLQBT9AhaOgU4FtfY7VYr3ImSSB_M6hiMmRNhh4WP8F-AU7V8gNCUybhwwYvQANldrDjmzheuBo0a5orxDmpbitwMVnptcVVrWMYaE6m_4rJIV62S_6hRR57-P4ZGlcPKI367CXGUNO7wqPoOsdKE8QLkYTXSL3vsaHL1r8lJiAlDm9FJ-TXARBVdvbvdk1UoNpwF1PerqpK27EqN8TyVpWgTGVK0eSznR8uxN7rK4Aa8nAmwLkLgAar3cKy9__Ruo8BoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YBwEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0r68POGb5qzPgV7-BeablDHKhtJQ%26client%3Dca-pub-5667294504565912%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 08:49:49 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame B65C 2 KB
1 KB 517ms
171ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 08:49:49 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B65C 308 B
637 B 516ms
171ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 25 Apr 2023 08:49:49 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame B65C 507 B
835 B 518ms
173ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Tue, 25 Apr 2023 08:49:49 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame B65C 43 B
348 B 1519ms
718ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9nWyc1k74c99q-aNgPsZfKmv-plsP4oXi-v1ybhfLLYA8J4FWATrukuF7T439VHVYnmI9iMMilRSH9NWdsP76qIq_9giBq2cYoLlXw__cIpN7BeURHIE6wCdeORqQkj1sJ7y3IxKfP_fV8VG2cIxBV6rvn4tM9Wk888DAlkcELGCplJdpH1wRXcUqXiUzsuMJkEz8Jhpvu_P6HZzyMhVCZT6Xg-q5rP70SP0TV2qicI_AevZsdvPuhK8rC6AvXzoKtWtNlaaV9PZXm8rXhY4__NA97zoWe3V44dlTnK9YIRnOZ5UWzUAxUU-06PQmqkZmA0qzJblQVBetPJSpT3JdL8EkViuCpXXAi5mf4PUdCrVbeA-Z06rro0c63z1naNJmcGwp_xxl25oy3nWqNpl8PIcTOo2Q_STUc3dPILacz-sENeFmT3mJXx7A2oO3id7Hk5s9w

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:48 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2711970
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 6A58
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

224ms
223ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1651308570389&bpp=1&bdt=4129&idt=16066&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280&nras=1&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=S5QJuG8Z2E&p=http%3A//way2self.in.ua&dtd=16069

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:49 GMT
expires: Sat, 30 Apr 2022 08:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E428
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

534ms
534ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:50 GMT
expires: Sat, 30 Apr 2022 08:49:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:49 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B65C 12 KB
5 KB 908ms
151ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:50 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 205167
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zC4e9hyF2rROot6hPdeuEk8WJXdvTmi8iOqbRfXgiygppFbVQHyA8b51IpwljG2AeGJPssLxQyGhVTqcYaFvnRN25AgVNfixs7vUMNml0%2Fzp7tLSmA8%2FHeFoQWtvnN8z3hMNhslf"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 703f06c0cf9d35bf-MAN
expires: Thu, 20 Apr 2023 08:49:50 GMT

GET
DATA 200
OK truncated
/ Frame 20A8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ab1d31579552368e0320ddbeb221527ddcca65f9c2ccbfcfdc37fbf5e910fb47

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/ Frame 9D74 2 KB
914 B 876ms
876ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c101ff2099eb83c43af476d9bb628af05f5258df89831f9edbd7555f7328321e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 253209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 884
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 10:29:40 GMT
expires: Thu, 27 Apr 2023 10:29:40 GMT
last-modified: Wed, 20 Apr 2022 10:16:13 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B27666548.334426119;dc_pre=CJfjlO-zu_cCFUzxEQgdSCUIXQ;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=2533984242;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 18C7
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=2533984242;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CJfjlO-zu_cCFUzxEQgdSCUIXQ;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=2533984242;dc_lat=;dc_rdid=;tag...

42 B
63 B

392ms
391ms

Fetch
image/gif

142.251.36.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CJfjlO-zu_cCFUzxEQgdSCUIXQ;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=2533984242;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=393440491&adf=3333341471&pi=t.aa~a.242253185~i.17~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1651307112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=1&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1651308588159&bpp=1&bdt=21899&idt=-M&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280&nras=2&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bsz68SlP5U&p=http%3A//way2self.in.ua&dtd=10

Protocol

Server

142.251.36.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CJfjlO-zu_cCFUzxEQgdSCUIXQ;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=2533984242;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 18C7 0
0 200ms
200ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6ZcQLPhsYtuTELrCj-8P1e-hgAL_o4nrabHBm_6CENrZHhABIJf9sCpgu4aAgNAKoAH0uL_FA8gBCagDAcgDSKoEwQFP0GTozAH5I94NVZmJ9vBRmxoZsSJEgLDF6xU1zpb_WzQfuk7zvr0OlSHU2RD9irvxTVCWUTxf9pTit_5HVR7IBVqmpt-PZ8QVmtHRkmQcphcgCXX8of0RSrKIc0C3ZvDvLA7nTtaDt5cD7YYtVLMJKJWSQkRvtUaCPrS4UoZnbUFEAmFIm-70fbY2h9LTFMMhy1aVARRbRNt6KC8XT0tYFphUx_4tMt1U7P3tdMijWnv9HBqFtotBM_z9rZaQJ8DZwAT8qOfy9QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHmeqRowGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCX4BDSCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=D4zcQlLxueA&uach_m=[UACH]&template_id=419

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=393440491&adf=3333341471&pi=t.aa~a.242253185~i.17~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1651307112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=1&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1651308588159&bpp=1&bdt=21899&idt=-M&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280&nras=2&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bsz68SlP5U&p=http%3A//way2self.in.ua&dtd=10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 30 Apr 2022 08:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 18C7 19 KB
8 KB 873ms
873ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:46:43 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 18C7 3 KB
1 KB 154ms
153ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:48:10 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 18C7 120 KB
37 KB 478ms
177ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Apr 2022 08:49:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 18C7 15 KB
6 KB 873ms
872ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:49:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 18C7 0
0 163ms
162ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaT8TMAozf1VBRcGoZKUq_noeQEeqdRzh2oZ35RteNO14cmlv5ytQ37lReHiPjKwK674UstN
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=393440491&adf=3333341471&pi=t.aa~a.242253185~i.17~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1651307112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=1&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1651308588159&bpp=1&bdt=21899&idt=-M&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280&nras=2&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bsz68SlP5U&p=http%3A//way2self.in.ua&dtd=10
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame 6D07 435 KB
33 KB 630ms
323ms XHR
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f794149e916c9ad5b5332d5c081e398c6325267affbb8a45bb0f696ea64c6dcf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 247650
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34145
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
server: sffe
date: Wed, 27 Apr 2022 12:02:19 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 12:02:19 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame 6D07 35 KB
13 KB 153ms
153ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 06:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93835
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 06:45:54 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 677A 42 B
64 B 1015ms
706ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssJQEImVLg2F_RmcI0X9Kr4gGhdnL3KQkpZJCQIEfD5vVPMYF-jcc7-XqWhJlwWABgO4mM9RPduLMPQYj0LAPYZsA&sig=Cg0ArKJSzA-AYNCiy2BhEAE&id=lidar2&mcvt=1000&p=0,0,280,877&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=93734044&rs=2&la=1&cr=0&vs=4&r=v&rst=1651308586451&rpt=2297&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B65C 12 KB
6 KB 853ms
853ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 08:49:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B65C 7 KB
8 KB 950ms
296ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=52446&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F52446%2F211222%2F06d68a9820b24a6ba5b658778b03a30d_otm-logo_navy_bg-%281%29_small.png&v=3&w=196&s=YkIvLukd6S22aq8jsvnf72y5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9d6b9a1828d4f385b96567b46c734f0ee46f425c74db5c0e3a2b72ca8b2818eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:50 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31001733
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7554
expires: Mon, 24 Apr 2023 04:25:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B65C 32 KB
32 KB 1409ms
755ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52446&q=80&r=2&u=https%3A%2F%2Fmedia.onthemarket.com%2Fproperties%2F11489756%2F1387861614%2Fimage-0-1024x1024.jpg&v=3&w=400&s=NRvWAlKaoI2As-DZDbmmP2bd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a22a652c9f38795269826fcbc5defb8d3f583f1d0a2d2b5ce3e470c89b7fc04e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=496364
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 32418
expires: Fri, 06 May 2022 02:42:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame B65C 31 KB
31 KB 1731ms
1077ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=52446&q=80&r=2&u=https%3A%2F%2Fmedia.onthemarket.com%2Fproperties%2F11462669%2F1386917640%2Fimage-0-1024x1024.jpg&v=3&w=400&s=9Or_Ek2Nqdm8D6u6GcopIwbN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

fc8d1dd8e863a53740e1d76272405ace3fb2d7b3ad2947b6ec5171a7f6d7500d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=308038
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 31388
expires: Tue, 03 May 2022 22:23:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B65C 0
128 B 962ms
296ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=_6E_ETHjecSlnm1uAt7JrnWjI9Whr51lQxAnyBP2cQOQdxK3Uj_S-KwOxxWkupUE3JH_ilk-qrlSU5gW-7tycIztGQhEi1v0DjX2wOUIEJ0jeFwgBWkoQaXRUUpy82m_val1a3YzVSRHr9nzsKTWHycTGfv3rGaOBkpV7VdffhPzlXjQNmZrgB25JUhwwv2f8V9VtT6wsdGRUsowhtW9JpAHff_Bn-iIc_zEdBSPxG8ecAwD9CW7VVfc06OF6SFOZWScMw&sds=2&rev=81333&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 30 Apr 2022 08:49:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B65C 2 KB
1 KB 203ms
203ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:50 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 08:49:50 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B65C 2 KB
1 KB 203ms
203ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:50 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 25 Apr 2023 08:49:50 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame DCF2 2 KB
913 B 508ms
508ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6014135b205368c636d181a040df869d927b8f1a7f540f2a64aff49e0914f147

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 248719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 883
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 27 Apr 2022 11:44:30 GMT
expires: Thu, 27 Apr 2023 11:44:30 GMT
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B27666548.334426119;dc_pre=CNmxq--zu_cCFXqL_QcdVj4JXA;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=3328291942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 3FF2
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=3328291942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CNmxq--zu_cCFXqL_QcdVj4JXA;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=3328291942;dc_lat=;dc_rdid=;tag...

42 B
63 B

196ms
196ms

Fetch
image/gif

142.251.36.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CNmxq--zu_cCFXqL_QcdVj4JXA;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=3328291942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=3027794953&adf=2189153592&pi=t.aa~a.573379464~rp.3&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&to=qs&pwprc=5291598837&psa=1&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1651308588159&bpp=1&bdt=21900&idt=0&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=2908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=R18HFyEICQ&p=http%3A//way2self.in.ua&dtd=13

Protocol

Server

142.251.36.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

prg03s10-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:49 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27666548.334426119;dc_pre=CNmxq--zu_cCFXqL_QcdVj4JXA;dc_trk_aid=526304028;dc_trk_cid=169938931;ord=3328291942;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3FF2 0
0 204ms
204ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIToDLPhsYoDIEJPdzLUPxIu_sAT_o4nracG_m_6CENrZHhABIJf9sCpgu4aAgNAKoAH0uL_FA8gBCagDAcgDSKoEwQFP0M5FXg1RWwcbjz4TBSMXMsoavcls5fdFfE3PjbTP1WDMlH3RxWSzwiuy0vOBbmkqbcYetRk85AvFjfVovEtS5Fkn0I1oJbCp8I8ryIL-8XnUonyTwqE3K8RGlnoOKjRsT2iHeqU8-OWwGRbIbmOdiv5vz8CMDZrudVui8EyfNakhLxAAeGeKU_W4asndt7mHfNDA4HISjrCiMP31juNuFIKUF6efixoKW5hRI4MnrRrIEiIf7NTtcuBpkWT6t5uHwAT8qOfy9QOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHmeqRowGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBD_7A_SCAkIgOGAcBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=YN--3j923Y0&uach_m=[UACH]&template_id=419

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=3027794953&adf=2189153592&pi=t.aa~a.573379464~rp.3&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&to=qs&pwprc=5291598837&psa=1&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1651308588159&bpp=1&bdt=21900&idt=0&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=2908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=R18HFyEICQ&p=http%3A//way2self.in.ua&dtd=13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 30 Apr 2022 08:49:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 3FF2 19 KB
8 KB 507ms
507ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:46:43 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 3FF2 3 KB
1 KB 335ms
335ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:48:10 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3FF2 120 KB
36 KB 184ms
184ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Apr 2022 08:49:49 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 3FF2 15 KB
6 KB 503ms
502ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:49:05 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3FF2 0
0 499ms
498ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQedpatzSCJhub6zRVBIwzvXQ_hAjHsNz563cU-UrP6PWkTF4bRhIaPT62zqzSSmcn_sO4J
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=3027794953&adf=2189153592&pi=t.aa~a.573379464~rp.3&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&to=qs&pwprc=5291598837&psa=1&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1651308588159&bpp=1&bdt=21900&idt=0&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=2908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=R18HFyEICQ&p=http%3A//way2self.in.ua&dtd=13
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame E346
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

524ms
160ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:54 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:50 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2

200

coupon_aliexpress.htm Show response
sale.aliexpress.com/__mobile/ Frame 93E6
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;41339&cn=-&cv=280575&dp=217.138.196.106
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&41339&cn=-&cv=280575&dp=217.138.196.106&aff_fcid=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&aff_fsk=_d8O2mSk&aff_p...

