www.04597.com.ua Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://04597.com.ua/
Effective URL:
https://www.04597.com.ua/
Submission: On November 06 via api (November 6th 2022, 12:24:21 pm UTC) from GB — Scanned from GB

Summary HTTP 252 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 29 IPs in 5 countries across 17 domains to perform 252 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.04597.com.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 31st 2022. Valid for: a year.

This is the only time www.04597.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 94	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
5	83.222.14.88 83.222.14.88	25532 (MASTERHOS...) (MASTERHOST-AS Moscow)
13	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1 2	88.212.201.204 88.212.201.204	39134 (UNITEDNET) (UNITEDNET)
20	2606:4700:1::... 2606:4700:1::6813:874e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 4	195.209.108.51 195.209.108.51	52007 (ADRIVER-AS) (ADRIVER-AS)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
37	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	88.212.240.204 88.212.240.204	39134 (UNITEDNET) (UNITEDNET)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2a02:26f0:170... 2a02:26f0:1700:3::5f65:1b92	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2606:4700:1::... 2606:4700:1::6813:864e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::ac43:4b59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
3	2001:41d0:701... 2001:41d0:701:1000::31d2	16276 (OVH) (OVH)
3	162.19.138.83 162.19.138.83	16276 (OVH) (OVH)
252	29

2 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

04597.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.04597.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

04597.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.04597.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.04597.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 83.222.14.88 (Russian Federation)

ASN25532 (MASTERHOST-AS Moscow, Russia, RU)

content.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.204 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host204.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2606:4700:1::6813:874e (United States)

ASN13335 (CLOUDFLARENET, US)

jsc.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
servicer.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.209.108.51 (Russian Federation) 1 redirects

ASN52007 (ADRIVER-AS, RU)

ad.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.212.240.204 (Russian Federation)

ASN39134 (UNITEDNET, RU)

servers1.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:1700:3::5f65:1b92 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

animate.adobe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:1::6813:864e (United States)

ASN13335 (CLOUDFLARENET, US)

s-img.mgid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4b59 (United States)

ASN13335 (CLOUDFLARENET, US)

eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

lb.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:41d0:701:1000::31d2 (France)

ASN16276 (OVH, FR)

lbs.eu-1-id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
96	04597.com.ua 3 redirects 04597.com.ua www.04597.com.ua s.04597.com.ua	15 MB
50	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 167	783 KB
26	mgid.com jsc.mgid.com — Cisco Umbrella Rank: 7063 c.mgid.com — Cisco Umbrella Rank: 5191 cdn.mgid.com — Cisco Umbrella Rank: 9490 servicer.mgid.com — Cisco Umbrella Rank: 7215 s-img.mgid.com — Cisco Umbrella Rank: 4955 cm.mgid.com — Cisco Umbrella Rank: 1967	258 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 66 stats.g.doubleclick.net — Cisco Umbrella Rank: 166	126 KB
13	gstatic.com fonts.gstatic.com www.gstatic.com	149 KB
10	adriver.ru 1 redirects content.adriver.ru — Cisco Umbrella Rank: 22701 ad.adriver.ru — Cisco Umbrella Rank: 10888 servers1.adriver.ru — Cisco Umbrella Rank: 77426	57 KB
8	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 97 region1.google-analytics.com — Cisco Umbrella Rank: 2041	21 KB
7	eu-1-id5-sync.com eu-1-id5-sync.com — Cisco Umbrella Rank: 1531 lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1556 lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1785	19 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118 ajax.googleapis.com — Cisco Umbrella Rank: 447	173 KB
4	adobe.com animate.adobe.com — Cisco Umbrella Rank: 45003	232 KB
4	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	2 KB
3	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 678	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	142 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 5673	2 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 121	136 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 3745	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1047	695 B
252	17

	Domain	Requested by
81	s.04597.com.ua	www.04597.com.ua s.04597.com.ua
37	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.04597.com.ua
13	pagead2.googlesyndication.com	www.04597.com.ua pagead2.googlesyndication.com tpc.googlesyndication.com www.gstatic.com googleads.g.doubleclick.net
13	www.04597.com.ua	1 redirects www.04597.com.ua
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.04597.com.ua googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
6	s-img.mgid.com
6	cdn.mgid.com	jsc.mgid.com
6	www.google-analytics.com	www.googletagmanager.com
5	c.mgid.com	jsc.mgid.com
5	content.adriver.ru	www.04597.com.ua content.adriver.ru
4	animate.adobe.com	s.04597.com.ua
4	ajax.googleapis.com	s.04597.com.ua
4	www.gstatic.com	googleads.g.doubleclick.net
4	ad.adriver.ru	1 redirects www.04597.com.ua
4	jsc.mgid.com	www.04597.com.ua jsc.mgid.com
3	id5-sync.com	www.04597.com.ua
3	lbs.eu-1-id5-sync.com	www.04597.com.ua
3	lb.eu-1-id5-sync.com	www.04597.com.ua
3	servicer.mgid.com	jsc.mgid.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	cm.mgid.com	jsc.mgid.com
2	region1.google-analytics.com	www.googletagmanager.com
2	counter.yadro.ru	1 redirects
2	www.googletagmanager.com	www.04597.com.ua www.googletagmanager.com
2	fonts.googleapis.com	www.04597.com.ua googleads.g.doubleclick.net
2	04597.com.ua	2 redirects
1	eu-1-id5-sync.com	jsc.mgid.com
1	servers1.adriver.ru	content.adriver.ru
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.04597.com.ua
252	34

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
t.me
www.youtube.com
homestory.04597.com.ua
steroidsshop-ua.04597.com.ua
hulkshop.04597.com.ua
leader-ltd-hr.04597.com.ua
s.04597.com.ua
apps.apple.com
www.liveinternet.ru
citysites.ua

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-31` - `2023-05-31`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.adriver.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-04-05` - `2023-04-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-10` - `2023-10-11`	a year	crt.sh
*.eu-1-id5-sync.com E1	`2022-11-04` - `2023-02-02`	3 months	crt.sh
*.id5-sync.com R3	`2022-08-18` - `2022-11-16`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.04597.com.ua/
Frame ID: 486F96870A2874325399DAF629567087
Requests: 116 HTTP requests in this frame

Frame: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
Frame ID: 161EB30DF14CD53FE78C4BF21922177C
Requests: 34 HTTP requests in this frame

Frame: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
Frame ID: D0378FB445C723C33BEC44275940533F
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html
Frame ID: 8BBB34D2405641AFCC08AABE8C0F66DA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=4035391110&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453504&bpp=3&bdt=1085&idt=323&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=812488700199&frm=20&pv=2&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GS54YduzIa&p=https%3A//www.04597.com.ua&dtd=348
Frame ID: 00C28EE76D081AD9F6F56969C4753CD4
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&adk=1812271804&adf=3025194257&lmt=1667737453&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.04597.com.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453507&bpp=2&bdt=1088&idt=356&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=368
Frame ID: BE59C0904E1144BF6B0F52B29320CC02
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1667737453&rafmt=2&format=1200x90&url=https%3A%2F%2Fwww.04597.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453512&bpp=2&bdt=1093&idt=366&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Mw9BuYipwm&p=https%3A//www.04597.com.ua&dtd=371
Frame ID: 767A500B39E835BCD6665ECB921F0B55
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374
Frame ID: ADBA804F6F336EE67BED9F299C29E326
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD9E66BF6A94FDB5E00D1ACC5E54AA84
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C37F6E4DB5A1F510C5CB4AA4F91AB732
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html
Frame ID: 1546F8C2272D39C4D23C01F075B5539A
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js
Frame ID: 8469CCD12166790259F5207096A9D53A
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html
Frame ID: F1F12FD76F0FE20AE6DF1333534395EB
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CjUH_bqdnY_CDAvOJsAKIs4uQCqPI9eJoxbOg7MIPp53e_u8vEAEgoJLwEGC7hoCA0AqgAcihwMwCyAEJqAMByANIqgTTAU_QBqxCUQmT_a20DlwYjCVPp2v-Z5ah7ik2hG6NneoyA84wiuwuFjoJghSRs94O_f102ICX2Lijb80m3WETohKaZG8zfJM53DAOaGaOU6-oxYiXebq4t59YQx8gBIRF8idOG03CPd6EJzD1dPMHC7nFzDXfU06517ojaf-qCoZz_DGf7u2b5Lc7X-qOhlvYWjL6pzvkBnm6gticCkiSbtMhwqsOC9rQvFg-Ldwf4zDhYBu53Q-C35IszJITwqHHVTQLaz-Dt8nsicZP9hKe6-cJDg3ABLPLrqWBBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeg3r-zAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEJw10ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMTk5NzYwNDkyMTA3Nzg5NhgA&sigh=PP0dA00yo1M&uach_m=[UACH]&cid=CAQSGwDq26N98KrYhNpDOTdYyiIE0XeikunjmCuYrhgBIA4&template_id=419
Frame ID: 80A0528844FE5AB55DC1BDB085C3B71C
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 849A8B1950ABCD89492A20BC30BD010E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CDA2E2840D4AE650C7D6F711F4065E9A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js
Frame ID: C2477C1D3B19E474EE275A23FE001F9C
Requests: 1 HTTP requests in this frame

Frame: https://cm.mgid.com/i-noref.js?cbuster=1667737455396846668071
Frame ID: 7DF8B450A028F9070C6568C6756B1D87
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Сайт Ірпеня 04597.com.ua - головні новини і події міста

Page URL History Show full URLs

http://04597.com.ua/ HTTP 301
https://04597.com.ua/ HTTP 301
http://www.04597.com.ua/ HTTP 301
https://www.04597.com.ua/ Page URL