25 KB
6 KB

1363ms
804ms

Document
text/html

104.92.93.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&41339&cn=-&cv=280575&dp=217.138.196.106&aff_fcid=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&terminal_id=126b46be60c04d71adc0126b92214142

Requested by

Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.93.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-93-177.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, no-transform, max-age=86, s-maxage=120
content-encoding: gzip
content-length: 5985
content-type: text/html;charset=UTF-8
date: Sat, 30 Apr 2022 08:49:53 GMT
eagleeye-traceid: 21135c3c16513085837195807e2d44
expires: Sat, 30 Apr 2022 08:51:19 GMT
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Sat, 30 Apr 2022 08:49:52 GMT
eagleeye-traceid: 0b0a556a16513085920433438eb19c
expires: 0
location: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&41339&cn=-&cv=280575&dp=217.138.196.106&aff_fcid=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&terminal_id=126b46be60c04d71adc0126b92214142
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame FEDE
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

1969ms
160ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:54 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:51 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET

continuation_default.htm
sale.aliexpress.ru/ru/__pc/ Frame 452A
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_AtqYLP?af=a;5332&cn=-&cv=164645&dp=217.138.196.106
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5332&cn=-&cv=164645&dp=217.138.196.106&aff_fcid=fb77b25627a842f3be88d5b8bd856f81-1651308592076-09568-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_...

0
0

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame AB36
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

191 B
367 B

1345ms
759ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 99c68125c64b5bfe8f54629c3c423eaf6eb2f2dcf3ef607a6328d8461d2de7ae

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:52 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:51 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET

continuation_default.htm
sale.aliexpress.ru/ru/__pc/ Frame D4CF
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_AtqYLP?af=a;6462&cn=-&cv=269771&dp=217.138.196.106
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6462&cn=-&cv=269771&dp=217.138.196.106&aff_fcid=0d39a0e40ac444eeb87fa133c012dfdb-1651308592067-05372-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_...

0
0

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame 92F8
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

1549ms
160ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:53 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:51 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2

200

coupon_aliexpress.htm Show response
sale.aliexpress.com/__mobile/ Frame A133
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;33290&cn=-&cv=156444&dp=217.138.196.106
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&33290&cn=-&cv=156444&dp=217.138.196.106&aff_fcid=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&aff_fsk=_d8O2mSk&aff_p...

25 KB
6 KB

1360ms
804ms

Document
text/html

104.92.93.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&33290&cn=-&cv=156444&dp=217.138.196.106&aff_fcid=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&terminal_id=335ee32ca9e74acfbbe4e4e2c1f5655b

Requested by

Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.93.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-93-177.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, no-transform, max-age=83, s-maxage=120
content-encoding: gzip
content-length: 5985
content-type: text/html;charset=UTF-8
date: Sat, 30 Apr 2022 08:49:53 GMT
eagleeye-traceid: 21135c3c16513085837195807e2d44
expires: Sat, 30 Apr 2022 08:51:16 GMT
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Sat, 30 Apr 2022 08:49:52 GMT
eagleeye-traceid: 0b0a556d16513085924454384ec334
expires: 0
location: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&33290&cn=-&cv=156444&dp=217.138.196.106&aff_fcid=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&terminal_id=335ee32ca9e74acfbbe4e4e2c1f5655b
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame 8B00
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

10 KB
10 KB

982ms
190ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 268c5b455cc3e0262a6d8c1c329c2ba7bd486db39905fa71692df5ade8eddd2c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:52 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:51 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2

200

coupon_aliexpress.htm Show response
sale.aliexpress.com/__mobile/ Frame 0C5E
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;32618&cn=-&cv=768739&dp=217.138.196.106
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&32618&cn=-&cv=768739&dp=217.138.196.106&aff_fcid=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&aff_fsk=_d8O2mSk&aff_p...

25 KB
6 KB

1362ms
803ms

Document
text/html

104.92.93.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&32618&cn=-&cv=768739&dp=217.138.196.106&aff_fcid=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&terminal_id=d131e4aad85148608a71e2e1ca326bbe

Requested by

Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.93.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-93-177.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, no-transform, max-age=83, s-maxage=120
content-encoding: gzip
content-length: 5985
content-type: text/html;charset=UTF-8
date: Sat, 30 Apr 2022 08:49:53 GMT
eagleeye-traceid: 21135c3c16513085837195807e2d44
expires: Sat, 30 Apr 2022 08:51:16 GMT
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Sat, 30 Apr 2022 08:49:52 GMT
eagleeye-traceid: 2101d8b516513085920612864e9352
expires: 0
location: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&32618&cn=-&cv=768739&dp=217.138.196.106&aff_fcid=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&terminal_id=d131e4aad85148608a71e2e1ca326bbe
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame 1C54
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

1645ms
161ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:53 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:51 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET

continuation_default.htm
sale.aliexpress.ru/ru/__pc/ Frame 342B
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_AtqYLP?af=a;3940&cn=-&cv=373460&dp=217.138.196.106
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&3940&cn=-&cv=373460&dp=217.138.196.106&aff_fcid=ced1a6e6f7a64484aafe9a890138feeb-1651308592348-08478-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_...

0
0

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame 3B0B
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

1049ms
164ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:52 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:51 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2

200

coupon_aliexpress.htm Show response
sale.aliexpress.com/__mobile/ Frame 8E1C
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;5859&cn=-&cv=671244&dp=217.138.196.106
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&5859&cn=-&cv=671244&dp=217.138.196.106&aff_fcid=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&aff_fsk=_d8O2mSk&aff_pl...

25 KB
6 KB

1361ms
802ms

Document
text/html

104.92.93.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&5859&cn=-&cv=671244&dp=217.138.196.106&aff_fcid=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&terminal_id=235f51ebd6ca480d82a669a0a45c2e55

Requested by

Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.93.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-93-177.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, no-transform, max-age=77, s-maxage=120
content-encoding: gzip
content-length: 5985
content-type: text/html;charset=UTF-8
date: Sat, 30 Apr 2022 08:49:53 GMT
eagleeye-traceid: 21135c3c16513085837195807e2d44
expires: Sat, 30 Apr 2022 08:51:10 GMT
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Sat, 30 Apr 2022 08:49:52 GMT
eagleeye-traceid: 2101e9cf16513085920554151ef803
expires: 0
location: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&5859&cn=-&cv=671244&dp=217.138.196.106&aff_fcid=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&terminal_id=235f51ebd6ca480d82a669a0a45c2e55
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-akamai-fwd-auth-data: 73954704, 95.101.88.102, 1651308592, 217.138.196.106
x-akamai-fwd-auth-sha: E28BBDB8B782C6CEC84F0ACEABF021D800B0DEE4EBFE245565A93284FA147DD8
x-akamai-fwd-auth-sign: zcVPJuvxFHoZGe4b2SGDq8A63L/GOED3QrPXmuUAQwxvw9zWPJDRYUvtA5UDkmwjAjM44OpggpV7G8mrvYGTV6LiQH5djugOKLMuMii4GUE=
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame 3891
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

1372ms
164ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:53 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:51 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2

200

coupon_aliexpress.htm Show response
sale.aliexpress.com/__mobile/ Frame 53C9
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;34717&cn=-&cv=157598&dp=217.138.196.106
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&34717&cn=-&cv=157598&dp=217.138.196.106&aff_fcid=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&aff_fsk=_d8O2mSk&aff_p...

25 KB
6 KB

1361ms
804ms

Document
text/html

104.92.93.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&34717&cn=-&cv=157598&dp=217.138.196.106&aff_fcid=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&terminal_id=f9ee8573311a4b39a116222231a91b81

Requested by

Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.93.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-93-177.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, no-transform, max-age=74, s-maxage=120
content-encoding: gzip
content-length: 5985
content-type: text/html;charset=UTF-8
date: Sat, 30 Apr 2022 08:49:53 GMT
eagleeye-traceid: 21135c3c16513085837195807e2d44
expires: Sat, 30 Apr 2022 08:51:07 GMT
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Sat, 30 Apr 2022 08:49:52 GMT
eagleeye-traceid: 0b0a556116513085921906090e995f
expires: 0
location: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&34717&cn=-&cv=157598&dp=217.138.196.106&aff_fcid=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&terminal_id=f9ee8573311a4b39a116222231a91b81
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-akamai-fwd-auth-data: 463698498, 95.101.88.102, 1651308592, 217.138.196.106
x-akamai-fwd-auth-sha: 6CC6895C8B37F584202D339D850F6E94BD09B918FB2FBA9D103F91B917B9FAC4
x-akamai-fwd-auth-sign: jlfqsXxgw8mK78lc8ql5zA6XZSF5QrQ25YPxNtN1s74wz+fMRQNNhX6VZXN5Vibvrfm1GB4iUTr+U/S71sSNjbf5h5e7rZqwexmbaaZsslk=
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame 27A1
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

1421ms
162ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:53 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:52 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2

200

coupon_aliexpress.htm Show response
sale.aliexpress.com/__mobile/ Frame 829B
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;87666&cn=-&cv=628906&dp=217.138.196.106
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&87666&cn=-&cv=628906&dp=217.138.196.106&aff_fcid=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&aff_fsk=_d8O2mSk&aff_p...

25 KB
6 KB

1363ms
805ms

Document
text/html

104.92.93.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&87666&cn=-&cv=628906&dp=217.138.196.106&aff_fcid=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&terminal_id=e4cd0885a5de4f7c88408b5bbd4e5baa

Requested by

Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.93.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-93-177.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, no-transform, max-age=81, s-maxage=120
content-encoding: gzip
content-length: 5985
content-type: text/html;charset=UTF-8
date: Sat, 30 Apr 2022 08:49:53 GMT
eagleeye-traceid: 21135c3c16513085837195807e2d44
expires: Sat, 30 Apr 2022 08:51:14 GMT
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Sat, 30 Apr 2022 08:49:52 GMT
eagleeye-traceid: 0b0a555e16513085920636809e3a02
expires: 0
location: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&87666&cn=-&cv=628906&dp=217.138.196.106&aff_fcid=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&terminal_id=e4cd0885a5de4f7c88408b5bbd4e5baa
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-akamai-fwd-auth-data: 1394922540, 95.101.88.102, 1651308592, 217.138.196.106
x-akamai-fwd-auth-sha: BA0AE9F9F2F9FFEB88CF2EAC554AAEFE40DC49BBAF5DC5DF1C3601D935501CC8
x-akamai-fwd-auth-sign: bO0dfX32pHR2Vpn6TfmhvwxjuZLbVXHJ3ZFGpGGpf0qLvPbRSpzBCFxTwGnZKMO84XMVshMCQa/DwnOwERunVM7/rTqOkFEqoVfrn3Ta4bg=
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame 7A74
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

1875ms
160ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:54 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:52 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET

continuation_default.htm
sale.aliexpress.ru/ru/__pc/ Frame 5A55
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_AtqYLP?af=a;6881&cn=-&cv=498013&dp=217.138.196.106
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6881&cn=-&cv=498013&dp=217.138.196.106&aff_fcid=8c37397dce4a4e1892502f9c67cfae82-1651308592076-00844-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_...

0
0

GET

/
pubmedya.net/vu/uk/ Frame 1DD6
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

0
0

GET
H2

200

coupon_aliexpress.htm Show response
sale.aliexpress.com/__mobile/ Frame 5771
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_d8O2mSk?af=a;39961&cn=-&cv=902807&dp=217.138.196.106
https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&39961&cn=-&cv=902807&dp=217.138.196.106&aff_fcid=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&aff_fsk=_d8O2mSk&aff_p...

25 KB
6 KB

1358ms
803ms

Document
text/html

104.92.93.177
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&39961&cn=-&cv=902807&dp=217.138.196.106&aff_fcid=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&terminal_id=2840ad30a18d4abcba89ff512cc44133

Requested by

Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.93.177 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-93-177.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, no-transform, max-age=77, s-maxage=120
content-encoding: gzip
content-length: 5985
content-type: text/html;charset=UTF-8
date: Sat, 30 Apr 2022 08:49:53 GMT
eagleeye-traceid: 21135c3c16513085837195807e2d44
expires: Sat, 30 Apr 2022 08:51:10 GMT
p3p: CP="CAO PSA OUR"
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTION
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-language: en-US
content-length: 0
date: Sat, 30 Apr 2022 08:49:52 GMT
eagleeye-traceid: 2101e9d216513085924731577eb2b0
expires: 0
location: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&39961&cn=-&cv=902807&dp=217.138.196.106&aff_fcid=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&terminal_id=2840ad30a18d4abcba89ff512cc44133
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-application-context: global-traffic-holmes-f:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

/ Show response
pubmedya.net/vu/uk/ Frame 0E29
Redirect Chain

https://webcache.pp.ua/stat
https://pubmedya.net/vu/uk/

3 KB
3 KB

1574ms
160ms

Document
text/html

176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/
Requested by: Host: odnaknopka.ru
URL: http://odnaknopka.ru/stat.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:54 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

Redirect headers

Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:52 GMT
Location: https://pubmedya.net/vu/uk/
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET

continuation_default.htm
sale.aliexpress.ru/ru/__pc/ Frame 0F7A
Redirect Chain

https://tsystatic.com/a
https://s.click.aliexpress.com/e/_AtqYLP?af=a;4273&cn=-&cv=18807&dp=217.138.196.106
https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&4273&cn=-&cv=18807&dp=217.138.196.106&aff_fcid=69ca6ac3cac7487a818e873382399663-1651308592199-03181-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_A...

0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 191ms
191ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rasra::pr&rt=2&c=ca-pub-5667294504565912&eid=44759875%2C44759926%2C44759837%2C44761792

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 163ms
163ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 08:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 464ms
163ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 30 Apr 2022 08:49:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/ Frame AD2A 10 KB
4 KB 307ms
307ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 35943
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 29 Apr 2022 22:50:47 GMT
etag: 3347421328414474149
expires: Fri, 13 May 2022 22:50:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 20A8 42 B
64 B 535ms
535ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvQzi7WSrsmRPNtMSaEc-lalMg6QGkOSaMpTWyNF5HTcjv0P4Vf7OM85g3k42xdrG6YDo9W5IOYX1eUgefWGMLHvGE2KfdhAQfXexkVkTugqqKSMMSSd4XC1AZd&sai=AMfl-YSQTjlnZQRA18tKWhujh47-hQE_Iax1lr2-MJBxKScZuuEmI9AJVYuLupDQMkkBFeaghTUW0PYrEDIk&sig=Cg0ArKJSzEHcCpyDWj_TEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=1545001857&rs=2&la=0&cr=0&vs=4&r=v&rst=1651308587786&rpt=1434&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 30 Apr 2022 08:49:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/ Frame C11A 2 KB
890 B 312ms
311ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/index.html

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32c9f1d616517c03be6af8f10a4f51c2b3e3be0eaf62255d9c6cb1cf114f8891

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 350112
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 860
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Tue, 26 Apr 2022 07:34:38 GMT
expires: Wed, 26 Apr 2023 07:34:38 GMT
last-modified: Fri, 11 Mar 2022 09:50:11 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame AD2A 19 KB
8 KB 309ms
309ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:46:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 187
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:46:43 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9867 143 B
163 B 331ms
331ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=393440491&adf=3333341471&pi=t.aa~a.242253185~i.17~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1651307112&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=1&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1651308588159&bpp=1&bdt=21899&idt=-M&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280&nras=2&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2992&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=bsz68SlP5U&p=http%3A//way2self.in.ua&dtd=10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:09:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 18C7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1eeb9d4370c5ea929aee4a703e51e63dd4c8298a062a97f79fdca162a1597ed3

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 9D74 9 KB
3 KB 272ms
271ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9D74 26 KB
10 KB 480ms
479ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 16:13:39 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/ Frame 9D74 140 KB
39 KB 481ms
480ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975493b36ff51cc1a52bb40cb7249b2b742b04be006435d698c2651562f1e513

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 253209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40229
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:16:13 GMT
server: sffe
date: Wed, 27 Apr 2022 10:29:41 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 10:29:41 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06A7 143 B
163 B 308ms
307ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=3027794953&adf=2189153592&pi=t.aa~a.573379464~rp.3&w=341&fwrn=4&fwrnh=100&lmt=1651307112&rafmt=1&to=qs&pwprc=5291598837&psa=1&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1651308588159&bpp=1&bdt=21900&idt=0&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C877x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=2529304739431&frm=20&pv=1&ga_vid=598413088.1651308586&ga_sid=1651308586&ga_hid=1298360782&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=2908&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792&oid=2&psts=AGkb-H9u2zDhjS2pAVy76zc9ZMTt-06xtij-OqdDXTAPPGX5MxpfMeA3fa0FGxxZqZt8APiD1z_ji4BxodHT&pvsid=1151207064649946&pem=449&tmod=2107144355&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=9&uci=a!9&btvi=3&fsb=1&xpc=R18HFyEICQ&p=http%3A//way2self.in.ua&dtd=13
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:09:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame DCF2 9 KB
3 KB 270ms
269ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame DCF2 26 KB
10 KB 478ms
477ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 16:13:39 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame DCF2 140 KB
39 KB 799ms
798ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

975493b36ff51cc1a52bb40cb7249b2b742b04be006435d698c2651562f1e513

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 247651
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40229
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
server: sffe
date: Wed, 27 Apr 2022 12:02:19 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 12:02:19 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame C11A 9 KB
3 KB 503ms
503ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83616
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame C11A 26 KB
10 KB 196ms
196ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59771
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 30 Apr 2022 16:13:39 GMT

GET
H3 200 lottie_light.min.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/ Frame C11A 147 KB
41 KB 516ms
516ms Script
application/x-javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/lottie_light.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b989ef6e53e278a56abb90201c504c90c1b447f7e71eb35557e0e66b8de0a431

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 403556
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41971
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 09:50:11 GMT
server: sffe
date: Mon, 25 Apr 2022 16:43:54 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 25 Apr 2023 16:43:54 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27C6 143 B
163 B 154ms
153ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 2429
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:09:21 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame AD2A 3 KB
1 KB 292ms
291ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:48:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:48:10 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame AD2A 15 KB
6 KB 484ms
483ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 14 May 2022 08:49:05 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 06A7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

197ms
197ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:51 GMT
expires: Sat, 30 Apr 2022 08:49:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:50 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame B65C 0
127 B 595ms
296ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 30 Apr 2022 08:49:50 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27C6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

232ms
232ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:51 GMT
expires: Sat, 30 Apr 2022 08:49:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 3FF2 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68ee92a73cee8d59fefe7758bb53d30f1f4bcc16aaa6985ebf2319b6cc404930

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9867
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

609ms
609ms

Document
text/html

2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:51 GMT
expires: Sat, 30 Apr 2022 08:49:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 30 Apr 2022 08:49:51 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame 23EC 435 KB
33 KB 473ms
472ms XHR
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f794149e916c9ad5b5332d5c081e398c6325267affbb8a45bb0f696ea64c6dcf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 247652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34145
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
server: sffe
date: Wed, 27 Apr 2022 12:02:19 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 12:02:19 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame 23EC 35 KB
13 KB 153ms
152ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 06:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 06:45:54 GMT

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/ Frame 9D74 434 KB
33 KB 391ms
391ms XHR
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/18262327861242342046/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84edeaddf88d3f34904ea74891afe954b1f846dcf7343069a8baf88813d00a57

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 253210
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33942
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:16:13 GMT
server: sffe
date: Wed, 27 Apr 2022 10:29:41 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 10:29:41 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D74 35 KB
13 KB 155ms
152ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 06:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 06:45:54 GMT

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/ Frame DCF2 435 KB
33 KB 377ms
377ms XHR
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12864005244746916417/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f794149e916c9ad5b5332d5c081e398c6325267affbb8a45bb0f696ea64c6dcf

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 247652
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34145
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 10:16:09 GMT
server: sffe
date: Wed, 27 Apr 2022 12:02:19 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 27 Apr 2023 12:02:19 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame DCF2 35 KB
13 KB 168ms
168ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 06:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 06:45:54 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AD2A 120 KB
36 KB 322ms
322ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651059573277210"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 30 Apr 2022 08:49:51 GMT

GET
H3 200 data.json Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/ Frame C11A 98 KB
15 KB 240ms
239ms XHR
application/json 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/data.json

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/lottie_light.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43635818e56f0441bf3f1462c8f252c487197d1839a4bc3335d8e31fd1dbb6fe

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 311078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15249
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 09:50:11 GMT
server: sffe
date: Tue, 26 Apr 2022 18:25:13 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Apr 2023 18:25:13 GMT

GET
H3 200 GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js Show response
pagead2.googlesyndication.com/bg/ Frame C11A 35 KB
13 KB 153ms
153ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GHUvgzmiQbvknj20iOAF6RTQCjjR5OqNB0WELP0GoX8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 06:45:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 93837
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13639
x-xss-protection: 0
last-modified: Mon, 25 Apr 2022 12:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 29 Apr 2023 06:45:54 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame B65C 1003 B
922 B 476ms
162ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 30 Apr 2022 07:57:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 30 Apr 2022 08:49:52 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 30 Apr 2022 08:49:52 GMT

GET
DATA 200
OK truncated
/ Frame C11A 5 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b3d7ecc82076f456e17e5cf2b5c5851c0a3c33b17217d137be0bca580654349

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H2 200 pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ Frame B65C 8 KB
8 KB 624ms
154ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 19:24:53 GMT
x-content-type-options: nosniff
age: 221100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7884
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Apr 2023 19:24:53 GMT

GET

/
www.myprotein.com/ Frame 8B00
Redirect Chain

https://pubmedya.net/to2/myprotein.uk/
https://www.zenaps.com/rclick.php?mid=3196&c_len=2592000&c_ts=1651307557&c_cnt=685769%7C0%7C0%7C1651307557%7Clb_vxg8bc%7Caw%7C0&ir=17553b01-c860-11ec-9b3a-22623ec29485&pr=https%3A%2F%2Fwww.myprotei...
https://www.myprotein.com/?affil=awin&utm_content=Linkbux&utm_term=Sub+Networks&utm_source=AWin-685769&utm_medium=affiliate&utm_campaign=AffiliateWin&sv_campaign_id=685769&sv_tax1=affiliate&sv_tax2...

0
0

GET

in
www.momondo.co.uk/ Frame 8B00
Redirect Chain

https://pubmedya.net/to2/momondo.co.uk/
https://www.momondo.co.uk/in?a=tradetracker&encoder=19_4&enc_pubid=166408&enc_bid=0&enc_pid=20075&enc_refid=0%3A%3A166408%3A%3Av030300011382242b13eb2a0140fd8d4b8e763db44754%3A%3A%3A%3A1651305127&ut...

0
0

GET

/
www.kayak.co.uk/ Frame 8B00
Redirect Chain

https://pubmedya.net/to2/kayak.co.uk/
https://www.kayak.co.uk/in?a=tradetracker&encoder=19_4&enc_pubid=166408&enc_bid=0&enc_pid=32925&enc_refid=0%3A%3A166408%3A%3Av0303000113820dd099dfb12642d5a02e5d6c4f1f0236%3A%3A%3A%3A1651307543&utm_...
https://kayak.co.uk/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=166408&utm_content=32925
https://www.kayak.co.uk/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=166408&utm_content=32925

0
0

GET

/
www.stradivarius.com/gb/en/ Frame 8B00
Redirect Chain

https://pubmedya.net/to2/stradivarius.uk/
https://www.zenaps.com/rclick.php?mid=6164&c_len=604800&c_ts=1651299280&c_cnt=637513%7C0%7C0%7C1651299280%7C25455ac76dc3b2705c7e4c2d3da50af8%7Caw%7C0&ir=d1fa8a50-c84c-11ec-8f9a-2230a0859272&pr=http...
https://www.stradivarius.com/gb/en/?awc=6164_1651299280_22b351882e582657252b331e03f1d1e6&utm_source=awin&utm_medium=affiliation&utm_content=637513&utm_campaign=Affiliate_Window_Sale

0
0

GET

/
www.mandco.com/ Frame 8B00
Redirect Chain

https://pubmedya.net/to2/mandco.com/
https://www.zenaps.com/rclick.php?mid=1685&c_len=2592000&c_ts=1651302806&c_cnt=685769%7C0%7C0%7C1651302806%7Clb_vxqs42%7Caw%7C0&ir=07428ca0-c855-11ec-9b3a-22623ec29485&pr=https%3A%2F%2Fwww.mandco.c...
https://www.mandco.com/?awc=1685_1651302806_ba47462766c3a05cb397ad389e292f1f&utm_source=Linkbux&utm_medium=affiliates&utm_campaign=Affiliate%2BWindow

0
0

GET
H2

404

&awc=2174_1651302919_018d2f8a385ecbf8eb2d1fd6c4f4a50c
www.admitad.com/en/ Frame 8B00
Redirect Chain

https://pubmedya.net/to2/goldsmiths.co.uk/
https://www.zenaps.com/rclick.php?mid=2174&c_len=2592000&c_ts=1651302919&c_cnt=632098%7C0%7C0%7C1651302919%7Cbafe60bba7d3f55fe6d862a7cef021ed%7Caw%7C0&ir=4afb95e1-c855-11ec-8a8b-22638a30c8d7&pr=htt...
https://www.admitad.com/en/&awc=2174_1651302919_018d2f8a385ecbf8eb2d1fd6c4f4a50c

0
0

798ms
468ms

Script
text/html

5.187.1.114

General

Check archive.org

Show headers Download Go to

Full URL: https://www.admitad.com/en/&awc=2174_1651302919_018d2f8a385ecbf8eb2d1fd6c4f4a50c
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: H2
Server: 5.187.1.114 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Date: Sat, 30 Apr 2022 08:49:56 GMT
Allow: GET
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.admitad.com/en/&awc=2174_1651302919_018d2f8a385ecbf8eb2d1fd6c4f4a50c
Connection: keep-alive
Awin-Akamai-Rule-Set: default
Node: Helix
Strict-Transport-Security: max-age=86400
Content-Length: 0

GET /
pubmedya.net/to2/currys.co.uk-mobile/ Frame 8B00 0
0

GET /
pubmedya.net/to2/wayfair.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/tjc.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/game.co.uk/ Frame 8B00 0
0

GET

/
chaturbate.com/coy_amina/ Frame 8B00
Redirect Chain

https://chaturbate.com/in/?track=default&tour=hr8m&campaign=sgo1n
https://chaturbate.com/toproom/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0
https://chaturbate.com/coy_amina/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0

0
0

GET
H2 403 /
paxful.com/ru/ Frame 8B00 0
0 1311ms
334ms Script
text/html 2606:4700::6811:3c3a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://paxful.com/ru/?r=GzdvAoGWyQA
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:3c3a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET /
pubmedya.net/to2/schuh.co.uk/ Frame 8B00 0
0

GET
H2 200 referralaward Show response
www.peopleperhour.com/site/ Frame 8B00 0
0 1420ms
1045ms Script
text/html 18.66.248.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.peopleperhour.com/site/referralaward?rfrd=7141819.1
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-59.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 403 Home.do
www.rentalcars.com/ Frame 8B00 0
0 534ms
211ms Script
text/html 104.16.105.108
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.rentalcars.com/Home.do?affiliateCode=citylab&preflang=ru&adplat=rclink&adcamp=5hnZ1Wg50FZipqa&utm_source=ca&aip=1jf&click_id=5hnZ1Wg50FZipqa
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.105.108 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET /
pubmedya.net/to2/transfergo.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/pdsa.org.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/tedbaker.uk/ Frame 8B00 0
0

GET /
wise.com/ Frame 8B00 0
0

GET j19u1ne5
offer.alibaba.com/cps/ Frame 8B00 0
0

GET h.php
bngpt.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/lookfantastic.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/just-eat.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/converse.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/regatta.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/bulk.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/waterstones.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/vitabiotics.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/wallis.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/moonpig.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/whsmith.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/mobilephonesdirect.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/houseoffraser.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/nike.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/debenhams.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/buyagift.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/eurocarparts.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/preloved.co.uk/ Frame 8B00 0
0

GET /
www.hotelscombined.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/lights.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/cultbeauty.co.uk/ Frame 8B00 0
0

GET easy-email.htm
www.aweber.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/hotels.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/laredoute.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/iceland.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/footlocker.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/grandado.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/exantediet.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/sportsdirect.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/mylee.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/oakfurnituresuperstore.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/coursera2.org/ Frame 8B00 0
0