Detected technologies

AdRiver (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:adriver\.core\.\d\.js|https?://(?:content|ad|masterh\d)\.adriver\.ru/)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

252
Requests

95 %
HTTPS

79 %
IPv6

17
Domains

34
Subdomains

29
IPs

5
Countries

17486 kB
Transfer

21751 kB
Size

14
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/irpin04597comua/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/irpin_04597/

Search URL Search Domain Scan URL

URL: https://t.me/irpininteresting

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCJOAXrhEbvr7QnZlD_K_ygA/featured

Search URL Search Domain Scan URL

URL: https://homestory.04597.com.ua/
Title: Домашня історія — Інтернет-магазин товарів для дому +380(93)724-33-74

Search URL Search Domain Scan URL

URL: https://steroidsshop-ua.04597.com.ua/
Title: Інтернет магазин steroidsshop-ua.com: відгуки клієнтів +38 (093) 243-31-86

Search URL Search Domain Scan URL

URL: https://hulkshop.04597.com.ua/
Title: Магазин стероїдів Hulkshop +380(67)126-76-26, +380(66)126-76-26

Search URL Search Domain Scan URL

URL: https://leader-ltd-hr.04597.com.ua/
Title: Кадрове агентство LEADER-LTD / ЛІДЕР-ЛТД, підбір персоналу, робота за кордоном, візова підтримка +380(96)119-00-10, +380(66)245-90-09

Search URL Search Domain Scan URL

URL: https://s.04597.com.ua/upload/files/app-world-production-release.apk

Search URL Search Domain Scan URL

URL: https://apps.apple.com/ua/app/citysites-global/id1417356016?l=uk

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click;04597comua

Search URL Search Domain Scan URL

URL: https://citysites.ua/franchise
Title: Франшиза "CitySites"

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://04597.com.ua/ HTTP 301
https://04597.com.ua/ HTTP 301
http://www.04597.com.ua/ HTTP 301
https://www.04597.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 37

https://counter.yadro.ru/hit;04597comua?t52.6;r;s1600*1200*24;uhttps%3A//www.04597.com.ua/;h%u0421%u0430%u0439%u0442%20%u0406%u0440%u043F%u0435%u043D%u044F%2004597.com.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.3722592514555809 HTTP 302
https://counter.yadro.ru/hit;04597comua?q;t52.6;r;s1600*1200*24;uhttps%3A//www.04597.com.ua/;h%u0421%u0430%u0439%u0442%20%u0406%u0440%u043F%u0435%u043D%u044F%2004597.com.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.3722592514555809

Request Chain 57

https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1767373&tail256=https%3A%2F%2Fwww.04597.com.ua%2F&sid=219116&bt=52&pz=1&sz=main&ph=adriver_banner_598351739 HTTP 302
https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1767373&tail256=https%3A%2F%2Fwww.04597.com.ua%2F&sid=219116&bt=52&pz=1&sz=main&ph=adriver_banner_598351739&tuid=-6084848917

Request Chain 120

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

252 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.04597.com.ua/
Redirect Chain

http://04597.com.ua/
https://04597.com.ua/
http://www.04597.com.ua/
https://www.04597.com.ua/

362 KB
69 KB

78ms
78ms

Document
text/html

2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 485a362041ef0235c736b8315ea2c906c868bb04b35fa41b7e0c820e89800584

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 765dce053f62dd3f-LHR
content-encoding: br
content-type: text/html; charset=utf-8
date: Sun, 06 Nov 2022 12:24:12 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bzOD43G5cTWsfsO0ywxMlMyVxZ7OTxHMKkibaGd1eZOIuAHcYvDhGc1NjZM%2B19HG4tz550UmpvE0rNC8o%2BWqJQR2M141o6SCtdzAMovNEO27zR4qOKHA5C%2BfPDgDbjwp84jS8Pz6RxzqeXkojjNT"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Express

Redirect headers

CF-RAY: 765dce04ab04dcab-LHR
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sun, 06 Nov 2022 12:24:12 GMT
Expires: Sun, 06 Nov 2022 13:24:12 GMT
Location: https://www.04597.com.ua/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SknDPyFienwCebSQi7Z7il4dOkvfdLJdSN3luYTWmC6eQZ2dwjFglu%2B7bfN5b568Ilaa4C%2F6N64btz%2Bh7m3zGFn9yfcGLJ8ZxNVH7qFVwN7EjpN9lPrQ0E5mGvEfm%2FOI%2Bp4Jhdig0kQOkaUMy1Ix"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 143ms
51ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Nov 2022 12:13:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Nov 2022 12:24:12 GMT

GET
H2 200 styles.60491826036a042b7a3d.css
www.04597.com.ua/ 82 KB
16 KB 44ms
44ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/styles.60491826036a042b7a3d.css
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: f5066f8f09de4fd8778596bf2825873c557b3423b893447d23088a9671333d40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 11:21:37 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166659
x-powered-by: Express
etag: W/"1488c-184381341e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=swWrHzbZCS2pc%2BrM4RPHmNa8032cG%2BOVrHluziLPpiFP76VGQsiTyp6O0CI%2Fmzjuc3FHvOIJuVDCyXGW%2BVJvKMUwFSava7wseXQlP9L3kHViroPDVOQPl5qGsQ4PRtxffjTrk7ikt56MYtF9K3y%2F"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 765dce05b873dd3f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 cap.jpg
www.04597.com.ua/dist-assets/images/ 629 B
976 B 91ms
91ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.04597.com.ua/dist-assets/images/cap.jpg
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1f45ec49ef8ba141166495912187578b9fd5b0a8e09f26ad217a51aa03d9e8c4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:12 GMT
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 11:22:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"275-1843813d658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdplPr%2Bni0EgZ3lrMZGrpRktKXv1gxhALNMGSqeFgIB5XbgJgxCbjU26yNNJhcnJGzTqIStkzUyK%2F1hDOGAFGDWM2V2t9m3ERTP9Qvs4Brirss%2BfFRt459FS0L%2BoO3Wc%2BVB2f3oOxFw1092Jr9iB"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 765dce05e8c5dd3f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 629

GET
H3 200 email-decode.min.js Show response
www.04597.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 35ms
35ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.04597.com.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 04 Nov 2022 12:48:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"63650a09-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cBrA1vjOeUqu8E4oZ6SQYD7e9i%2Bj5WBZxboNGCX%2FgBQgz5giOBUbng2DoZy7ehne%2Fh6xS%2Ffd1pDVklT6TXAUZjU2vJinOHiqB3nEfPy1gfaHfPEJ6wDfReMj3nAvdEd5W4UU%2F3Eejr7zDnbmogJZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 765dce05fa5d769e-LHR
expires: Tue, 08 Nov 2022 12:24:12 GMT

GET
H3 200 runtime-es2015.42a8104c9188d6f4df75.js Show response
www.04597.com.ua/ 2 KB
2 KB 86ms
85ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/runtime-es2015.42a8104c9188d6f4df75.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1098a26349bf23da8b07456ed0002e82e8182d6f047cd52feb03bc9e232219e1

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 11:21:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"9a1-184381345d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GUC86DSFdWmZ9nhNpHROhuT8wFbAYWoySFN79qWByQdudhA6iWly%2F5x4s9GaKkcorlEZOzqwYJUIqlN30%2FZpioZYYrL86STCmIoTFQxE%2BFlYRdmAdlRYuEmSbvUDTVM0%2F32pjqqP8eYgxStBtEZO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 765dce05fa62769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 polyfills-es2015.a654f98f4d03ce02c384.js Show response
www.04597.com.ua/ 37 KB
13 KB 116ms
115ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fecdb0327c1bb1f89a993a4d187d457521a47cca02b4b6927eb9834179585633

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 11:21:39 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"9326-184381349b8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nUkfQfJYDwh5P6dZV%2BrxEiinKISb3F5eDE4MsF%2FTLHLsePBkrQ%2FROaDOb%2F1G47ZgKrx4agp6OuXRgGU7gPc6%2FTEN%2BXyLF%2ByeQQfz2TgOOSkwlvw9vQNgd3Y9ZTy7QaXunG0OjPem1kjuCsK1Ia8X"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 765dce060a64769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 main-es2015.961e40a0cf164200e87d.js Show response
www.04597.com.ua/ 1 MB
396 KB 54ms
53ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: a1d20a73db2cf2e2e79b6851b6199630c4e4d7f1bbe81cd95f3e1d94b62472cd

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 11:22:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 216146
x-powered-by: Express
etag: W/"17bbd6-1843813d658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Fxo9GmS9uADp5yFOb7uZFdeFi7TSD%2BrGNm8c8uyfsV4T9fndWtBtEWASHGCnAzTqM4IXTJaFxwdoUQBHXuFge7D%2BsLfnA67t6ZpKj1ohq%2B9ZKKLlCHsbj5MnSb5%2FPaYVlJaLoRUFL%2FDQ08h9DG8"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 765dce060a65769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
16 KB 143ms
47ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 22:08:11 GMT
x-content-type-options: nosniff
age: 224161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 03 Nov 2023 22:08:11 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 199ms
103ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 08:45:21 GMT
x-content-type-options: nosniff
age: 445131
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 08:45:21 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
9 KB 156ms
60ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 22:41:49 GMT
x-content-type-options: nosniff
age: 394943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9592
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 01 Nov 2023 22:41:49 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 220ms
124ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 23:09:50 GMT
x-content-type-options: nosniff
age: 479662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15660
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:42:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 23:09:50 GMT

GET
H2 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCAYb8td.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
9 KB 188ms
96ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCAYb8td.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6618b9e896668a4f31412b7be6751c198a88b157fc056d4932e41e7f6d38acf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 22:22:46 GMT
x-content-type-options: nosniff
age: 482486
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9260
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:19:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 22:22:46 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
10 KB 208ms
117ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 13:44:25 GMT
x-content-type-options: nosniff
age: 167987
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9692
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 13:44:25 GMT