GET /
pubmedya.net/to2/feelunique.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/totaljobs.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/robertdyas.co.uk/ Frame 8B00 0
0

GET /
onlyfans.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/iherb.com/ Frame 8B00 0
0

GET /
www.wish.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/wickes.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/spacenk.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/flannels.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/theperfumeshop.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/missguided.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/machinemart.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/aspinaloflondon.com/ Frame 8B00 0
0

GET /
www.tomtop.com/ Frame 8B00 0
0

GET 45645645656
fansly.com/r/ Frame 8B00 0
0

GET /
creativemarket.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/popinabox.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/made.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/hotelchocolat.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/notonthehighstreet.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/diy.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/clarks.co.uk/ Frame 8B00 0
0

GET /
stripchat.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/ao.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/viator.uk/ Frame 8B00 0
0

GET register
www.binance.com/ru/ Frame 8B00 0
0

GET /
pubmedya.net/to2/jdsports.uk/ Frame 8B00 0
0

GET /
www.lightinthebox.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/loccitane.com/ Frame 8B00 0
0

GET /
www.expedia.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/hellofresh.com/ Frame 8B00 0
0

GET anatolvwyd
www.revolut.com/referral/ Frame 8B00 0
0

GET /
pubmedya.net/to2/tesco.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/burton.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/wowcher.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/talktalk.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/xe.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/dhgate/ Frame 8B00 0
0

GET /
pubmedya.net/to2/opodo.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/idmobile.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/victoriaplum.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/cdkeys.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/notino.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/lycamobile.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/vodafone.co.uk/ Frame 8B00 0
0

GET /
www.miniinthebox.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/o2.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/ancestry.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/ocado.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/voxi.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/currys.co.uk/ Frame 8B00 0
0

GET /
www.ebay.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/musclefood.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/tescomobile.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/toolstation.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/cineworld.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/zooplus.co.uk/ Frame 8B00 0
0

GET /
pubmedya.net/to2/cancerresearchuk.org/ Frame 8B00 0
0

GET /
www.thetrainline.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/discovercars.com/ Frame 8B00 0
0

GET /
www.semrush.com/ Frame 8B00 0
0

GET /
pubmedya.net/to2/joom.com/ Frame 8B00 0
0

GET /
ssense.com/ Frame 8B00 0
0

GET en-gb
www.vrbo.com/ Frame 8B00 0
0

GET krug.gif
pubmedya.net/vu/ Frame 3B0B 0
0

GET
H2 200 widget.js Show response
experience.tripster.ru/partner/ Frame 3B0B 80 KB
27 KB 664ms
196ms Script
application/javascript 51.250.76.213
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.250.76.213 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: 87193d6a6b876bffa6b573d8c56d6d1299e0c8eded54986638513b0a4bdf9e6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:53 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 10:21:46 GMT
etag: W/"626bbc3a-140a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, private, must-revalidate
x-request-id: 5119b25f283de869bbd13ef458f7f60d

GET
H/1.1 200
OK / Show response
pubmedya.net/vu/uk/ Frame 33FC 3 KB
3 KB 1823ms
161ms Document
text/html 176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pubmedya.net/vu/uk/?
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash: 67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c

Request headers

Referer: https://pubmedya.net/vu/uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sat, 30 Apr 2022 08:49:54 GMT
Server: nginx/1.12.2
Transfer-Encoding: chunked

GET
H/1.1 200
OK krug.gif
pubmedya.net/vu/ Frame 3891 16 KB
0 3941ms
314ms Image
image/gif 176.9.60.211
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmedya.net/vu/krug.gif
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.9.60.211 Weimar, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.211.60.9.176.clients.your-server.de
Software: nginx/1.12.2 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pubmedya.net/vu/uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 30 Apr 2022 08:49:57 GMT
Last-Modified: Thu, 26 Nov 2020 10:21:52 GMT
Server: nginx/1.12.2
ETag: "5fbf81c0-8858"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 34904

GET
H2 200 widget.js Show response
experience.tripster.ru/partner/ Frame 3891 80 KB
27 KB 1522ms
1521ms Script
application/javascript 51.250.76.213
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.250.76.213 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: 87193d6a6b876bffa6b573d8c56d6d1299e0c8eded54986638513b0a4bdf9e6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:53 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 10:21:46 GMT
etag: W/"626bbc3a-140a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, private, must-revalidate
x-request-id: fc66a826f0b75cb8ae9a55bd698b44fc

GET krug.gif
pubmedya.net/vu/ Frame 27A1 0
0

GET
H2 200 widget.js
experience.tripster.ru/partner/ Frame 27A1 65 KB
0 2076ms
2075ms Script
application/javascript 51.250.76.213
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313
Requested by: Host: pubmedya.net
URL: https://pubmedya.net/vu/uk/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.250.76.213 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pubmedya.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 08:49:53 GMT
content-encoding: gzip
last-modified: Fri, 29 Apr 2022 10:21:46 GMT
etag: W/"626bbc3a-140a9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=0, private, must-revalidate
x-request-id: e80fb124b2429154152d7dad0437a804

GET krug.gif
pubmedya.net/vu/ Frame 92F8 0
0

GET widget.js
experience.tripster.ru/partner/ Frame 92F8 0
0

GET krug.gif
pubmedya.net/vu/ Frame 1C54 0
0

GET widget.js
experience.tripster.ru/partner/ Frame 1C54 0
0

GET
H2 200 /
u.alicdn.com/css/6v/run/ws-mobile/core/ Frame 8E1C 4 KB
2 KB 1985ms
500ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/css/6v/run/ws-mobile/core/??core-ws.css?t=0_2f98f3abf

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&5859&cn=-&cv=671244&dp=217.138.196.106&aff_fcid=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4066fe08a8fd4a88b61a3b83a9ffedab-1651308592058-09728-_d8O2mSk&terminal_id=235f51ebd6ca480d82a669a0a45c2e55

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 0_28820d9a9
x-swift-error: orig response 5xx error
x-swift-cachetime: 27
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680424c8d52df7729dfc85f8dcd1d88a1fe
x-swift-savetime: Sun, 29 Aug 2021 19:23:55 GMT
x-readtime: 1
server-timing: rt;dur=0.003,eagleid;desc=2ff62b9616305284199971152e
content-length: 1491
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1630528420
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=23
served-from: 23.55.162.164
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9616305284199971152e, 2ff62b9816305284471731376e
expires: Sat, 30 Apr 2022 08:50:18 GMT

GET
H2 200 /
u.alicdn.com/mobile/ae/ Frame 8E1C 36 KB
12 KB 1985ms
501ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/mobile/ae/??common/header/1.0.0/header.css,common/loading/1.0.0/loading.css,common/button/1.0.0/button.css,common/footer/1.0.0/footer.css?t=11422a54e_b3e953e50

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 11422a54e_772b854e8
x-swift-error: orig response 5xx error
x-swift-cachetime: 30
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee81ba4cb5244d38feecc358da1ed5d9accc4c49cae92c66e93
x-swift-savetime: Fri, 03 Dec 2021 08:30:02 GMT
x-readtime: 1
server-timing: rt;dur=0.004,eagleid;desc=4f85b1a216388404385351787e
content-length: 11172
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638840438
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=4
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 4f85b1a216388404385351787e, 4f85b1a216388404385351787e
expires: Sat, 30 Apr 2022 08:49:59 GMT

GET jquery.js
u.alicdn.com/js/5v/we/lib/ Frame 8E1C 0
0

GET index.js
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 8E1C 0
0

GET
H2 200 mobile-atom-ams.js Show response
u.alicdn.com/js/6v/biz/common/atom-ams/ Frame 8E1C 39 KB
16 KB 2731ms
1248ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

41b54fd8e7da53469be14104144a39a348c012aee9e597ceb3b979b77d99d18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
x-swift-cachetime: 27483506
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680fb58b578374b0eb7c85f8dcd1d88a1fe
x-readtime: 2
server-timing: rt;dur=0.007,eagleid;desc=2ff62b9815900513859851264e
content-length: 16149
expires: Mon, 28 Nov 2022 03:47:42 GMT
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1590051386
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=18298667
served-from: 23.55.162.146
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9815900513859851264e, 2ff62b9a15960656978136359e
x-swift-savetime: Tue, 07 Jul 2020 06:38:00 GMT

GET page-timing.6053ce70.js
i.alicdn.com/aefe-mobile-global/timing/ Frame 8E1C 0
0

GET
H2 200 font-face.css
i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/ Frame 8E1C 124 KB
6 KB 3021ms
155ms Stylesheet
text/css 104.92.70.33

General

Check archive.org

Show headers Download Go to

Full URL

https://i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/font-face.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.70.33 -, , ASN (),

Reverse DNS

Software

Akamai Resource Optimizer /

Resource Hash

e4c08ae82c23e77fdf53506535dd7c31379a8343618b0ab1951d7f8c3d3e8d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
x-content-type-options: nosniff
x-swift-cachetime: 31140763
fw_ip: 23.218.100.80, 104.92.70.33
x-server-id: b0381a5e42020db0072a77127f27bf155e7c93143559fa037c0d4bc6cb9e0f983328d48de7b301be72f877a8d9336e5e
x-swift-savetime: Mon, 17 Jan 2022 22:05:02 GMT
network_info: US_SEATTLE_35994, GB_MANCHESTER_9009
x-readtime: 912
server-timing: rt;dur=0.917,eagleid;desc=2ff6149b16420618645378926e
content-length: 5231
x-xss-protection: 1; mode=block
last-modified: Mon, 17 Jan 2022 22:05:03 GMT
server: Akamai Resource Optimizer
date: Sat, 30 Apr 2022 08:49:57 GMT
x-download-options: noopen
ali-swift-global-savetime: 1642061865
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=22289266
served-from: 104.98.118.31
timing-allow-origin: *, *
x-new-origin: 1
eagleid: 2ff6149b16420618645378926e, 2ff6179d16424571028623967e
expires: Fri, 13 Jan 2023 08:17:43 GMT

GET index.css
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 8E1C 0
0

GET voucher.css
i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/ Frame 8E1C 0
0

GET index.css
i.alicdn.com/ae-ams-ui/1.1.1/widget/ Frame 8E1C 0
0

GET flexible.js
i.alicdn.com/ae-ams-ui/1.0.3/studio/js/ Frame 8E1C 0
0

GET HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
ae01.alicdn.com/kf/ Frame 8E1C 0
0

GET HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
ae01.alicdn.com/kf/ Frame 8E1C 0
0

GET HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
ae01.alicdn.com/kf/ Frame 8E1C 0
0

GET HTB1war4ch9YBuNjy0Ff760IsVXa9.png
ae01.alicdn.com/kf/ Frame 8E1C 0
0

GET model.js
i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/ Frame 8E1C 0
0

GET index.js
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 8E1C 0
0

GET auth-banner.js
i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/ Frame 8E1C 0
0

GET
H2 200 /
u.alicdn.com/css/6v/run/ws-mobile/core/ Frame 5771 4 KB
2 KB 2699ms
1219ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/css/6v/run/ws-mobile/core/??core-ws.css?t=0_2f98f3abf

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&39961&cn=-&cv=902807&dp=217.138.196.106&aff_fcid=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk&terminal_id=2840ad30a18d4abcba89ff512cc44133

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 0_28820d9a9
x-swift-error: orig response 5xx error
x-swift-cachetime: 27
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b6804339bf71694b0683c85f8dcd1d88a1fe
x-swift-savetime: Wed, 14 Apr 2021 11:17:22 GMT
x-readtime: 0
server-timing: rt;dur=0.003,eagleid;desc=a3b5329616335968454215285e
content-length: 1491
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1633596845
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=22
served-from: 95.101.88.36
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: a3b5329616335968454215285e, 2ff62b9e16335968679808465e
expires: Sat, 30 Apr 2022 08:50:17 GMT

GET
H2 200 /
u.alicdn.com/mobile/ae/ Frame 5771 36 KB
12 KB 1981ms
501ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/mobile/ae/??common/header/1.0.0/header.css,common/loading/1.0.0/loading.css,common/button/1.0.0/button.css,common/footer/1.0.0/footer.css?t=11422a54e_b3e953e50

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 11422a54e_772b854e8
x-swift-error: orig response 5xx error
x-swift-cachetime: 30
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee81ba4cb5244d38feecc358da1ed5d9accc4c49cae92c66e93
x-swift-savetime: Fri, 03 Dec 2021 08:30:02 GMT
x-readtime: 1
server-timing: rt;dur=0.004,eagleid;desc=4f85b1a216388404385351787e
content-length: 11172
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638840438
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=4
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 4f85b1a216388404385351787e, 4f85b1a216388404385351787e
expires: Sat, 30 Apr 2022 08:49:59 GMT

GET jquery.js
u.alicdn.com/js/5v/we/lib/ Frame 5771 0
0

GET index.js
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 5771 0
0

GET mobile-atom-ams.js
u.alicdn.com/js/6v/biz/common/atom-ams/ Frame 5771 0
0

GET page-timing.6053ce70.js
i.alicdn.com/aefe-mobile-global/timing/ Frame 5771 0
0

GET font-face.css
i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/ Frame 5771 0
0

GET index.css
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 5771 0
0

GET voucher.css
i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/ Frame 5771 0
0

GET index.css
i.alicdn.com/ae-ams-ui/1.1.1/widget/ Frame 5771 0
0

GET flexible.js
i.alicdn.com/ae-ams-ui/1.0.3/studio/js/ Frame 5771 0
0

GET HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
ae01.alicdn.com/kf/ Frame 5771 0
0

GET HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
ae01.alicdn.com/kf/ Frame 5771 0
0

GET HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
ae01.alicdn.com/kf/ Frame 5771 0
0

GET HTB1war4ch9YBuNjy0Ff760IsVXa9.png
ae01.alicdn.com/kf/ Frame 5771 0
0

GET model.js
i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/ Frame 5771 0
0

GET index.js
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 5771 0
0

GET auth-banner.js
i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/ Frame 5771 0
0

GET
H2 200 /
u.alicdn.com/css/6v/run/ws-mobile/core/ Frame 0C5E 4 KB
2 KB 2697ms
1219ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/css/6v/run/ws-mobile/core/??core-ws.css?t=0_2f98f3abf

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&32618&cn=-&cv=768739&dp=217.138.196.106&aff_fcid=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dc4b25ad88e34ea4b794e578ec641929-1651308592068-02051-_d8O2mSk&terminal_id=d131e4aad85148608a71e2e1ca326bbe

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 0_28820d9a9
x-swift-error: orig response 5xx error
x-swift-cachetime: 27
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680424c8d52df7729dfc85f8dcd1d88a1fe
x-swift-savetime: Sun, 29 Aug 2021 19:23:55 GMT
x-readtime: 1
server-timing: rt;dur=0.003,eagleid;desc=2ff62b9616305284199971152e
content-length: 1491
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1630528420
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=19
served-from: 23.55.162.164
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9616305284199971152e, 2ff62b9816305284471731376e
expires: Sat, 30 Apr 2022 08:50:14 GMT

GET
H2 200 /
u.alicdn.com/mobile/ae/ Frame 0C5E 36 KB
12 KB 1967ms
489ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/mobile/ae/??common/header/1.0.0/header.css,common/loading/1.0.0/loading.css,common/button/1.0.0/button.css,common/footer/1.0.0/footer.css?t=11422a54e_b3e953e50

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 11422a54e_772b854e8
x-swift-error: orig response 5xx error
x-swift-cachetime: 30
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee81ba4cb5244d38feecc358da1ed5d9accc4c49cae92c66e93
x-swift-savetime: Fri, 03 Dec 2021 08:30:02 GMT
x-readtime: 1
server-timing: rt;dur=0.004,eagleid;desc=4f85b1a216388404385351787e
content-length: 11172
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638840438
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=4
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 4f85b1a216388404385351787e, 4f85b1a216388404385351787e
expires: Sat, 30 Apr 2022 08:49:59 GMT

GET
H2 200 jquery.js Show response
u.alicdn.com/js/5v/we/lib/ Frame 0C5E 92 KB
33 KB 2727ms
1249ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/js/5v/we/lib/jquery.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

81ef130604ec4926d96cd5f765d1845e870ad662d39211faed6cc3d6509a3514

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 151664d7_0
x-swift-error: orig response 5xx error
x-swift-cachetime: 1800
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee803b93bdcd80cf648cc358da1ed5d9acc921c630316b46fd3
x-swift-savetime: Wed, 10 Mar 2021 20:59:23 GMT
x-readtime: 2
server-timing: rt;dur=0.007,eagleid;desc=a3b5329a16443158520614611e
content-length: 33552
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1644315852
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=333
served-from: 95.101.88.103
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: a3b5329a16443158520614611e, 2ff62b1916443159308104681e
expires: Sat, 30 Apr 2022 08:55:28 GMT

GET index.js
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 0C5E 0
0

GET
H2 200 mobile-atom-ams.js Show response
u.alicdn.com/js/6v/biz/common/atom-ams/ Frame 0C5E 39 KB
16 KB 2726ms
1249ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

41b54fd8e7da53469be14104144a39a348c012aee9e597ceb3b979b77d99d18e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
x-swift-cachetime: 27483506
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680fb58b578374b0eb7c85f8dcd1d88a1fe
x-readtime: 2
server-timing: rt;dur=0.007,eagleid;desc=2ff62b9815900513859851264e
content-length: 16149
expires: Mon, 28 Nov 2022 03:47:42 GMT
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1590051386
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=18298667
served-from: 23.55.162.146
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9815900513859851264e, 2ff62b9a15960656978136359e
x-swift-savetime: Tue, 07 Jul 2020 06:38:00 GMT

GET page-timing.6053ce70.js
i.alicdn.com/aefe-mobile-global/timing/ Frame 0C5E 0
0

GET font-face.css
i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/ Frame 0C5E 0
0

GET index.css
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 0C5E 0
0

GET voucher.css
i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/ Frame 0C5E 0
0

GET index.css
i.alicdn.com/ae-ams-ui/1.1.1/widget/ Frame 0C5E 0
0

GET flexible.js
i.alicdn.com/ae-ams-ui/1.0.3/studio/js/ Frame 0C5E 0
0

GET HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
ae01.alicdn.com/kf/ Frame 0C5E 0
0

GET HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
ae01.alicdn.com/kf/ Frame 0C5E 0
0

GET HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
ae01.alicdn.com/kf/ Frame 0C5E 0
0

GET HTB1war4ch9YBuNjy0Ff760IsVXa9.png
ae01.alicdn.com/kf/ Frame 0C5E 0
0

GET model.js
i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/ Frame 0C5E 0
0

GET index.js
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 0C5E 0
0

GET auth-banner.js
i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/ Frame 0C5E 0
0

GET
H2 200 /
u.alicdn.com/css/6v/run/ws-mobile/core/ Frame A133 4 KB
2 KB 1976ms
501ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/css/6v/run/ws-mobile/core/??core-ws.css?t=0_2f98f3abf

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&33290&cn=-&cv=156444&dp=217.138.196.106&aff_fcid=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=4298e26ac0744bacb604e9e89d474f36-1651308592451-03841-_d8O2mSk&terminal_id=335ee32ca9e74acfbbe4e4e2c1f5655b

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 0_28820d9a9
x-swift-error: orig response 5xx error
x-swift-cachetime: 27
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680424c8d52df7729dfc85f8dcd1d88a1fe
x-swift-savetime: Sun, 29 Aug 2021 19:23:55 GMT
x-readtime: 1
server-timing: rt;dur=0.003,eagleid;desc=2ff62b9616305284199971152e
content-length: 1491
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1630528420
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=19
served-from: 23.55.162.164
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9616305284199971152e, 2ff62b9816305284471731376e
expires: Sat, 30 Apr 2022 08:50:14 GMT

GET
H2 200 /
u.alicdn.com/mobile/ae/ Frame A133 36 KB
12 KB 1975ms
500ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/mobile/ae/??common/header/1.0.0/header.css,common/loading/1.0.0/loading.css,common/button/1.0.0/button.css,common/footer/1.0.0/footer.css?t=11422a54e_b3e953e50

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 11422a54e_772b854e8
x-swift-error: orig response 5xx error
x-swift-cachetime: 30
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee81ba4cb5244d38feecc358da1ed5d9accc4c49cae92c66e93
x-swift-savetime: Fri, 03 Dec 2021 08:30:02 GMT
x-readtime: 1
server-timing: rt;dur=0.004,eagleid;desc=4f85b1a216388404385351787e
content-length: 11172
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638840438
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=4
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 4f85b1a216388404385351787e, 4f85b1a216388404385351787e
expires: Sat, 30 Apr 2022 08:49:59 GMT

GET jquery.js
u.alicdn.com/js/5v/we/lib/ Frame A133 0
0

GET index.js
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame A133 0
0

GET mobile-atom-ams.js
u.alicdn.com/js/6v/biz/common/atom-ams/ Frame A133 0
0

GET page-timing.6053ce70.js
i.alicdn.com/aefe-mobile-global/timing/ Frame A133 0
0

GET font-face.css
i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/ Frame A133 0
0

GET index.css
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame A133 0
0

GET voucher.css
i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/ Frame A133 0
0

GET index.css
i.alicdn.com/ae-ams-ui/1.1.1/widget/ Frame A133 0
0

GET flexible.js
i.alicdn.com/ae-ams-ui/1.0.3/studio/js/ Frame A133 0
0

GET HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
ae01.alicdn.com/kf/ Frame A133 0
0

GET HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
ae01.alicdn.com/kf/ Frame A133 0
0

GET HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
ae01.alicdn.com/kf/ Frame A133 0
0

GET HTB1war4ch9YBuNjy0Ff760IsVXa9.png
ae01.alicdn.com/kf/ Frame A133 0
0

GET model.js
i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/ Frame A133 0
0

GET index.js
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame A133 0
0

GET auth-banner.js
i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/ Frame A133 0
0

GET
H2 200 /
u.alicdn.com/css/6v/run/ws-mobile/core/ Frame 53C9 4 KB
2 KB 2687ms
1214ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/css/6v/run/ws-mobile/core/??core-ws.css?t=0_2f98f3abf

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&34717&cn=-&cv=157598&dp=217.138.196.106&aff_fcid=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=dd54d14a3d6545bcaa6ae3c4a71dd01f-1651308592192-06894-_d8O2mSk&terminal_id=f9ee8573311a4b39a116222231a91b81

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 0_28820d9a9
x-swift-error: orig response 5xx error
x-swift-cachetime: 27
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680424c8d52df7729dfc85f8dcd1d88a1fe
x-swift-savetime: Sun, 29 Aug 2021 19:23:55 GMT
x-readtime: 1
server-timing: rt;dur=0.003,eagleid;desc=2ff62b9616305284199971152e
content-length: 1491
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1630528420
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=19
served-from: 23.55.162.164
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9616305284199971152e, 2ff62b9816305284471731376e
expires: Sat, 30 Apr 2022 08:50:14 GMT

GET
H2 200 /
u.alicdn.com/mobile/ae/ Frame 53C9 36 KB
12 KB 2688ms
1217ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/mobile/ae/??common/header/1.0.0/header.css,common/loading/1.0.0/loading.css,common/button/1.0.0/button.css,common/footer/1.0.0/footer.css?t=11422a54e_b3e953e50

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 11422a54e_772b854e8
x-swift-error: orig response 5xx error
x-swift-cachetime: 30
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee81ba4cb5244d38feecc358da1ed5d9accc4c49cae92c66e93
x-swift-savetime: Fri, 03 Dec 2021 08:30:02 GMT
x-readtime: 1
server-timing: rt;dur=0.004,eagleid;desc=4f85b1a216388404385351787e
content-length: 11172
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638840438
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=5
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 4f85b1a216388404385351787e, 4f85b1a216388404385351787e
expires: Sat, 30 Apr 2022 08:50:00 GMT

GET
H2 200 jquery.js Show response
u.alicdn.com/js/5v/we/lib/ Frame 53C9 92 KB
33 KB 2720ms
1249ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/js/5v/we/lib/jquery.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

81ef130604ec4926d96cd5f765d1845e870ad662d39211faed6cc3d6509a3514

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 151664d7_0
x-swift-error: orig response 5xx error
x-swift-cachetime: 1800
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee803b93bdcd80cf648cc358da1ed5d9acc921c630316b46fd3
x-swift-savetime: Wed, 10 Mar 2021 20:59:23 GMT
x-readtime: 2
server-timing: rt;dur=0.007,eagleid;desc=a3b5329a16443158520614611e
content-length: 33552
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1644315852
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=333
served-from: 95.101.88.103
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: a3b5329a16443158520614611e, 2ff62b1916443159308104681e
expires: Sat, 30 Apr 2022 08:55:28 GMT

GET index.js
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 53C9 0
0

GET
H2 200 mobile-atom-ams.js
u.alicdn.com/js/6v/biz/common/atom-ams/ Frame 53C9 16 KB
0 2809ms
1338ms Script
application/javascript 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
x-swift-cachetime: 27483506
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680fb58b578374b0eb7c85f8dcd1d88a1fe
x-readtime: 2
server-timing: rt;dur=0.007,eagleid;desc=2ff62b9815900513859851264e
content-length: 16149
expires: Mon, 28 Nov 2022 03:47:42 GMT
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1590051386
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=18298667
served-from: 23.55.162.146
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9815900513859851264e, 2ff62b9a15960656978136359e
x-swift-savetime: Tue, 07 Jul 2020 06:38:00 GMT

GET page-timing.6053ce70.js
i.alicdn.com/aefe-mobile-global/timing/ Frame 53C9 0
0

GET font-face.css
i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/ Frame 53C9 0
0

GET index.css
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 53C9 0
0

GET voucher.css
i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/ Frame 53C9 0
0

GET index.css
i.alicdn.com/ae-ams-ui/1.1.1/widget/ Frame 53C9 0
0

GET flexible.js
i.alicdn.com/ae-ams-ui/1.0.3/studio/js/ Frame 53C9 0
0

GET HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
ae01.alicdn.com/kf/ Frame 53C9 0
0

GET HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
ae01.alicdn.com/kf/ Frame 53C9 0
0

GET HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
ae01.alicdn.com/kf/ Frame 53C9 0
0

GET HTB1war4ch9YBuNjy0Ff760IsVXa9.png
ae01.alicdn.com/kf/ Frame 53C9 0
0

GET model.js
i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/ Frame 53C9 0
0

GET index.js
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 53C9 0
0

GET auth-banner.js
i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/ Frame 53C9 0
0

GET
H2 200 /
u.alicdn.com/css/6v/run/ws-mobile/core/ Frame 93E6 4 KB
2 KB 2684ms
1216ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/css/6v/run/ws-mobile/core/??core-ws.css?t=0_2f98f3abf

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&41339&cn=-&cv=280575&dp=217.138.196.106&aff_fcid=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=790a8427c9e74bb78640b6cd626b4247-1651308592047-07947-_d8O2mSk&terminal_id=126b46be60c04d71adc0126b92214142

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 0_28820d9a9
x-swift-error: orig response 5xx error
x-swift-cachetime: 27
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680424c8d52df7729dfc85f8dcd1d88a1fe
x-swift-savetime: Sun, 29 Aug 2021 19:23:55 GMT
x-readtime: 1
server-timing: rt;dur=0.003,eagleid;desc=2ff62b9616305284199971152e
content-length: 1491
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1630528420
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=19
served-from: 23.55.162.164
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9616305284199971152e, 2ff62b9816305284471731376e
expires: Sat, 30 Apr 2022 08:50:14 GMT

GET
H2 200 /
u.alicdn.com/mobile/ae/ Frame 93E6 36 KB
12 KB 2683ms
1215ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/mobile/ae/??common/header/1.0.0/header.css,common/loading/1.0.0/loading.css,common/button/1.0.0/button.css,common/footer/1.0.0/footer.css?t=11422a54e_b3e953e50