GET
H3 200 check-login Show response
www.04597.com.ua/api3/auth/ 4 B
637 B 160ms
160ms XHR
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/api3/auth/check-login
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding, Accept, Accept-Language
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jSA06HUGHoN9jfUCYZz3GmMazeOHF55e4L4GAdeBAJBdmtcplJ4cXS4ywGrOvwYm2ms%2BGsgFp6zFC6d85Mg9B3SrlG3LzxowbY2oUp6QBmwi2vsLIcboz9nGjPV5DSfH7Jz3RZo3v7n3fw4Wz%2Ff%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=UTF-8
access-control-expose-headers
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
cf-ray: 765dce086dfc769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 2-es2015.a8b78bf9d493f6610a17.js Show response
www.04597.com.ua/ 8 KB
3 KB 50ms
50ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/2-es2015.a8b78bf9d493f6610a17.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/runtime-es2015.42a8104c9188d6f4df75.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 0241872a3f1e6df53a7fe0555469ca74f8a82babe84e48080dd96543e2081499

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 02 Nov 2022 11:21:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 216146
x-powered-by: Express
etag: W/"1fb3-18438135188"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9B1E5UNmnCS55ClfAoJRVf9jpznBZ4tYKlWmHlEfGoA3aeiB%2FzlR%2FcNxCD%2B8upk%2BqEeqWXkfgYzornL4sQkx5pehVX8d77Eqe5Bm5HT5rBkCvEKaQgA0i0kuHs6uAioUcmq46i6O6W9Kyf%2B%2Ffzp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 765dce086e07769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 9-es2015.2984f603e32c77e1a311.js Show response
www.04597.com.ua/ 72 KB
15 KB 86ms
85ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/9-es2015.2984f603e32c77e1a311.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/runtime-es2015.42a8104c9188d6f4df75.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 93a858bc1bd6dc82aef74aeff50bc620eef799e1129e28c972cac96592a33b6a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:12 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 11:21:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"11e51-18438135d40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TtPv9B38jO4Xc2m5k5hkwNwa7UZDztVY0Qp0mOT%2FAU7r9qwzyKmqVnbFwCpYD%2F0ViCWgBq98otNFO0qNG2iXDDA09B8r9D4p1X%2BSaLO1Y7FWV0vEq%2FC7IfL9B7K4hFz4pvwYrppJwVwcj%2Bj7H4c9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 765dce086e08769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 i18n-base-es2015.700726459845fddbc754.js Show response
www.04597.com.ua/ 100 KB
6 KB 80ms
79ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.04597.com.ua/i18n-base-es2015.700726459845fddbc754.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/runtime-es2015.42a8104c9188d6f4df75.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 24fe0316f3e22efc5cc8fb3e11cdeaf79be262ba88f9b015564623f2d04faa61

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 02 Nov 2022 11:21:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"18e82-18438135570"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f89iSNlvA%2BiHf1P4XQvJmAK%2BTlf8KutH04f%2FEXss7p0V5jZoRh9fPVyXVu8XmqAeZhaWUao86iJdxtU1G9UYZLasv4ms%2BjTxTajUoDW44B2lqlYjv7ePaXqA3YYiO93sibOaQdaWJ0xKU5LJ%2FJm%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000
cf-ray: 765dce096f9a769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cap.jpg
www.04597.com.ua/dist-assets/images/ 629 B
1 KB 38ms
38ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.04597.com.ua/dist-assets/images/cap.jpg
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1f45ec49ef8ba141166495912187578b9fd5b0a8e09f26ad217a51aa03d9e8c4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 256616
x-powered-by: Express
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 629
last-modified: Wed, 02 Nov 2022 11:22:15 GMT
server: cloudflare
etag: W/"275-1843813d658"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0QWcaw9nwCIaw5Spl3HHoZ%2BIYZL8m87hOwbgScyPN871yuOk2umANf3MpavWZ88fzw4r1KA3u8dwBfdRH%2BmbpD0qpR3hVk1iQ9s0oqwX79pXBHb39pIWZrK%2FmluCNuiKafU4zGlbVqLba7mT3Ggn"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 765dce0a28bd769e-LHR

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 169 KB
61 KB 143ms
51ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b2f5205f2ce7b11e16e5768b1a8dbd7d065e1c6f11312046af2f28334eb485e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61498
x-xss-protection: 0
last-modified: Sun, 06 Nov 2022 12:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 06 Nov 2022 12:24:13 GMT

GET
H2 200 catalog21580x110ua_610165732f298.zip.html Show response
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/ Frame 161E 594 B
663 B 236ms
171ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a5b9bf598050a6a9815f073281a8c3573551f368c32f418cc3d54b9ad07e271

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=604800
cf-cache-status: DYNAMIC
cf-ray: 765dce0ab935dd3f-LHR
content-encoding: br
content-type: text/html
date: Sun, 06 Nov 2022 12:24:13 GMT
last-modified: Wed, 28 Jul 2021 14:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AooRgKwyRiNZmJOePuNSyC0SeYZYmullBhqQoP6s3kdq5chqHDCkKKRhnnO8nUKk5c2bLxlQrVP8fU6cBt4yJ2BcPLdfwCXGEzlliwEWyKDiyv0UtEqw3aAjRdj1eMFtQqvjWKigXWFrtTh1cA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding

GET
H2 200 adriverqueue.js Show response
content.adriver.ru/ 3 KB
3 KB 330ms
91ms Script
application/x-javascript 83.222.14.88
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/adriverqueue.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.222.14.88 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 35fc35f9f256e014e708cb476f46a14656e25c799a698d5b46aeb1088f57c8a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
last-modified: Thu, 27 Oct 2022 13:06:05 GMT
server: nginx
etag: "635a823d-c7a"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 3194
expires: Sun, 06 Nov 2022 13:24:13 GMT

GET
H2 200 adriver.core.2.js Show response
content.adriver.ru/ 6 KB
7 KB 330ms
92ms Script
application/x-javascript 83.222.14.88
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/adriver.core.2.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.222.14.88 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 838edc6d978026af4451448c5d190f946756ebec6da1c2bf99d1e8fabcdde3a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
last-modified: Thu, 27 Oct 2022 13:06:05 GMT
server: nginx
etag: "635a823d-194a"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 6474
expires: Sun, 06 Nov 2022 13:24:13 GMT

GET
H2 200 catalog21580x110ua_6109149d41704.zip.html Show response
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/ Frame D037 594 B
555 B 199ms
181ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a5b9bf598050a6a9815f073281a8c3573551f368c32f418cc3d54b9ad07e271

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=604800
cf-cache-status: DYNAMIC
cf-ray: 765dce0ab933dd3f-LHR
content-encoding: br
content-type: text/html
date: Sun, 06 Nov 2022 12:24:13 GMT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sFp7pm9IxyYRESx0h5tgOQ%2BMLyIBN7KlVssi3ALrnN2UubrDiq0XYH8G4aXEU1k8C7Olfz0yMsbU1Zj60QvkMg4Bkx3%2F0HMASmrPDVlo0jS%2F3%2Bu%2FxwKkVyJqWlBGJ2FuGF0MOR9gvF%2Fn6Kaa0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding Accept-Encoding

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 171 KB
55 KB 182ms
85ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09832c7a84ffe6a1056fdb350a073549910252a70dde9e3faed2214121a0b3d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55534
x-xss-protection: 0
server: cafe
etag: 14057343824343003899
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 06 Nov 2022 12:24:13 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 1200x80-banner1_5fafd88220e89.gif
s.04597.com.ua/upload/jackets/000/000/055/ 218 KB
219 KB 53ms
53ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/000/000/055/1200x80-banner1_5fafd88220e89.gif
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adfc09044206d0268861a72bb1f5697b46ea721d16149eab12ea1aef235cdb55

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
last-modified: Sat, 14 Nov 2020 13:15:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 166659
etag: "5fafd882-3680b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HnLgmXVVXdHSO3iHInSdfdRTk3tlMktERPZUX94uziUe89Wm2E%2FH6q9%2B5VM5GIKOQgYJPdZxR6hYf4wg%2BDeFf85nrszabuF1U6uFdrFFWI08BUG1XA3HWteV5q8bvZcTKP%2B%2Bc2beQBklO%2BTUgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce0ae99fdd3f-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 223243

GET cap.jpg
www.04597.com.ua/dist-assets/images/ 0
0

GET
H2 200 header.webp
s.04597.com.ua/section/header_image/se/jpg/upload/pers/202/ 40 KB
40 KB 273ms
272ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/header_image/se/jpg/upload/pers/202/header.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5211765919a736a3bc0188b821c690841b50c1e41270beaba6bd9d645d8f5aa1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40640
last-modified: Fri, 15 Sep 2017 07:41:03 GMT
server: cloudflare
etag: 1505461263-1784x100-1-1-35828
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uzVBtaXeKeRrwQZ1Avp%2FDQwb9sXJdqppGR9F8rovM8giIPq89pprnuGoyeV5JuqRoAzR0Fb9%2Bc2sGd%2FgBP0rfW4AbBiHSWYBoAjliVGO84oFLkRfPBhkgIxZ6%2B7wCQiT7KJxAtS01t0xVyWyjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=2592000, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b3a43dd3f-LHR
expires: Tue, 06 Dec 2022 12:24:13 GMT