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 11422a54e_772b854e8
x-swift-error: orig response 5xx error
x-swift-cachetime: 30
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee81ba4cb5244d38feecc358da1ed5d9accc4c49cae92c66e93
x-swift-savetime: Fri, 03 Dec 2021 08:30:02 GMT
x-readtime: 1
server-timing: rt;dur=0.004,eagleid;desc=4f85b1a216388404385351787e
content-length: 11172
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638840438
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=5
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 4f85b1a216388404385351787e, 4f85b1a216388404385351787e
expires: Sat, 30 Apr 2022 08:50:00 GMT

GET jquery.js
u.alicdn.com/js/5v/we/lib/ Frame 93E6 0
0

GET index.js
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 93E6 0
0

GET mobile-atom-ams.js
u.alicdn.com/js/6v/biz/common/atom-ams/ Frame 93E6 0
0

GET page-timing.6053ce70.js
i.alicdn.com/aefe-mobile-global/timing/ Frame 93E6 0
0

GET font-face.css
i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/ Frame 93E6 0
0

GET index.css
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 93E6 0
0

GET voucher.css
i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/ Frame 93E6 0
0

GET index.css
i.alicdn.com/ae-ams-ui/1.1.1/widget/ Frame 93E6 0
0

GET flexible.js
i.alicdn.com/ae-ams-ui/1.0.3/studio/js/ Frame 93E6 0
0

GET HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
ae01.alicdn.com/kf/ Frame 93E6 0
0

GET HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
ae01.alicdn.com/kf/ Frame 93E6 0
0

GET HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
ae01.alicdn.com/kf/ Frame 93E6 0
0

GET HTB1war4ch9YBuNjy0Ff760IsVXa9.png
ae01.alicdn.com/kf/ Frame 93E6 0
0

GET model.js
i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/ Frame 93E6 0
0

GET index.js
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 93E6 0
0

GET auth-banner.js
i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/ Frame 93E6 0
0

GET
H2 200 /
u.alicdn.com/css/6v/run/ws-mobile/core/ Frame 829B 4 KB
2 KB 2682ms
1216ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/css/6v/run/ws-mobile/core/??core-ws.css?t=0_2f98f3abf

Requested by

Host: sale.aliexpress.com
URL: https://sale.aliexpress.com/__mobile/coupon_aliexpress.htm?af=a&87666&cn=-&cv=628906&dp=217.138.196.106&aff_fcid=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&aff_fsk=_d8O2mSk&aff_platform=portals-tool&sk=_d8O2mSk&aff_trace_key=1ecb1c9939f34335922b6e0e52ee1245-1651308592069-00236-_d8O2mSk&terminal_id=e4cd0885a5de4f7c88408b5bbd4e5baa

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 0_28820d9a9
x-swift-error: orig response 5xx error
x-swift-cachetime: 27
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325124867fc2ee7b680424c8d52df7729dfc85f8dcd1d88a1fe
x-swift-savetime: Sun, 29 Aug 2021 19:23:55 GMT
x-readtime: 1
server-timing: rt;dur=0.003,eagleid;desc=2ff62b9616305284199971152e
content-length: 1491
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1630528420
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=19
served-from: 23.55.162.164
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 2ff62b9616305284199971152e, 2ff62b9816305284471731376e
expires: Sat, 30 Apr 2022 08:50:14 GMT

GET
H2 200 /
u.alicdn.com/mobile/ae/ Frame 829B 36 KB
12 KB 2689ms
1224ms Stylesheet
text/css 104.92.106.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://u.alicdn.com/mobile/ae/??common/header/1.0.0/header.css,common/loading/1.0.0/loading.css,common/button/1.0.0/button.css,common/footer/1.0.0/footer.css?t=11422a54e_b3e953e50

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

104.92.106.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-92-106-193.deploy.static.akamaitechnologies.com

Software

Tengine /

Resource Hash

76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://sale.aliexpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=0
content-encoding: gzip
etag: 11422a54e_772b854e8
x-swift-error: orig response 5xx error
x-swift-cachetime: 30
fw_ip: 104.92.106.193
x-server-id: 5dd621d318911325a05c259270f04ee81ba4cb5244d38feecc358da1ed5d9accc4c49cae92c66e93
x-swift-savetime: Fri, 03 Dec 2021 08:30:02 GMT
x-readtime: 1
server-timing: rt;dur=0.004,eagleid;desc=4f85b1a216388404385351787e
content-length: 11172
last-modified: Mon, 26 Mar 2018 06:55:57 GMT
server: Tengine
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Encoding
ali-swift-global-savetime: 1638840438
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: FW_IP
cache-control: max-age=5
served-from: 95.101.88.109
timing-allow-origin: *, *, *
network_info: GB_MANCHESTER_9009
eagleid: 4f85b1a216388404385351787e, 4f85b1a216388404385351787e
expires: Sat, 30 Apr 2022 08:50:00 GMT

GET jquery.js
u.alicdn.com/js/5v/we/lib/ Frame 829B 0
0

GET index.js
i.alicdn.com/ae-ams-ui/1.1.0/widget/ Frame 829B 0
0

GET mobile-atom-ams.js
u.alicdn.com/js/6v/biz/common/atom-ams/ Frame 829B 0
0

GET page-timing.6053ce70.js
i.alicdn.com/aefe-mobile-global/timing/ Frame 829B 0
0

GET font-face.css
i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/ Frame 829B 0
0

GET index.css
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 829B 0
0

GET voucher.css
i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/ Frame 829B 0
0

GET index.css
i.alicdn.com/ae-ams-ui/1.1.1/widget/ Frame 829B 0
0

GET flexible.js
i.alicdn.com/ae-ams-ui/1.0.3/studio/js/ Frame 829B 0
0

GET HTB1pXjWceOSBuNjy0Fd762DnVXaq.png
ae01.alicdn.com/kf/ Frame 829B 0
0

GET HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png
ae01.alicdn.com/kf/ Frame 829B 0
0

GET HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png
ae01.alicdn.com/kf/ Frame 829B 0
0

GET HTB1war4ch9YBuNjy0Ff760IsVXa9.png
ae01.alicdn.com/kf/ Frame 829B 0
0

GET model.js
i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/ Frame 829B 0
0

GET index.js
i.alicdn.com/ae-game/1.1.0/fun/activities/member/ Frame 829B 0
0

GET auth-banner.js
i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/ Frame 829B 0
0

GET krug.gif
pubmedya.net/vu/ Frame 7A74 0
0

GET widget.js
experience.tripster.ru/partner/ Frame 7A74 0
0

GET krug.gif
pubmedya.net/vu/ Frame FEDE 0
0

GET widget.js
experience.tripster.ru/partner/ Frame FEDE 0
0

GET krug.gif
pubmedya.net/vu/ Frame 0E29 0
0

GET widget.js
experience.tripster.ru/partner/ Frame 0E29 0
0

POST
H2 200 / Show response
experience.tripster.ru/partner/geo_detect/ Frame 3B0B 63 B
519 B 203ms
202ms XHR
application/json 51.250.76.213
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tripster.ru/partner/geo_detect/
Requested by: Host: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.250.76.213 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: ef677482cd1c090c4ad00d991e2816132a23ba0d082a6e381e3da4ec552f17d5

Request headers

Referer: https://pubmedya.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 30 Apr 2022 08:49:55 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Language
access-control-allow-methods: GET, POST, OPTIONS
content-language: ru
access-control-allow-origin: *
access-control-max-age: 84600
content-type: application/json
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,X-Auth-Token,X-CSRF-Token,x-requested-with
x-request-id: 03111a3f4f4688369eded4de9e6cfcf2

OPTIONS
H2 200 /
experience.tripster.ru/partner/geo_detect/ Frame 0
0 840ms
200ms Preflight
text/html 51.250.76.213
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tripster.ru/partner/geo_detect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.250.76.213 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pubmedya.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,X-Auth-Token,X-CSRF-Token,x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 84600
content-language: ru
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Language
x-request-id: 1756af6c47040ac927a9b8eebbd8bbc8

GET krug.gif
pubmedya.net/vu/ Frame 33FC 0
0

GET widget.js
experience.tripster.ru/partner/ Frame 33FC 0
0

GET krug.gif
pubmedya.net/vu/ Frame E346 0
0

GET widget.js
experience.tripster.ru/partner/ Frame E346 0
0

GET /
experience.tripster.ru/partner/ Frame 6B9D 0
0

POST
H2 200 / Show response
experience.tripster.ru/partner/geo_detect/ Frame 3891 63 B
520 B 1033ms
1032ms XHR
application/json 51.250.76.213
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tripster.ru/partner/geo_detect/
Requested by: Host: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.250.76.213 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash: ef677482cd1c090c4ad00d991e2816132a23ba0d082a6e381e3da4ec552f17d5

Request headers

Referer: https://pubmedya.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 30 Apr 2022 08:49:55 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Language
access-control-allow-methods: GET, POST, OPTIONS
content-language: ru
access-control-allow-origin: *
access-control-max-age: 84600
content-type: application/json
access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,X-Auth-Token,X-CSRF-Token,x-requested-with
x-request-id: 5c759a43d3d17d55edf496aed6f43df1

OPTIONS
H2 200 /
experience.tripster.ru/partner/geo_detect/ Frame 0
0 201ms
200ms Preflight
text/html 51.250.76.213
YANDEXCLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://experience.tripster.ru/partner/geo_detect/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.250.76.213 , Russian Federation, ASN200350 (YANDEXCLOUD, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://pubmedya.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: Origin,X-Requested-With,Content-Type,Accept,X-Auth-Token,X-CSRF-Token,x-requested-with
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 84600
content-language: ru
content-length: 0
content-type: text/html; charset=utf-8
date: Sat, 30 Apr 2022 08:49:55 GMT
vary: Accept-Language
x-request-id: d3317c80306b9809a3b8d3a3518b60e5

GET /
experience.tripster.ru/partner/ Frame 59A4 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&5332&cn=-&cv=164645&dp=217.138.196.106&aff_fcid=fb77b25627a842f3be88d5b8bd856f81-1651308592076-09568-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=fb77b25627a842f3be88d5b8bd856f81-1651308592076-09568-_AtqYLP&terminal_id=3d96f18f617c4cb0a22af1103b6683d0

Domain: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6462&cn=-&cv=269771&dp=217.138.196.106&aff_fcid=0d39a0e40ac444eeb87fa133c012dfdb-1651308592067-05372-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=0d39a0e40ac444eeb87fa133c012dfdb-1651308592067-05372-_AtqYLP&terminal_id=b4d53c0c590f4eff94300894713fea84

Domain: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&3940&cn=-&cv=373460&dp=217.138.196.106&aff_fcid=ced1a6e6f7a64484aafe9a890138feeb-1651308592348-08478-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=ced1a6e6f7a64484aafe9a890138feeb-1651308592348-08478-_AtqYLP&terminal_id=f23fd95e57ad4cdc98c5e637fee0e160

Domain: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&6881&cn=-&cv=498013&dp=217.138.196.106&aff_fcid=8c37397dce4a4e1892502f9c67cfae82-1651308592076-00844-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=8c37397dce4a4e1892502f9c67cfae82-1651308592076-00844-_AtqYLP&terminal_id=61cc1fcf8ede4ffdbc18bc53f1445810

Domain: pubmedya.net
URL: https://pubmedya.net/vu/uk/

Domain: sale.aliexpress.ru
URL: https://sale.aliexpress.ru/ru/__pc/continuation_default.htm?af=a&4273&cn=-&cv=18807&dp=217.138.196.106&aff_fcid=69ca6ac3cac7487a818e873382399663-1651308592199-03181-_AtqYLP&tt=CPS_NORMAL&aff_fsk=_AtqYLP&aff_platform=portals-tool&sk=_AtqYLP&aff_trace_key=69ca6ac3cac7487a818e873382399663-1651308592199-03181-_AtqYLP&terminal_id=9402f65d03874a6eb87d4c8b2a7632eb

Domain: www.myprotein.com
URL: https://www.myprotein.com/?affil=awin&utm_content=Linkbux&utm_term=Sub+Networks&utm_source=AWin-685769&utm_medium=affiliate&utm_campaign=AffiliateWin&sv_campaign_id=685769&sv_tax1=affiliate&sv_tax2=&sv_tax3=Linkbux&sv_tax4=0&awc=3196_1651307557_159dbdb23610989756d178c5ca229e12

Domain: www.momondo.co.uk
URL: https://www.momondo.co.uk/in?a=tradetracker&encoder=19_4&enc_pubid=166408&enc_bid=0&enc_pid=20075&enc_refid=0%3A%3A166408%3A%3Av030300011382242b13eb2a0140fd8d4b8e763db44754%3A%3A%3A%3A1651305127&utm_source=tradetracker&utm_medium=affiliate&utm_campaign=166408&utm_content=20075&url=https%3A%2F%2Fwww.momondo.co.uk%2F

Domain: www.kayak.co.uk
URL: https://www.kayak.co.uk/?utm_source=tradetracker&utm_medium=affiliate&utm_campaign=166408&utm_content=32925

Domain: www.stradivarius.com
URL: https://www.stradivarius.com/gb/en/?awc=6164_1651299280_22b351882e582657252b331e03f1d1e6&utm_source=awin&utm_medium=affiliation&utm_content=637513&utm_campaign=Affiliate_Window_Sale

Domain: www.mandco.com
URL: https://www.mandco.com/?awc=1685_1651302806_ba47462766c3a05cb397ad389e292f1f&utm_source=Linkbux&utm_medium=affiliates&utm_campaign=Affiliate%2BWindow

Domain: pubmedya.net
URL: https://pubmedya.net/to2/currys.co.uk-mobile/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/wayfair.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/tjc.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/game.co.uk/

Domain: chaturbate.com
URL: https://chaturbate.com/coy_amina/?join_overlay=1&tour=hr8m&campaign=sgo1n&disable_sound=0

Domain: pubmedya.net
URL: https://pubmedya.net/to2/schuh.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/transfergo.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/pdsa.org.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/tedbaker.uk/

Domain: wise.com
URL: https://wise.com/?clickref=1011ljdBMMod&partnerID=1100l95727&utm_medium=affiliate&utm_campaign=0&adref=&utm_source=phgagru&partnerizecampaignID=1011l727