GET
H2 200 square-ukraine_628749eca0dcd.png
s.04597.com.ua/section/menuInHeaderImage/upload/images/menu/000/054/620/ 72 KB
72 KB 102ms
102ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/menuInHeaderImage/upload/images/menu/000/054/620/square-ukraine_628749eca0dcd.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca85c7ca8bc74acb508f08d7805bf1d1a853fb782f903a03a632db837f58e73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73328
last-modified: Fri, 20 May 2022 07:57:32 GMT
server: cloudflare
etag: 1653033452-350x100-0-0-73328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DFaCfZB0WC90z0plifuEPkWTmgf%2BXFr%2B6Q6AT%2FP%2FCgB8jtpHj6vUeJRb8hqqbs6SEBI1A7xQdiso0yU425fEnVnt91slr3Ko79lt2Vv9%2Ft2xOlIJDyuHstyyXVyseK0oDBCRuBi%2Bpk6AuJF5ug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b3a44dd3f-LHR

GET
H2 200 logo.png
s.04597.com.ua/section/logo/upload/pers/202/ 6 KB
6 KB 80ms
80ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/logo/upload/pers/202/logo.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3ec9b85db5df4f56c57e2961d66e283ee1216e236efd959f84af3c3febc371

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6246
last-modified: Fri, 18 Feb 2022 15:32:18 GMT
server: cloudflare
etag: 1645198338-400x80-0-1-6246
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=somQUcn%2BX67DSG7B4bRL9lyQQOBeR7Mx9%2BgvBryiC3yYBmmnVPbB%2BIDOJV0ATZ9C6flVvuiMkj8DvhDRbHrMtyQ37BU53n4OAFiytjK52fP%2Fy6r78JTnK%2BzjIwOCSQL%2FjgXt3EpeqUaogiZhrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b3a45dd3f-LHR

GET
H2 200 polzucaa-okupacia-1_635e6913cd6a5.jpg
s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ 60 KB
61 KB 654ms
653ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/polzucaa-okupacia-1_635e6913cd6a5.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e33eee60c4bc339f6ed377f10b148d46bb46b95a8e5ff67075ab6c14001aa287

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61911
last-modified: Sun, 30 Oct 2022 12:07:49 GMT
server: cloudflare
etag: 1667131669-885x400-1-0-52232-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbuSr%2FZm9s0nkG0eJKPYgyROsNaZc7PZ6feWs4oP%2FhWiHQrYECfF7tVQxHAKjf6FpIgx7AvYmX87jnL9RXjl%2Be1CTRMYHn3GfTSBekvcTWh46y3%2Bcup5TzrStRHTVuOTdnLSGc9MvthzEpKdrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b3a49dd3f-LHR
expires: Mon, 07 Nov 2022 12:24:13 GMT

GET
H2 200 ad3ea8d4de4552664db2c9d49f117fbd_635c0d49a93be.webp
s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ 20 KB
21 KB 624ms
623ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ad3ea8d4de4552664db2c9d49f117fbd_635c0d49a93be.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f87f4a561ce38d359b192193a62150e43895850d004aa46ba48a58130b3c4bb2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20732
last-modified: Fri, 28 Oct 2022 17:11:38 GMT
server: cloudflare
etag: 1666977098-885x400-1-0-20732-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vH3mthw1jZy%2BD8lj58pPTJcp6Ydlh3zkOE1foS5c9ImIB2T2qv5ZpyfGBQYrGk064XNHYTGiGQpLyTNe9tkSC2FLiZKZ2oxamDNAHJCzmytwzRyZ45wUISFh62NZa0KCrUJFtWIAoN8Ac9n%2FxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b3a4edd3f-LHR
expires: Mon, 07 Nov 2022 12:24:13 GMT

GET
H3 200 e377d80e-9e38-4536-bd34-d301ce4dcfec_635a78df63dbc.jpeg
s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ 54 KB
55 KB 213ms
213ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/e377d80e-9e38-4536-bd34-d301ce4dcfec_635a78df63dbc.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294c16ad56daef5956b8d2a3e49e549c2de3b087260ee4304054c5cf8de47f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55625
last-modified: Thu, 27 Oct 2022 12:26:08 GMT
server: cloudflare
etag: 1666873568-885x400-1-0-60793-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EAOZHQJDtW7zmO7U5H0z7q%2BGvY73bvCPSLf5JAsGnPMdzjazvEwyRxsXMZgFmOJUYZ5P38yNAc3we%2FrP5K3YcAQg%2B%2B1DoFrUnm3sUSsZWawTaiXaRuGUiR8FK1KhCewlxhs9q6cGVa27JYBWrg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b6aa8769e-LHR
expires: Sun, 06 Nov 2022 19:51:57 GMT

GET
H3 200 grib-2_63400a92c88d3.gif
s.04597.com.ua/img/section/newsIcon/original/is/2/ 6 MB
6 MB 54ms
53ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/original/is/2/grib-2_63400a92c88d3.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6abcb4d71468eb40e23701e643be4ba7a02797b8a204581c8858df6cb16aab88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6793870
last-modified: Fri, 07 Oct 2022 11:16:37 GMT
server: cloudflare
etag: 1665141397-885x400-0-0-6793870-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FLRqLzuLOpSysQISKe13AJ12OFkOnVWxlsDMRwjdWiHIRfIMTQFVInQXMyvDBmv6l0PGqyq2dcBYOLi%2B2CQR4mxf0%2F9DTPxOpaCYF70DDtxj%2B7ZbsuEVjPFjce%2BXAzqD5Gf3uqw6OEq6lSH82g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b6aaa769e-LHR
expires: Sun, 06 Nov 2022 19:51:57 GMT

GET
H3 200 microsoftteams-image-52_632475d0e4caa.png
s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ 182 KB
183 KB 41ms
41ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/microsoftteams-image-52_632475d0e4caa.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f6fa576d6db35095585e38e34762be199e68f61811c7ce579499ece55aadb5a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59535
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186600
last-modified: Fri, 16 Sep 2022 13:10:42 GMT
server: cloudflare
etag: 1663333842-885x400-1-0-255736-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKF1WQW9W%2FEXGBFC38WDGDGgrXdA4fu7Dxh3YexoO1spxOVoOsMj5lrLcdiz0TAUTv5jeVWbs4caj6CPhkbmqCrS4igdB2bOJzF6VgAOXWqG%2B8Gj5Cfe7FWLJhC9SXeACLsahjvFy4NT946EqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b6aab769e-LHR
expires: Sun, 06 Nov 2022 19:51:58 GMT

GET
H3 200 aprrap_615aceaa07f68.png
s.04597.com.ua/section/poll_answer_poster/upload/images/polls/000/053/969/ 105 KB
105 KB 1827ms
1827ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/poll_answer_poster/upload/images/polls/000/053/969/aprrap_615aceaa07f68.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9111b221f80292dcd953dbb6654ee10b8a54d98e5a9a542e6be0c41df331557

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107336
last-modified: Mon, 04 Oct 2021 09:51:38 GMT
server: cloudflare
etag: 1633341098-300x300-0-0-107336
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s12iA4hbVg%2FZhafPQYv8IQUks%2F%2Faaru7uC4VJJJE0pBdncXXIUDyAGTOPUuJqrCByXm6v26eb4tgS7sPfgKIvoFB9NGtKLAAejqN7xA8gv43C5U4nxYfMeiBIgIwAk5UsS8MUemLyQeBgm%2FqpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b6aad769e-LHR

GET
H3 200 6303601606209701-561_615acead03b30.jpg
s.04597.com.ua/section/poll_answer_poster/upload/images/polls/000/053/969/ 7 KB
8 KB 1862ms
1861ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/poll_answer_poster/upload/images/polls/000/053/969/6303601606209701-561_615acead03b30.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2098820217ab85e88ba6c6434cab7d3d0d71d34e9ebe2c0a6ad14f435fc3366e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7231
last-modified: Mon, 04 Oct 2021 09:51:41 GMT
server: cloudflare
etag: 1633341101-300x300-0-0-7231
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TevBwP0ZGA%2BPWVvRbEbqKfZmXC%2FqQzXDwhkYrkv7fkG0uEoscifzmKcOQxMi4adPe0%2FcQIyBkuIdbJ0B6n7NXj2hTLUI0A%2BDpBouEtn2Vnmx9pnsZZkv0CKtbmV4dyrkgoCXoNvI5JJC8h5Ijw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0b6aae769e-LHR

GET
H/1.1

200
OK

hit;04597comua
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit;04597comua?t52.6;r;s1600*1200*24;uhttps%3A//www.04597.com.ua/;h%u0421%u0430%u0439%u0442%20%u0406%u0440%u043F%u0435%u043D%u044F%2004597.com.ua%20-%20%u0433%u043E%u043B%u...
https://counter.yadro.ru/hit;04597comua?q;t52.6;r;s1600*1200*24;uhttps%3A//www.04597.com.ua/;h%u0421%u0430%u0439%u0442%20%u0406%u0440%u043F%u0435%u043D%u044F%2004597.com.ua%20-%20%u0433%u043E%u043B...

392 B
878 B

94ms
94ms

Image
image/gif

88.212.201.204
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit;04597comua?q;t52.6;r;s1600*1200*24;uhttps%3A//www.04597.com.ua/;h%u0421%u0430%u0439%u0442%20%u0406%u0440%u043F%u0435%u043D%u044F%2004597.com.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.3722592514555809

Protocol

HTTP/1.1

Server

88.212.201.204 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host204.rax.ru

Software

nginx/1.17.9 /

Resource Hash

048d8f608ca63b1e20a99d279e34127fcc577c335412ce246374a978481816ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 12:24:13 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 392
Expires: Fri, 05 Nov 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 12:24:13 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit;04597comua?q;t52.6;r;s1600*1200*24;uhttps%3A//www.04597.com.ua/;h%u0421%u0430%u0439%u0442%20%u0406%u0440%u043F%u0435%u043D%u044F%2004597.com.ua%20-%20%u0433%u043E%u043B%u043E%u0432%u043D%u0456%20%u043D%u043E%u0432%u0438%u043D%u0438%20%u0456%20%u043F%u043E%u0434%u0456%u0457%20%u043C%u0456%u0441%u0442%u0430;0.3722592514555809
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Fri, 05 Nov 2021 21:00:00 GMT

GET
H2 200 04597.com.ua.1323283.js Show response
jsc.mgid.com/0/4/ 2 KB
1 KB 842ms
764ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02b45b1bd0e2b3edbb52ec45468e32f7253eca5780f1953e26c84251d6717b57

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
x-amz-version-id: yLqsEnMsylbZYNMUbW8zbmhgXubHCyy7
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: QHPP54SKE3M4542Y
cf-polished: origSize=2369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: EwdEeIAbUyVnIw238xhO5UynfwM7wNP3V9vaJ+foFs10NTy/ZtN9oGsNbpcm8ncNlsKv5zm/sJ0=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:28:11 GMT
server: cloudflare
etag: W/"095058cf90c06b6f6eb09a0d7779e5f9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 765dce0c1ad3887d-LHR
expires: Sun, 06 Nov 2022 15:24:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 172ms
58ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 06 Nov 2022 11:24:49 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 3564
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 06 Nov 2022 13:24:49 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 219 KB
76 KB 155ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PBKBDZ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f70fda1d90debf63e46708c846f0c8e4a1bb3b60588c99112edc6b177ed655fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77669
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 06 Nov 2022 12:24:13 GMT

GET
H3 200 logo.png
s.04597.com.ua/section/logo/upload/pers/202/ 6 KB
7 KB 1772ms
1772ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/logo/upload/pers/202/logo.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe3ec9b85db5df4f56c57e2961d66e283ee1216e236efd959f84af3c3febc371

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: HIT
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 76469
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6246
last-modified: Fri, 18 Feb 2022 15:32:18 GMT
server: cloudflare
etag: 1645198338-400x80-0-1-6246
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pa6sSXGxNN3fkyNDBZCoD80mageVh%2BZ3S0TMHLad0mW6tA5heA23bzu6LoT4HI8OZTU%2B3mz7pVKSQLW0HJ4ZeURA2GmtkJfDuieQy1PLzTS%2FhmYjI6YiJkQwFBXymURZDal2LbkQ33yyUdaHLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0bfb8c769e-LHR

GET
H3 200 Untitled-2_edgePreload.js Show response
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/ Frame 161E 13 KB
6 KB 1757ms
1756ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edgePreload.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f64a75c3feff9ed7a5fc4c933e551a59cef30cdb67767f1696d3fd8582b0d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61016573-35da"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nhlTImDlsSCXrcHCNXgnU6D5OJj%2BY%2FfQthJImM24Zw2%2BGfSHpT42zt9hW6J2ZFM65nyJS%2BJwBRh15FjbTTD23HUISzo6kCSRvGnvh5r3UEJnNvNevDvh63x1viCrGwnN%2FdZVJHlviVDFGZOf3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce0c0bad769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgePreload.js Show response
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/ Frame D037 13 KB
6 KB 1747ms
1747ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgePreload.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01f64a75c3feff9ed7a5fc4c933e551a59cef30cdb67767f1696d3fd8582b0d9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6109149d-35da"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwZt8PFCawD%2BZVZwaTm3oGKvkjtjpnSSDjB6foQ%2B56v%2FUG%2FMyV1qYcrgICtz5ToZ0dPsMRH9Iz94kr6BXDaqPe7xfsAk7zvFcQTuuAZD2TNzpx28udx7%2F4CTRt3eERuaSG5Ajmpjr4q2VNsNwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce0c1bbe769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 square-ukraine_628749eca0dcd.png
s.04597.com.ua/section/menuInHeaderImage/upload/images/menu/000/054/620/ 72 KB
72 KB 1742ms
1741ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/menuInHeaderImage/upload/images/menu/000/054/620/square-ukraine_628749eca0dcd.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ca85c7ca8bc74acb508f08d7805bf1d1a853fb782f903a03a632db837f58e73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 73328
last-modified: Fri, 20 May 2022 07:57:32 GMT
server: cloudflare
etag: 1653033452-350x100-0-0-73328
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F0KpT37Aw8X%2BKdtFY8GpLexakS1WXPEMZbAD0CEG13ROX4ABNeQRi%2BqbpyuMknOJkdXUYTwDUxBcOWPZpe%2FRKkVmaP9VLFpdaos6Ln3ujbRf%2FLL6R1EyL82quOTo9l0Uc7XgzfsxJTbkq9nbWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0c2bcd769e-LHR

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/ Frame 8BBB 10 KB
5 KB 162ms
56ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 81211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 05 Nov 2022 13:50:42 GMT
etag: 2424782735605397694
expires: Sat, 19 Nov 2022 13:50:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/ 353 KB
116 KB 205ms
103ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1997604921077896&plah=www.04597.com.ua&bust=31070697

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc2ee668fdb44daa8c2d6a25fd9c20f8de06911b20db86dad36557047ecd241f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119053
x-xss-protection: 0
server: cafe
etag: 5589086164596489879
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 06 Nov 2022 12:24:13 GMT

GET
H2 200 AdRiverFPS.js Show response
content.adriver.ru/ 12 KB
12 KB 98ms
98ms Script
application/x-javascript 83.222.14.88
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/AdRiverFPS.js
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/adriverqueue.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.222.14.88 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: a94106799ab6e3a607cab3fb4b1436ac9cd183b807f7a78c23ff3b35f1eee218

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
last-modified: Thu, 27 Oct 2022 13:06:05 GMT
server: nginx
etag: "635a823d-300c"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 12300
expires: Sun, 06 Nov 2022 13:24:13 GMT

GET
H3 200 e377d80e-9e38-4536-bd34-d301ce4dcfec_635a78df63dbc.jpeg
s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ 54 KB
55 KB 1657ms
1657ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/e377d80e-9e38-4536-bd34-d301ce4dcfec_635a78df63dbc.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 294c16ad56daef5956b8d2a3e49e549c2de3b087260ee4304054c5cf8de47f73

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55625
last-modified: Thu, 27 Oct 2022 12:26:08 GMT
server: cloudflare
etag: 1666873568-885x400-1-0-60793-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fgj7vhFx1PxVnB%2Bx2NFI0fjzE3AtAvG5VoJ50vW8So6alpD%2F89Glf4qWxITBn86w113F4lF23enykvfolfAtnWE9mqbCXvVoGHiJYbhCvG0LrqKJz7Z%2F5ITZC7Ouwt1B2W1aso9%2BxAa2SS%2FXog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0cccdd769e-LHR
expires: Sun, 06 Nov 2022 19:51:57 GMT

GET
H3 200 header.webp
s.04597.com.ua/section/header_image/se/jpg/upload/pers/202/ 40 KB
40 KB 1646ms
1645ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/header_image/se/jpg/upload/pers/202/header.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5211765919a736a3bc0188b821c690841b50c1e41270beaba6bd9d645d8f5aa1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 40640
last-modified: Fri, 15 Sep 2017 07:41:03 GMT
server: cloudflare
etag: 1505461263-1784x100-1-1-35828
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vnmc%2FEqzVk07jNvE87zYLgNYk0U4eTe5UtnQ8kb427MjGoYAB2N%2F2aK9M%2B3x5H3emYsym7Q4CBTgFn2PkQFivJvLsHPF1Lp5JaANBBZQopIJqrr5tEATSt0wV25nRRmHfgbdvQHuRSDiEIa6w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=2592000, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0ced31769e-LHR
expires: Tue, 06 Dec 2022 12:24:13 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
440 B 149ms
47ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-77009407-42&cid=2128360321.1667737454&jid=1512858906&gjid=1813189016&_gid=766238972.1667737454&_u=YGBAgEABAAAAAEAAI~&z=1202255075

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 06 Nov 2022 12:24:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.04597.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 159ms
50ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2047769938&t=pageview&_s=1&dl=https%3A%2F%2Fwww.04597.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%86%D1%80%D0%BF%D0%B5%D0%BD%D1%8F%2004597.com.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAAAAAI~&jid=1512858906&gjid=1813189016&cid=2128360321.1667737454&tid=UA-77009407-42&_gid=766238972.1667737454&gtm=2wgb205PBKBDZ&cd3=false&cd4=1667737453411.uj2ogc8e&cd5=2022-11-06T12%3A24%3A13.411%2B00%3A00&cd7=Yes&z=1162043635

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34902
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 autoUpdate.adriver.js Show response
content.adriver.ru/plugins/ 5 KB
5 KB 99ms
99ms Script
application/x-javascript 83.222.14.88
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/plugins/autoUpdate.adriver.js
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/adriver.core.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.222.14.88 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: 141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
last-modified: Thu, 27 Oct 2022 13:06:05 GMT
server: nginx
etag: "635a823d-1455"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 5205
expires: Sun, 06 Nov 2022 13:24:13 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 132ms
51ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2047769938&t=pageview&_s=1&dl=https%3A%2F%2Fwww.04597.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%86%D1%80%D0%BF%D0%B5%D0%BD%D1%8F%2004597.com.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAgEABAAAAAEAAI~&jid=&gjid=&cid=2128360321.1667737454&tid=UA-77009407-42&_gid=766238972.1667737454&gtm=2wgb205PBKBDZ&cd3=2128360321.1667737454&cd4=1667737453627.97q7uctj&cd5=2022-11-06T12%3A24%3A13.627%2B00%3A00&cd7=No&z=17552789