Domain: offer.alibaba.com
URL: https://offer.alibaba.com/cps/j19u1ne5?bm=cps&src=saf&tp1=dcc280700cca7e497ce8b4b8c7021ca3&pid=656490

Domain: bngpt.com
URL: https://bngpt.com/h.php?v=2&c=287325

Domain: pubmedya.net
URL: https://pubmedya.net/to2/lookfantastic.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/just-eat.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/converse.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/regatta.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/bulk.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/waterstones.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/vitabiotics.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/wallis.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/moonpig.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/whsmith.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/mobilephonesdirect.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/houseoffraser.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/nike.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/debenhams.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/buyagift.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/eurocarparts.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/preloved.co.uk/

Domain: www.hotelscombined.com
URL: https://www.hotelscombined.com/?a_aid=172493

Domain: pubmedya.net
URL: https://pubmedya.net/to2/lights.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/cultbeauty.co.uk/

Domain: www.aweber.com
URL: https://www.aweber.com/easy-email.htm?id=473824

Domain: pubmedya.net
URL: https://pubmedya.net/to2/hotels.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/laredoute.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/iceland.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/footlocker.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/grandado.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/exantediet.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/sportsdirect.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/mylee.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/oakfurnituresuperstore.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/coursera2.org/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/feelunique.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/totaljobs.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/robertdyas.co.uk/

Domain: onlyfans.com
URL: https://onlyfans.com/?ref=231505760

Domain: pubmedya.net
URL: https://pubmedya.net/to2/iherb.com/

Domain: www.wish.com
URL: https://www.wish.com/?irclickid=SDrwIiQpAxyIULdz3f1lRXomUkGST7XGc0o4VQ0&irgwc=1&utm_source=Impact&from_ad=1234031

Domain: pubmedya.net
URL: https://pubmedya.net/to2/wickes.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/spacenk.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/flannels.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/theperfumeshop.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/missguided.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/machinemart.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/aspinaloflondon.com/

Domain: www.tomtop.com
URL: https://www.tomtop.com/?aid=agru

Domain: fansly.com
URL: https://fansly.com/r/45645645656

Domain: creativemarket.com
URL: https://creativemarket.com/?U=agrus

Domain: pubmedya.net
URL: https://pubmedya.net/to2/popinabox.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/made.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/hotelchocolat.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/notonthehighstreet.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/diy.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/clarks.co.uk/

Domain: stripchat.com
URL: https://stripchat.com/?affiliateId=73b0fbd3ee36ead2b74e59d3464a7035c57d58262dabefced6d54007bc244727

Domain: pubmedya.net
URL: https://pubmedya.net/to2/ao.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/viator.uk/

Domain: www.binance.com
URL: https://www.binance.com/ru/register?ref=KZTDOPQP

Domain: pubmedya.net
URL: https://pubmedya.net/to2/jdsports.uk/

Domain: www.lightinthebox.com
URL: https://www.lightinthebox.com/?utm_campaign=irpid&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=xVl3lzQpFxyIULdz3f1lRXomUkGST4xGc0o4VQ0&irgwc=1

Domain: pubmedya.net
URL: https://pubmedya.net/to2/loccitane.com/

Domain: www.expedia.co.uk
URL: https://www.expedia.co.uk/?clickref=1011ljdBSba4&affcid=UK.DIRECT.PHG.1100l95727.0&ref_id=1011ljdBSba4&my_ad=AFF.UK.DIRECT.PHG.1100l95727.0&afflid=1011ljdBSba4

Domain: pubmedya.net
URL: https://pubmedya.net/to2/hellofresh.com/

Domain: www.revolut.com
URL: https://www.revolut.com/referral/anatolvwyd

Domain: pubmedya.net
URL: https://pubmedya.net/to2/tesco.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/burton.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/wowcher.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/talktalk.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/xe.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/dhgate/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/opodo.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/idmobile.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/victoriaplum.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/cdkeys.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/notino.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/lycamobile.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/vodafone.co.uk/

Domain: www.miniinthebox.com
URL: https://www.miniinthebox.com/?utm_campaign=1398851&utm_content=Indoleads2019&utm_source=gan&utm_medium=affiliate&litb_from=affiliate_gan&clickid=2E3zCvQpsxyIULdz3f1lRXomUkGSQxz%3Ac0o4VQ0&irgwc=1

Domain: pubmedya.net
URL: https://pubmedya.net/to2/o2.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/ancestry.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/ocado.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/voxi.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/currys.co.uk/

Domain: www.ebay.co.uk
URL: https://www.ebay.co.uk/?mkcid=1&mkrid=710-53481-19255-0&siteid=3&campid=5338698442&toolid=10001&mkevt=1&customid=140-OBS-626294e608ad0140

Domain: pubmedya.net
URL: https://pubmedya.net/to2/musclefood.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/tescomobile.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/toolstation.com/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/cineworld.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/zooplus.co.uk/

Domain: pubmedya.net
URL: https://pubmedya.net/to2/cancerresearchuk.org/

Domain: www.thetrainline.com
URL: https://www.thetrainline.com/?phcode=1100l95727.&utm_campaign=phgagru&utm_medium=affiliate&utm_source=network&cm=0a1e.1100l95727&phcam=1100l229&~campaign_id=1100l229&~click_id=1101ljda7kdq

Domain: pubmedya.net
URL: https://pubmedya.net/to2/discovercars.com/

Domain: www.semrush.com
URL: https://www.semrush.com/?ref=2017024630&refer_source=&utm_source=berush&utm_medium=promo&utm_campaign=link_other

Domain: pubmedya.net
URL: https://pubmedya.net/to2/joom.com/

Domain: ssense.com
URL: https://ssense.com/?clickref=1100ljcQvZI4&utm_source=PH_1011l20576&utm_medium=affiliate&utm_content=0&utm_term=&utm_campaign=656490

Domain: www.vrbo.com
URL: https://www.vrbo.com/en-gb?CID=a_ph_6&utm_source=aff_ph&utm_medium=partner&utm_campaign=phgagru_1101l254&utm_content=0&k_clickid=1101ljda73n3

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/5v/we/lib/jquery.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/aefe-mobile-global/timing/page-timing.6053ce70.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/voucher.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/js/flexible.js

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1pXjWceOSBuNjy0Fd762DnVXaq.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1war4ch9YBuNjy0Ff760IsVXa9.png

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/model.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/auth-banner.js

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/5v/we/lib/jquery.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Domain: i.alicdn.com
URL: https://i.alicdn.com/aefe-mobile-global/timing/page-timing.6053ce70.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/font-face.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/voucher.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/js/flexible.js

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1pXjWceOSBuNjy0Fd762DnVXaq.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1war4ch9YBuNjy0Ff760IsVXa9.png

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/model.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/auth-banner.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/aefe-mobile-global/timing/page-timing.6053ce70.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/font-face.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/voucher.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/js/flexible.js

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1pXjWceOSBuNjy0Fd762DnVXaq.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1war4ch9YBuNjy0Ff760IsVXa9.png

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/model.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/auth-banner.js

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/5v/we/lib/jquery.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Domain: i.alicdn.com
URL: https://i.alicdn.com/aefe-mobile-global/timing/page-timing.6053ce70.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/font-face.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/voucher.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/js/flexible.js

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1pXjWceOSBuNjy0Fd762DnVXaq.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1war4ch9YBuNjy0Ff760IsVXa9.png

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/model.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/auth-banner.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/aefe-mobile-global/timing/page-timing.6053ce70.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/font-face.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/voucher.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/js/flexible.js

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1pXjWceOSBuNjy0Fd762DnVXaq.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1war4ch9YBuNjy0Ff760IsVXa9.png

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/model.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/auth-banner.js

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/5v/we/lib/jquery.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Domain: i.alicdn.com
URL: https://i.alicdn.com/aefe-mobile-global/timing/page-timing.6053ce70.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/font-face.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/voucher.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/js/flexible.js

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1pXjWceOSBuNjy0Fd762DnVXaq.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1war4ch9YBuNjy0Ff760IsVXa9.png

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/model.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/auth-banner.js

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/5v/we/lib/jquery.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.0/widget/index.js

Domain: u.alicdn.com
URL: https://u.alicdn.com/js/6v/biz/common/atom-ams/mobile-atom-ams.js?v=2017-04-25

Domain: i.alicdn.com
URL: https://i.alicdn.com/aefe-mobile-global/timing/page-timing.6053ce70.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/css/font-face/font-face.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/coupon-spree/voucher.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/index.css

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.0.3/studio/js/flexible.js

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1pXjWceOSBuNjy0Fd762DnVXaq.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1p1f0cf1TBuNjy0Fj761jyXXaK.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1bvVpcCBYBeNjy0Fe762nmFXaw.png

Domain: ae01.alicdn.com
URL: https://ae01.alicdn.com/kf/HTB1war4ch9YBuNjy0Ff760IsVXa9.png

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-ams-ui/1.1.1/widget/menu/model.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-game/1.1.0/fun/activities/member/index.js

Domain: i.alicdn.com
URL: https://i.alicdn.com/ae-channel-ui/1.1.0/material/auth-banner/auth-banner.js

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313

Domain: pubmedya.net
URL: https://pubmedya.net/vu/krug.gif

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/widget.js?template=horizontal-list&order=top&width=100%25&num=1&font_size=small&version=2&partner=touristiktales&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/?template=horizontal-list&partner=touristiktales&order=top&num=1&font_size=small&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313&version=2&is_context=true

Domain: experience.tripster.ru
URL: https://experience.tripster.ru/partner/?template=horizontal-list&partner=touristiktales&order=top&num=1&font_size=small&features=nolistbutton%2Cnotitle&script_id=tripster-widget-158313&version=2&is_context=true

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.way2self.in.ua/	1970-01-20 11:27:24	Name: _ym_uid Value: 1651308585497765218
.way2self.in.ua/	1970-01-20 11:27:24	Name: _ym_d Value: 1651308585
.way2self.in.ua/	1970-01-20 20:13:00	Name: _ga Value: GA1.3.598413088.1651308586
.way2self.in.ua/	1970-01-20 02:43:14	Name: _gid Value: GA1.3.161590079.1651308586
.way2self.in.ua/	1970-01-20 02:41:48	Name: _gat Value: 1
.yandex.ru/	1970-01-20 11:27:24	Name: ymex Value: 1682844585.yrts.1651308585#1682844585.yrtsi.1651308585
.yandex.ru/	1970-01-20 11:27:24	Name: yandexuid Value: 9881315701651308585
.yandex.ru/	1970-01-20 11:27:24	Name: yuidss Value: 9881315701651308585
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 776776771651308585
.yandex.ru/	1970-01-23 18:17:48	Name: i Value: 7PnfCXTNjKHpk1KO/Y4lUSHGDiBogqhliDuV2mEI/jWWC7Ae6uL0lzLxmmdUwutZHZBjSMsMkQs/v4q1qkQiwZ2gSPA=
.way2self.in.ua/	1970-01-20 02:41:50	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 12:03:24	Name: IDE Value: AHWqTUlo6P-_bJaTMdBigmMhskXKdrvWfK1KeiwaQ5dD1bYFrBrJzJHylH2e32k11b4
.way2self.in.ua/	1970-01-20 02:43:00	Name: _ym_isad Value: 2
.way2self.in.ua/	1970-01-20 12:03:24	Name: __gads Value: ID=c7eefdbdc9e567a5-22f94b4c88cd000e:T=1651308588:RT=1651308588:S=ALNI_MZIRkDui7ZEkQcpIGzNuP_Tr-xMWw
.mc.webvisor.org/	1970-01-20 02:41:49	Name: sync_cookie_csrf Value: 220554846fake
.doubleclick.net/	1970-01-20 02:41:52	Name: DSID Value: NO_DATA
.mc.yandex.ru/	1970-01-20 02:41:49	Name: sync_cookie_csrf Value: 1007924423fake
.webvisor.org/	1970-01-27 09:53:48	Name: yandexuid Value: 9881315701651308585
.webvisor.org/	1970-01-27 09:53:48	Name: yuidss Value: 9881315701651308585
.mc.webvisor.org/	1970-01-20 02:43:14	Name: sync_cookie_ok Value: synced
.aliexpress.com/	1970-02-13 23:13:12	Name: af_ss_a Value: 1
.aliexpress.com/	1970-02-13 23:13:12	Name: xman_us_f Value: x_l=0&x_as_i=%7B%22aeuCID%22%3A%224742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk%22%2C%22af%22%3A%22a%22%2C%22affiliateKey%22%3A%22_d8O2mSk%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22716815331%22%2C%22tagtime%22%3A1651308592475%7D&acs_rt=2840ad30a18d4abcba89ff512cc44133
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=nddsyfdqjey&acs_rt=2840ad30a18d4abcba89ff512cc44133
.aliexpress.com/	1970-02-13 23:13:12	Name: aeu_cid Value: 4742f74f54e74122837c87d804755af0-1651308592475-00686-_d8O2mSk
.aliexpress.com/	1970-01-20 04:51:24	Name: xman_t Value: iTrvIxIwuaVPhIEiw7fZtrP8Z/PqkKXP0+zdQyi+VcLoniE+FQQlOzWcUHXmq+k+
.aliexpress.com/	1970-02-13 23:13:12	Name: xman_f Value: zN44AIiNDDp1FXAxo4yyCeqVF/BiipHfGzJqTLw8WX4N55SCLek2LuY14K0S+F0KKHBaG6jAIuOpLOAuucHW3ATeqCMZwgAJ/i85VTwLTo2uVEEqpV/hoQ==
.paxful.com/	1970-01-20 02:41:50	Name: __cf_bm Value: eVb86Dhq0p_6Wn1sNlPs1lf.RgSHuoVM.vD1.kz5bdQ-1651308593-0-Ae6hqTTly0m+jcDLj2FCArqhp3l2l5/c3R/rTbqYOEi8Sg1lWVT/79xBYDbRK9Z4ccUyM4lpp7EStFUZxzBwofw=
.zenaps.com/	1970-01-20 03:24:59	Name: aw3196 Value: 685769\|0\|0\|1651307557\|lb_vxg8bc\|aw\|0
.zenaps.com/	1970-01-20 11:27:24	Name: bId Value: HLEX_626cf425f9d6c0.56858870
.zenaps.com/	1970-01-20 02:51:44	Name: aw6164 Value: 637513\|0\|0\|1651299280\|25455ac76dc3b2705c7e4c2d3da50af8\|aw\|0