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34902
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 04597.com.ua.1323284.js Show response
jsc.mgid.com/0/4/ 2 KB
1 KB 524ms
524ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/0/4/04597.com.ua.1323284.js
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/main-es2015.961e40a0cf164200e87d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee3dca31dd58bb5cb51258b090f6100ed646d8b3f128f5229ce17a579e3d5bc0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
x-amz-version-id: DHrW14eIadRVQ_PChgfnWsD4wfp6rGzD
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 5DP9S5T5CVVR5KFV
cf-polished: origSize=2369
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: LHNWYuBucVtVKDWaZylpqzA3rJN2cHgT5m3xSBmDza6u6BDIc7S/tWJHh6drgn+36LyxE8Ud2TQ=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:29:54 GMT
server: cloudflare
etag: W/"89b66e0b59bf9eff148e89115b64d9a6"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 765dce0d6e4c887d-LHR
expires: Sun, 06 Nov 2022 15:24:14 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
348 B 147ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HVMDDH6B1F&gtm=2oeb20&_p=2047769938&cid=2128360321.1667737454&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1667737453&sct=1&seg=0&dl=https%3A%2F%2Fwww.04597.com.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%86%D1%80%D0%BF%D0%B5%D0%BD%D1%8F%2004597.com.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.04597.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK json.cgi Show response
ad.adriver.ru/cgi-bin/ 385 B
1 KB 410ms
201ms Fetch
application/json 195.209.108.51
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/json.cgi?ad=719473&bt=55&pid=3198680&bid=7189165&bn=7189165&tuid=1&cfa=1&sid=1&cid=0&custom=301=0;302=0;304=0;308=0;309=GA1.3.2128360321.1667737454
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.51 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: baab89ad42da79b51399631677122b560c6e503cda81dcc427f6d7433e22d7e6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 12:24:14 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.04597.com.ua
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

merle.cgi Show response
ad.adriver.ru/cgi-bin/
Redirect Chain

https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1767373&tail256=https%3A%2F%2Fwww.04597.com.ua%2F&sid=219116&bt=52&pz=1&sz=main&ph=adriver_banner_598351739
https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1767373&tail256=https%3A%2F%2Fwww.04597.com.ua%2F&sid=219116&bt=52&pz=1&sz=main&ph=adriver_banner_598351739&tuid=-6084848917

2 KB
2 KB

297ms
297ms

Script
application/x-javascript

195.209.108.51
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.adriver.ru/cgi-bin/merle.cgi?rnd=1767373&tail256=https%3A%2F%2Fwww.04597.com.ua%2F&sid=219116&bt=52&pz=1&sz=main&ph=adriver_banner_598351739&tuid=-6084848917
Protocol: HTTP/1.1
Server: 195.209.108.51 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: 69659400b58bfdc2311a463ed2d84331600c7ca6573d02ef1159d26d814feb8e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 12:24:14 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: application/x-javascript
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 12:24:13 GMT
Transfer-Encoding: chunked
P3P: policyref=/w3c/p3p.xml, CP=NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA
Content-Type: text/html
Location: /cgi-bin/merle.cgi?rnd=1767373&tail256=https%3A%2F%2Fwww.04597.com.ua%2F&sid=219116&bt=52&pz=1&sz=main&ph=adriver_banner_598351739&tuid=-6084848917
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
695 B 153ms
53ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.04597.com.ua&callback=_gfp_s_&client=ca-pub-1997604921077896&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1997604921077896&plah=www.04597.com.ua&bust=31070697

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3482530dbebd202b14119b0cc146042e0059387b955057e7548c92bf04614d38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 163ms
55ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.04597.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 158ms
56ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.04597.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 00C2 95 KB
34 KB 521ms
425ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=4035391110&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453504&bpp=3&bdt=1085&idt=323&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=812488700199&frm=20&pv=2&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GS54YduzIa&p=https%3A//www.04597.com.ua&dtd=348

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f4ea2823a18da128b559fe95eb86fe244701529b27fc9143edaf6c074567b73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34392
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
expires: Sun, 06 Nov 2022 12:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 180ms
79ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221101&st=env

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

117dc2dea8f4f9b9855ac02f2e541a1f05fc59e94c89a13180609f86f337793a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11327
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 80ms
79ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fwww.04597.com.ua%2F&tn=DIV&cls=foot-banner&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BE59 0
19 B 304ms
230ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&adk=1812271804&adf=3025194257&lmt=1667737453&plat=1%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fwww.04597.com.ua%2F&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453507&bpp=2&bdt=1088&idt=356&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&fsapi=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=368

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
expires: Sun, 06 Nov 2022 12:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 767A 136 KB
43 KB 502ms
435ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1667737453&rafmt=2&format=1200x90&url=https%3A%2F%2Fwww.04597.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453512&bpp=2&bdt=1093&idt=366&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Mw9BuYipwm&p=https%3A//www.04597.com.ua&dtd=371

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b686109d49d7f450404f35715c8992933ca5337fb8efeae7a3211a2739bb1d40

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO6Fm5TGmfsCFSDllAkd40oNBQ&gqi=badnY5_OO5vImLAP2JOQ-AE&layout=/sadbundle/%24csp%253Der3%24/2464080974130948964/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44446
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CO6Fm5TGmfsCFSDllAkd40oNBQ&gqi=badnY5_OO5vImLAP2JOQ-AE&layout=/sadbundle/%24csp%253Der3%24/2464080974130948964/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
expires: Sun, 06 Nov 2022 12:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame ADBA 135 KB
43 KB 528ms
470ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d43db3f995755d571d807fabb94d555428fac1d78be116cff1609ed811388bb1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDympTGmfsCFfMETAodiNkCog&gqi=badnY7LPO9TUmLAProOTiAc&layout=/sadbundle/%24csp%253Der3%24/6545368571368206767/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 44065
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPDympTGmfsCFfMETAodiNkCog&gqi=badnY7LPO9TUmLAProOTiAc&layout=/sadbundle/%24csp%253Der3%24/6545368571368206767/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
expires: Sun, 06 Nov 2022 12:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad3ea8d4de4552664db2c9d49f117fbd_635c0d49a93be.webp
s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ 20 KB
21 KB 1296ms
1296ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ad3ea8d4de4552664db2c9d49f117fbd_635c0d49a93be.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f87f4a561ce38d359b192193a62150e43895850d004aa46ba48a58130b3c4bb2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20732
last-modified: Fri, 28 Oct 2022 17:11:38 GMT
server: cloudflare
etag: 1666977098-885x400-1-0-20732-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PFKTi1ywo9pxGOiBFSe%2BqPyUEzS86LXisTsQuFvuqzfFLj%2BS96spoKTmAG5rHLBozjq%2FTEFhjqyfM9GOXJSmu17Zyk5gtIm%2FzxE1C78VYMPjss4OIpTG%2Fwc6ncE2owQp0mbsR%2ByLv2lj2B7C2A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0f18aa769e-LHR
expires: Sun, 06 Nov 2022 19:51:57 GMT

GET
H3 200 polzucaa-okupacia-1_635e6913cd6a5.jpg
s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ 60 KB
61 KB 1263ms
1263ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/polzucaa-okupacia-1_635e6913cd6a5.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e33eee60c4bc339f6ed377f10b148d46bb46b95a8e5ff67075ab6c14001aa287

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:13 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 61911
last-modified: Sun, 30 Oct 2022 12:07:49 GMT
server: cloudflare
etag: 1667131669-885x400-1-0-52232-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lTnpt7qd4dxXRk8YjlYxgJBtKVEQMp4wRqtoFWBreCQi77c4yFrY0Xl%2FFWD%2BiRdLhDBBPNmF5ugEoZGGFfYBulWwTT0eJAnKLt%2BT9uxTeei48tuffJaYqqmF780Uu0WPnHuH%2BTGJSt9EVCDpLw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce0f5912769e-LHR
expires: Sun, 06 Nov 2022 19:51:57 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 175ms
68ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 12:24:14 GMT

GET
H3 200 04597.com.ua.1323284.es6.js Show response
jsc.mgid.com/0/4/ 256 KB
75 KB 607ms
561ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/0/4/04597.com.ua.1323284.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323284.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee7e2244540eb65b19a062ef3080fd7b00fa552bac569e46a866242e78631b30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
x-amz-version-id: BW4ASBABAa561kVEMA9rjHYs363cM9xI
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: XHZDW9VTDR56RSN9
cf-polished: origSize=261853
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ReSDSQqV0GXH2+X7nhTAiLBVMYdc8Sbwmt0Gj/u7ye09JwpWzrHKdKH4Pn2cfUmwJ1uExUvyZx0=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:29:54 GMT
server: cloudflare
etag: W/"9d6431353f42fd4ed823559d7b24e916"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 765dce10fe11dc39-LHR
expires: Sun, 06 Nov 2022 15:24:14 GMT

GET
H3 200 04597.com.ua.1323283.es6.js Show response
jsc.mgid.com/0/4/ 256 KB
75 KB 642ms
631ms Script
text/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a38edc33b1a495330049e08900146a814d9eb1e3848121c07cccbb8d612286c7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
x-amz-version-id: ucsunyoHTp52RgAAVoworpuK7mZRfqsh
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 2P1E6D3Y93RTGY1T
cf-polished: origSize=261697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: alCnaTFkgs347WYB7FZhFLDrOS0DFp8yL9se1ivKB9BZbo5y+67kHR5QXgDcysSGef1fKzXJcDE=
cf-bgj: minify
last-modified: Thu, 03 Nov 2022 14:28:11 GMT
server: cloudflare
etag: W/"4d001a60aaaadf5328670128f72bf199"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=10800
cf-ray: 765dce10fe0ddc39-LHR
expires: Sun, 06 Nov 2022 15:24:14 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD9E 13 KB
5 KB 155ms
50ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:16:10 GMT
expires: Mon, 06 Nov 2023 12:16:10 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C37F 783 B
1 KB 170ms
57ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3dcf54169ffd27698fa1dc5fc84073e5a36e2795e37c0da9c1a45e9b124266d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PmLXjDhpUM1cXl_rhOaeIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.04597.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-PmLXjDhpUM1cXl_rhOaeIg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
expires: Sun, 06 Nov 2022 12:24:14 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 AV.js Show response
content.adriver.ru/banners/0002186/0002186173/0/ 25 KB
25 KB 95ms
95ms Script
application/x-javascript 83.222.14.88
MASTERHOST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL: https://content.adriver.ru/banners/0002186/0002186173/0/AV.js
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/adriver.core.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 83.222.14.88 , Russian Federation, ASN25532 (MASTERHOST-AS Moscow, Russia, RU),
Reverse DNS
Software: nginx /
Resource Hash: bc55f712c7d14651306093d28dffba0f649bd9f37ea365066249df215b5411bf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
last-modified: Wed, 19 May 2021 13:40:38 GMT
server: nginx
etag: "60a51556-6216"
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 25110
expires: Sun, 06 Nov 2022 13:24:14 GMT