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://leokross.com/_yMj/LQ.js Message: Failed to load resource: the server responded with a status of 504 (Gateway Time-out)
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1539589843022629251/728x90/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://paxful.com/ru/?r=GzdvAoGWyQA Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.rentalcars.com/Home.do?affiliateCode=citylab&preflang=ru&adplat=rclink&adcamp=5hnZ1Wg50FZipqa&utm_source=ca&aip=1jf&click_id=5hnZ1Wg50FZipqa Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.admitad.com/en/&awc=2174_1651302919_018d2f8a385ecbf8eb2d1fd6c4f4a50c Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
ae01.alicdn.com
bituk.media
bngpt.com
buki-repetitor.ru
cat.fr.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
chaturbate.com
coincryptobase.com
connect.facebook.net
creativemarket.com
csm.eu.criteo.net
dachnaideya.cx.ua
ddyipu.com
experience.tripster.ru
fansly.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.alicdn.com
img-cdn.tinkoffjournal.ru
informer.yandex.ru
leokross.com
mc.webvisor.org
mc.yandex.ru
megatrade-sm.com.ua
odnaknopka.ru
offer.alibaba.com
onlyfans.com
pagead2.googlesyndication.com
partner.googleadservices.com
paxful.com
pix.eu.criteo.net
podosinki.su
presa.com.ua
pubmedya.net
rtb.nl.eu.criteo.com
ru.childdevelop.com.ua
s.click.aliexpress.com
s.luxadv.com
sale.aliexpress.com
sale.aliexpress.ru
share.itraffic.su
ssense.com
static.criteo.net
stripchat.com
sundays.by
tpc.googlesyndication.com
tsystatic.com
u.alicdn.com
way2self.in.ua
webcache.pp.ua
wise.com
wpg.com.ua
www.admitad.com
www.aweber.com
www.binance.com
www.ebay.co.uk
www.expedia.co.uk
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.hotelscombined.com
www.kayak.co.uk
www.lightinthebox.com
www.mandco.com
www.miniinthebox.com
www.momondo.co.uk
www.myprotein.com
www.peopleperhour.com
www.podosinki.su
www.rentalcars.com
www.revolut.com
www.semrush.com
www.stradivarius.com
www.thetrainline.com
www.tomtop.com
www.vrbo.com
www.way2self.in.ua
www.wish.com
www.zenaps.com
ae01.alicdn.com
bngpt.com
chaturbate.com
creativemarket.com
experience.tripster.ru
fansly.com
i.alicdn.com
offer.alibaba.com
onlyfans.com
pubmedya.net
sale.aliexpress.ru
ssense.com
stripchat.com
u.alicdn.com
wise.com
www.aweber.com
www.binance.com
www.ebay.co.uk
www.expedia.co.uk
www.hotelscombined.com
www.kayak.co.uk
www.lightinthebox.com
www.mandco.com
www.miniinthebox.com
www.momondo.co.uk
www.myprotein.com
www.revolut.com
www.semrush.com
www.stradivarius.com
www.thetrainline.com
www.tomtop.com
www.vrbo.com
www.wish.com
104.16.105.108
104.16.85.20
104.17.25.14
104.92.106.193
104.92.70.33
104.92.93.175
104.92.93.177
104.92.94.3
109.248.237.51
116.202.113.101
142.132.202.70
142.250.186.130
142.251.36.70
168.119.0.153
176.9.60.211
178.172.137.201
178.250.0.139
178.250.0.160
178.250.0.162
18.66.248.59
185.230.90.30
185.233.39.242
2606:4700:3030::ac43:c5d9
2606:4700:3033::ac43:9890
2606:4700::6811:3c3a
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:813::200a
2a00:1450:4001:827::2004
2a00:1450:4001:829::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a00:7a60:0:10c3::1
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:f480:1:26::70
2a06:98c1:3120::7
5.187.1.114
51.250.76.213
62.76.25.28
79.171.117.17
80.239.201.14
91.218.215.18
92.223.84.84
0382aaad6eb14c49bc35e75fee3ac688a58a8b0b3816e0802cf053b4a615e310
041d0bfd5e5587f4e66e409ad9205d2ed8ead9582e3afb98611044380816108e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bf6834126fd32f1ec14789424b4f0cc235b0eda5bfa5ef68e584edfa61ae4b6
142d7e946013c923e6530d5ac543354d09611339c9b8093282f5dcae721aaaff
154d6b9ef9acb788970a8dd3ea34b2e752356cb3dccf87f69f5dcaaf6547ef99
17830f4c96e1949e1d48c60c12ce45533ed0276f1310ebc083acc2c59a280af3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18752f8339a241bbe49e3db488e005e914d00a38d1e4ea8d0745842cfd06a17f
1bc8314a3fb450be488102f1b27f308f275558b1bd407fb1b2bf2c27a7928cb5
1eeb9d4370c5ea929aee4a703e51e63dd4c8298a062a97f79fdca162a1597ed3
2101735d43a8d486dbc5139500a78420766cc673a3610363ce9525526c3f5149
268c5b455cc3e0262a6d8c1c329c2ba7bd486db39905fa71692df5ade8eddd2c
27008ef6af777bd6183b0d9c556e6a354eb66d5fa6cf3c899a36c34fc0511c6a
29af6f3c9ffdd98527789fc73f96e7e3306c23ed743a10836c1a13d10ba3977f
2cbfb8eac193f3325495d86e589b56966ab2c637fb970bb7f92267f004902e65
2e1756687cc640b4cbd61e803317d788794f20bb68feb0b823f7dc7c6bc48014
32c9f1d616517c03be6af8f10a4f51c2b3e3be0eaf62255d9c6cb1cf114f8891
3a8d61ec4f9d08132d1e4d1dcd8fbf220c50d294ce07242737bc315562f2880d
3da102648509a3b25001cfe70b54c3c485ca2c172f5913bb99c061be8a62ec96
3e7a9141ac6a2916f9054a41776173f407c89448553324fee1e65f56de121ff8
41b54fd8e7da53469be14104144a39a348c012aee9e597ceb3b979b77d99d18e
429a39b5d5be375d2ef17c332187e24d6a34dfdc2f3ea1b3d39d892d423e449d
43635818e56f0441bf3f1462c8f252c487197d1839a4bc3335d8e31fd1dbb6fe
4778e358dfdcd920a579912ae962ad6f18a4f3f3581244faf6d9406382f00b54
49b8a8dc76bdc7982a5304545079dbc5c29d301586276a716bf549122be08291
4c483342f6b6854fd49a77996a70c99e0f502a44c34d3119ab3fdb87f287d68e
4d169c29f8731b7ff6cea33fd1035fcf52733145cb4133280dd01e242a075868
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea65470b3930c46d36c89f4f3db45b677fb3c15b820de53959ce66ad4112d59
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
5be9becb6bd353ea0ea4460d4c86ffbcf22418d649b520c57a083960f14ddc1c
6014135b205368c636d181a040df869d927b8f1a7f540f2a64aff49e0914f147
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
67b2144f4435a54991b473fa6037a4e0187b13a6ca5333d955d24aa047734c0c
68ee92a73cee8d59fefe7758bb53d30f1f4bcc16aaa6985ebf2319b6cc404930
699f198d535c2064699c6b89716fa70027f0cf3154cb1861ceeba4665fdb7ff3
6b2910698018a32c6bae7df0ea25685f9c3fd8a72fd608df49c3a1269a8c972e
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
76f0ce7f8bf3411ccf620c50e9650bdc2da3503aeccc653e9acfb76ee84c38e2
7952ed5c1c2cb5ee45e6b5f998ddeea2bf037813617d7b328213a780847bed03
7b9c44cf87a0ef3fb6de18543dc2d3bf2864b52d385f4bdcf1834ae3df4c44a6
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e1277df15b7fbabed255c2534be05fe62cb8eeb0b9b3457c9029a1e58e808b3
81ef130604ec4926d96cd5f765d1845e870ad662d39211faed6cc3d6509a3514
81efce0ba4673a5a00b185fbf0b14d278aa110bb92a1bbd5ea10c0ce78955203
84edeaddf88d3f34904ea74891afe954b1f846dcf7343069a8baf88813d00a57
84f248be5e4b5cdc4c969a88c7d8fabb1a630d8637eca81d3a29fded4802f404
8572c258d3889163b189d01120b0f12cb115cdab19cc9e278d2b192625cf9fe9
87074670e2939fb6c27cf4dda3663342c94d39671cd4849b5be190a866ad60dd
87193d6a6b876bffa6b573d8c56d6d1299e0c8eded54986638513b0a4bdf9e6a
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b3d7ecc82076f456e17e5cf2b5c5851c0a3c33b17217d137be0bca580654349
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a
97212b12104c856919d44f21b8cbecd7397e7ef9e698fa6a14b692a5408c302a
975493b36ff51cc1a52bb40cb7249b2b742b04be006435d698c2651562f1e513
99c68125c64b5bfe8f54629c3c423eaf6eb2f2dcf3ef607a6328d8461d2de7ae
9d6b9a1828d4f385b96567b46c734f0ee46f425c74db5c0e3a2b72ca8b2818eb
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1ac660767f0b902644fec786e9321a1fc2f2d50fac439eaaca062fb60d88124
a22a652c9f38795269826fcbc5defb8d3f583f1d0a2d2b5ce3e470c89b7fc04e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a36eedcdede3108e74cbc7593170dc7955f0325125dde1cb649fb627751d278e
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ac529d240812c2725fdb0d65eeb2863c8523a42a9a684068b1620071a9b3af
a66cbaa6396f8b7923fffa0939d3ed8502aa3563963bab760f2e029c9a4602bd
a6acbcf8b6f128cd689868adc2787451f6114be57992ace33b325235ba24d207
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7ef73c7b1a8aeafcd4803e18c3741f15487b5c5c758381c1885878729044673
ab06ae4ad38bde039c1cdd5d3c3eed4099ccbe75667ea2409ab7de0acf7b4ae9
ab1d31579552368e0320ddbeb221527ddcca65f9c2ccbfcfdc37fbf5e910fb47
b3161e15e2d0efe916b4571964bd9fcb893e936712895ceac5d1c9775875d949
b3f6c6b1ecd1c79b3289035b660e537b8010d86ae9d5663b93d80019e6061716
b5026639059f689fcceeddefe8af1a6e26e5642a0fe1efaf02db641d97ca5b1f
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b91d3b081a858473f2923c4a8e4a3ec66216b151194ded0cc4fc3b12a94e53ad
b989ef6e53e278a56abb90201c504c90c1b447f7e71eb35557e0e66b8de0a431
bc7048cb2a2e4fb6124d287cbd60686c4ff85dea83874c0dc337712c28499ffa
bd56bb6054bbc3c31db40da615225db581a37ea7d330eb04d0316b4fea76000f
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
bfe30a3a05b48586c772352e7fdd8b2ed01e6bdb07c73eae9a26d7e7d6f0ff4e
c101ff2099eb83c43af476d9bb628af05f5258df89831f9edbd7555f7328321e
c28cf9531a92b13f64e6bde8578d730da9920d06883a826a944ba161e3cda818
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c571c146ca5e8750a690ee9e2fe076f51e37aebcfbc50171d5f85d66e355a6fd
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20
cd5802377e5ae732c57af6115215ad4968ad20a6b2e9c6414d6692ed37125eea
d0bf60019342230fc2ae821f2b0b0e2f597d673a862bd362391742e8e398bba5
d536de06f7380817f7ccabc1f32cffe5a056b587455e0cf3f8036ac93409f9a7
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
db8d470fcb7b5fe2a19a10083ea345b5e9f5e92bf3d62465fac44c73ef703449
ddc29fdcb749dde1c7b243e41364663a32daaa5902dddbe6ee6d5d1b90d7b5c2
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c08ae82c23e77fdf53506535dd7c31379a8343618b0ab1951d7f8c3d3e8d88
e54b12f091001a29558f0c4c6e33fe512f71ba0215fc6630f6afc159f2ba40a1
ee98562eed7d7a378016b2d3f26f8dd8242440049855b277341248a0b42e5291
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef677482cd1c090c4ad00d991e2816132a23ba0d082a6e381e3da4ec552f17d5
f01d42a1c6adb4d1fb2b16a9fa373091b13c2f8343681adb5bdeda7b50cd4c10
f70c6e0720a4769e224d4ceb25d9908ae0f9da93dac347971cac311be73b1022
f794149e916c9ad5b5332d5c081e398c6325267affbb8a45bb0f696ea64c6dcf
f8ea5609100d60856334266118e0179b0a8b1da107145348c0b4444009f6d096
f93eabed9db1894c7c76ceaaa899450f82a3f9e4a003b1753985ad35b2e86ce0
fa299f977b0c6d1ae285d7dc7d4b17876f8b6ddc063eefa410dc1d0fd1116908
fc8d1dd8e863a53740e1d76272405ace3fb2d7b3ad2947b6ec5171a7f6d7500d

way2self.in.ua Open in urlscan Pro 2a03:f480:1:26::70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

479 Requests

38 %HTTPS

43 %IPv6

72 Domains

86 Subdomains

50 IPs

10 Countries

3290 kBTransfer

9320 kBSize

30 Cookies

9 Outgoing links

Redirected requests

479 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

way2self.in.ua Open in urlscan Pro
2a03:f480:1:26::70 Public Scan

Screenshot
Live screenshot

Full Image

479
Requests

38 %
HTTPS

43 %
IPv6

72
Domains

86
Subdomains

50
IPs

10
Countries

3290 kB
Transfer

9320 kB
Size

30
Cookies

479 HTTP transactions
7 data transactions