GET
H2 200 script.js Show response
servers1.adriver.ru/images/0000399/0000399800/0/ 80 B
241 B 297ms
83ms Script
application/x-javascript 88.212.240.204
UNITEDNET

General

Check archive.org

Show headers Download Go to

Full URL: https://servers1.adriver.ru/images/0000399/0000399800/0/script.js?vadriver_banner_598351739
Requested by: Host: content.adriver.ru
URL: https://content.adriver.ru/adriver.core.2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.212.240.204 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software: nginx /
Resource Hash: 66b9e7b3626ca7d5f824d16774b542b51be40dce0d9542bca980c9a429324093

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: application/x-javascript
date: Sun, 06 Nov 2022 12:24:14 GMT
cache-control: max-age=3600
last-modified: Mon, 03 Aug 2015 00:38:22 GMT
server: nginx
etag: "55beb7fe-1e"
expires: Sun, 06 Nov 2022 13:24:14 GMT

GET
H2 200 6ab016790426e7d037bac2fbd741d34d.js Show response
www.gstatic.com/mysidia/ Frame 00C2 9 KB
5 KB 142ms
41ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6ab016790426e7d037bac2fbd741d34d.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=4035391110&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453504&bpp=3&bdt=1085&idt=323&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=812488700199&frm=20&pv=2&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GS54YduzIa&p=https%3A//www.04597.com.ua&dtd=348

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 08:51:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 271972
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4168
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 22:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 08:51:22 GMT

GET
H2 200 f811ceb9b4a6a990ad4105fc3f7ba433.js Show response
www.gstatic.com/mysidia/ Frame 00C2 19 KB
8 KB 143ms
43ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7817
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 21:10:40 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 00C2 6 KB
672 B 139ms
50ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 06 Nov 2022 12:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 06 Nov 2022 11:33:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 06 Nov 2022 12:24:14 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 00C2 2 KB
767 B 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 14:32:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78734
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:32:00 GMT

GET
H2 200 d6c5bcf26e2f43f621526b11ea468107.js Show response
www.gstatic.com/mysidia/ Frame 00C2 5 KB
2 KB 120ms
50ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d6c5bcf26e2f43f621526b11ea468107.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 01 Nov 2022 21:15:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 400105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2008
x-xss-protection: 0
last-modified: Thu, 27 Oct 2022 19:54:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 30 Jan 2023 21:15:49 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame BD9E 36 KB
16 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 17:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67190
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 17:44:24 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C37F 0
0 76ms
75ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221101&jk=620334795948716&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 00C2 23 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 14:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:27:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 00C2 3 KB
1 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 07:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 07:13:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 00C2 17 KB
7 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 14:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:27:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 00C2 154 KB
48 KB 145ms
52ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 12:24:14 GMT

GET
H3 200 0d3fd3b530a886383bd6b91513e5ed38.js Show response
www.gstatic.com/mysidia/ Frame 00C2 34 KB
14 KB 147ms
50ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0d3fd3b530a886383bd6b91513e5ed38.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 20:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 230723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14033
x-xss-protection: 0
last-modified: Mon, 31 Oct 2022 22:32:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 01 Feb 2023 20:18:51 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/ Frame 1546 13 KB
4 KB 42ms
41ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85226518f0e058ff7fac140469425a8484f9348a8f00a9d730b619345163e5e4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 290917
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3677
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Thu, 03 Nov 2022 03:35:37 GMT
expires: Fri, 03 Nov 2023 03:35:37 GMT
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 8469 23 KB
9 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1667737453&rafmt=2&format=1200x90&url=https%3A%2F%2Fwww.04597.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453512&bpp=2&bdt=1093&idt=366&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Mw9BuYipwm&p=https%3A//www.04597.com.ua&dtd=371

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 14:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:27:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 8469 3 KB
1 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 07:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 07:13:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 8469 17 KB
7 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 14:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:27:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8469 154 KB
47 KB 204ms
158ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 12:24:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8469 0
0 88ms
87ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CM71lbqdnY-6WAqDK0_wP45W1KKPI9eJo1bGg7MIPp53e_u8vEAEgoJLwEGC7hoCA0AqgAcihwMwCyAEJqAMByANIqgTTAU_Q-ByIOmS0WosBVdcMzK_T7224tpHqLwQ29jaAXuzx8c5am-RjW5P8sgbUeb75ap5Getry4n1hbNB1lBdF-XQJW2Z0jWX7Z4euYJnUzdQBabe04zJCJUPi3ZIzCTokHWKO_gJA5ZTJjCH993_vT6aJRdaSmoEKDjFDVgG6QlhebIzS3BxjOM81ImMFFr22Uh-a8kHG61ZH-94zustirRenpL9SPy2nCsHq7RYlGfjYbM2V9591CdJb67r4b3u4xXyb2YAg7TDiN2KqWmhceSL02iPABLPLrqWBBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeg3r-zAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDELhD0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMTk5NzYwNDkyMTA3Nzg5NhgA&sigh=Yl0n-jdu41Q&uach_m=[UACH]&cid=CAQSGwDq26N9zR1mKuv0G35bkDgyFcJXTT4CadBf2RgBIA4&template_id=419&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1667737453&rafmt=2&format=1200x90&url=https%3A%2F%2Fwww.04597.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453512&bpp=2&bdt=1093&idt=366&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Mw9BuYipwm&p=https%3A//www.04597.com.ua&dtd=371
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Nov 2022 12:24:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Nov 2022 12:24:14 GMT

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/ Frame F1F1 14 KB
4 KB 43ms
43ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d4e1472ea875ccdb433da6e6768fab6887738136b365acfb4706ab83c8a51cc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 167335
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 3639
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 13:55:19 GMT
expires: Sat, 04 Nov 2023 13:55:19 GMT
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 80A0 0
0 89ms
89ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjUH_bqdnY_CDAvOJsAKIs4uQCqPI9eJoxbOg7MIPp53e_u8vEAEgoJLwEGC7hoCA0AqgAcihwMwCyAEJqAMByANIqgTTAU_QBqxCUQmT_a20DlwYjCVPp2v-Z5ah7ik2hG6NneoyA84wiuwuFjoJghSRs94O_f102ICX2Lijb80m3WETohKaZG8zfJM53DAOaGaOU6-oxYiXebq4t59YQx8gBIRF8idOG03CPd6EJzD1dPMHC7nFzDXfU06517ojaf-qCoZz_DGf7u2b5Lc7X-qOhlvYWjL6pzvkBnm6gticCkiSbtMhwqsOC9rQvFg-Ldwf4zDhYBu53Q-C35IszJITwqHHVTQLaz-Dt8nsicZP9hKe6-cJDg3ABLPLrqWBBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeg3r-zAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcDEJw10ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItMTk5NzYwNDkyMTA3Nzg5NhgA&sigh=PP0dA00yo1M&uach_m=[UACH]&cid=CAQSGwDq26N98KrYhNpDOTdYyiIE0XeikunjmCuYrhgBIA4&template_id=419

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Nov 2022 12:24:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 06 Nov 2022 12:24:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/ Frame 80A0 23 KB
9 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 14:27:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9268
x-xss-protection: 0
server: cafe
etag: 17746901142539384344
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:27:38 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 80A0 3 KB
1 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 07:13:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1238
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 20 Nov 2022 07:13:34 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/ Frame 80A0 17 KB
7 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221027/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 14:27:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 78982
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7367
x-xss-protection: 0
server: cafe
etag: 4759548068123418343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Nov 2022 14:27:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 80A0 154 KB
47 KB 136ms
118ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 06 Nov 2022 12:24:14 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 1546 6 KB
3 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 06 Nov 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 1546 34 KB
13 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 06 Nov 2022 19:53:06 GMT

GET
H3 200 b6b1ad1164099ebc4153e4df2cc02eab.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/ Frame 1546 81 KB
21 KB 57ms
56ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/b6b1ad1164099ebc4153e4df2cc02eab.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20ebb7d18e97154c58db74707efc31669968efde8e862a9cdeb89721a7fed707

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 03 Nov 2022 06:45:24 GMT
age: 279530
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21391
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Nov 2023 06:45:24 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 849A 143 B
166 B 50ms
49ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=90&slotname=4294158452&adk=606224035&adf=930389412&pi=t.ma~as.4294158452&w=1200&fwrn=4&fwrnh=100&lmt=1667737453&rafmt=2&format=1200x90&url=https%3A%2F%2Fwww.04597.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=2&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453512&bpp=2&bdt=1093&idt=366&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2854&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=Mw9BuYipwm&p=https%3A//www.04597.com.ua&dtd=371
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK event.cgi
ad.adriver.ru/cgi-bin/ 42 B
667 B 205ms
204ms Image
image/gif 195.209.108.51
ADRIVER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.adriver.ru/cgi-bin/event.cgi?xpid=D7gJ5gMKNA8KbGVPWzVSHDJ83ExEDgm4UTyEauYvvk_eAg6f5LRyMGgR9u-I6n4RLIs-qQvHb&bid=399800&type=0&custom=113=0;161=380;162=0;168=1;176=0;177=1;213=0;214=2;216=1600;217=1200;218=false;163=https%3A%2F%2Fwww.04597.com.ua%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.108.51 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 06 Nov 2022 12:24:14 GMT
Transfer-Encoding: chunked
P3P: policyref="//adriver.ru/w3c/p3p.xml", CP="NON DSP COR CURa ADMa DEVa OUR BUS UNI COM NAV INT STA"
Content-Type: image/gif
Cache-control: no-cache, no-cache=Set-Cookie, max-age=0, must-revalidate, proxy-revalidate, no-store
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame F1F1 6 KB
3 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 13:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83514
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2655
x-xss-protection: 0
server: cafe
etag: 4618035238173732404
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 06 Nov 2022 13:12:20 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F1F1 34 KB
13 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59468
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 06 Nov 2022 19:53:06 GMT

GET
H3 200 b6b1ad1164099ebc4153e4df2cc02eab.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/ Frame F1F1 81 KB
21 KB 52ms
52ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/b6b1ad1164099ebc4153e4df2cc02eab.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

20ebb7d18e97154c58db74707efc31669968efde8e862a9cdeb89721a7fed707

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 13:55:19 GMT
age: 167335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21391
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 13:55:19 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/5020143464383657728/ Frame 00C2 36 KB
36 KB 48ms
47ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5020143464383657728/2076313506083323656

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a868b9666226a92fd3ab5aa1d1dabec3a8ef5af20384797b3373bd9727c354d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 05:52:21 GMT
x-content-type-options: nosniff
age: 109913
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36785
x-xss-protection: 0
last-modified: Mon, 28 Feb 2022 12:53:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 05:52:21 GMT

GET
H3 200 13888165382829236247
tpc.googlesyndication.com/simgad/ Frame 00C2 2 KB
2 KB 46ms
46ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13888165382829236247?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

184400e86583160bf90609a1b1b7a24d8de73d90dd7002a6f494445db89b85a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 09:16:19 GMT
x-content-type-options: nosniff
age: 356875
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2461
x-xss-protection: 0
last-modified: Mon, 13 Jul 2020 06:58:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 09:16:19 GMT

GET
DATA 200
OK truncated
/ Frame 00C2 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 00C2 0
0 93ms
92ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CnzhRbadnY--gPNmG9fgPqOy0uAmV36KraeKkltTrD9zZHhABIKCS8BBgu4aAgNAKoAGtlprZA8gBCagDAcgDywSqBMMBT9Dlm4ilbfNpIqp0QppI2QNdQ3KXbLtmFufBBiAfJyHgxO5v9H4JMyVd2I-kBxLlo4I6f983TOwx06Hh740KS4-JG1tx3PP_tDys8KYB6Zlq3MiIAOloVn0x7ARqWZH5DYoLSSahYgWKOgcY6GDfy029uOrsYhVY5VshYYIKRY5Fzsl6DshcAnfkDt9s2IeRQ1C93T3StvfSAJ9uGFdG7OLNpUqoS6e6AhuS_HtNOGHRjKsNGDKV7ygB6zDzHEmS0CJ2wATczNGghQOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHu-nlJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEID1AtIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBuBPkA9gTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0xOTk3NjA0OTIxMDc3ODk2GAA&sigh=Ax2C1Ab9bAY&uach_m=[UACH]&cid=CAQSGwDq26N9px24ZaIEhZ2rDR7wXdBRIwLux5VkYRgBIA4&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=4035391110&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453504&bpp=3&bdt=1085&idt=323&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&correlator=812488700199&frm=20&pv=2&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=1949&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=GS54YduzIa&p=https%3A//www.04597.com.ua&dtd=348
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 06 Nov 2022 12:24:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 00C2 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8278b0ca040f256daf508183f85488c428f870d83a1e17611aafea565088fc83

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8469 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 20eb0f282b611a320d2eba08ebf42b1582a7d2bf8e00a5fdf1d5b8a549a861da

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDA2 143 B
166 B 47ms
47ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 530
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:15:24 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 80A0 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e6c31dd5c8b1aa103750f3f472f429c5e4e067523d2b9740cc7aad075111ae6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00C2 0
20 B 80ms
80ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQlRocm9uZQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QKyEAAAAAAABBQDAECg0QAyEAAMCZmZWHQDAECg0QCiEAAAAwMzMiQDAECg0QDSEAAAAAAAAAADAECg0QHioHMzgweDYwMDAECg0QGSoHMzgweDYwMDAECg0QDiEAAAAAAAAAADAECg0QBCEAAAAAAOiHQDAECg0QDyEAAAAAAAAAADAECg0QKyEAAAAAAIBGQDAECg0QBSEAAMCZmemHQDAEEhpDSy1MbUpUR21mc0NGVmxESFFrZEtEWU5sdyIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 apercu_pro_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/fonts/ Frame 1546 369 KB
157 KB 146ms
42ms Font
font/ttf 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/fonts/apercu_pro_700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/b6b1ad1164099ebc4153e4df2cc02eab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e69f884bf552754f97c35ad2e86bec854e0fd2b9fad1226e537b74e33e819a29

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 05:06:30 GMT
age: 112664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160832
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 05:06:30 GMT

GET
H3 200 1566170a18c4d62246d196842d950128.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/ Frame 1546 2 KB
971 B 49ms
48ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/1566170a18c4d62246d196842d950128.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109de181e7f526c1bf6d3550ee0308afacac815e3deefa101679499b9036a97e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 05:06:30 GMT
age: 112664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 936
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 05:06:30 GMT

GET
H3 200 cdc5358f5a153fa8323e134af0d16fbd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/ Frame 1546 3 KB
3 KB 48ms
47ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/cdc5358f5a153fa8323e134af0d16fbd.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6acc11ead3805cbf773b41af7cbe10537765f2e4d1ac09b94141607a8fa5a010

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 05 Nov 2022 05:06:30 GMT
x-content-type-options: nosniff
age: 112664
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2787
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 05:06:30 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 849A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

60ms
60ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
expires: Sun, 06 Nov 2022 12:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00C2 15 KB
15 KB 136ms
44ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 16:40:56 GMT
x-content-type-options: nosniff
age: 330198
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 02 Nov 2023 16:40:56 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00C2 15 KB
16 KB 133ms
41ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 31 Oct 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 502762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Oct 2023 16:44:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 00C2 15 KB
15 KB 164ms
73ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:40:44 GMT
x-content-type-options: nosniff
age: 143010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:40:44 GMT

GET
H3 200 apercu_pro_700_normal.ttf
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/fonts/ Frame F1F1 369 KB
157 KB 113ms
45ms Font
font/ttf 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/fonts/apercu_pro_700_normal.ttf

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/b6b1ad1164099ebc4153e4df2cc02eab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e69f884bf552754f97c35ad2e86bec854e0fd2b9fad1226e537b74e33e819a29

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 04 Nov 2022 13:55:19 GMT
age: 167335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 160832
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 13:55:19 GMT

GET
H3 200 1566170a18c4d62246d196842d950128.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/ Frame F1F1 2 KB
971 B 45ms
45ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/1566170a18c4d62246d196842d950128.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109de181e7f526c1bf6d3550ee0308afacac815e3deefa101679499b9036a97e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 03 Nov 2022 03:26:08 GMT
age: 291486
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 936
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Nov 2023 03:26:08 GMT

GET
H3 200 0df8ca6f5b856da9a4dfa9aa9621605a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/ Frame F1F1 3 KB
3 KB 46ms
46ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/0df8ca6f5b856da9a4dfa9aa9621605a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ad34d5fd8b34dc6f4f90ac144b4298c28b979cb2efea82c4372736cf826b59

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 05 Nov 2022 08:46:49 GMT
x-content-type-options: nosniff
age: 99445
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3298
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 08:46:49 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame BD9E 0
12 B 52ms
51ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?45hTVg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:14 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame CDA2
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1997604921077896&output=html&h=600&slotname=6545110057&adk=1210871976&adf=3838452572&pi=t.ma~as.6545110057&w=380&lmt=1667737453&format=380x600&url=https%3A%2F%2Fwww.04597.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1667737453518&bpp=1&bdt=1098&idt=371&shv=r20221101&mjsv=m202211020101&ptt=9&saldr=aa&abxe=1&prev_fmts=380x600%2C0x0%2C1200x90&nras=1&correlator=812488700199&frm=20&pv=1&ga_vid=2128360321.1667737454&ga_sid=1667737454&ga_hid=2047769938&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1210&ady=3944&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44773810%2C42531705%2C44773614%2C31070616%2C31070697%2C44774605%2C44775017&oid=2&pvsid=620334795948716&tmod=1643248353&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CaeEbr%7C&abl=CA&pfx=0&fu=0&bc=31&ifi=4&uci=a!4&btvi=3&fsb=1&xpc=qcBxhHnCs4&p=https%3A//www.04597.com.ua&dtd=374

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
expires: Sun, 06 Nov 2022 12:24:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 06 Nov 2022 12:24:14 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00C2 0
20 B 75ms
74ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
BLOB 200
OK 06511e8c-527a-4323-bcf0-a1c803f52465
https://www.04597.com.ua/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/06511e8c-527a-4323-bcf0-a1c803f52465
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK 309b57c9-874c-45aa-bba6-ce0694112262
https://www.04597.com.ua/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/309b57c9-874c-45aa-bba6-ce0694112262
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 5f4efa2b-8a9b-4842-a1bf-369c689421f7
https://www.04597.com.ua/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/5f4efa2b-8a9b-4842-a1bf-369c689421f7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK bd4e0d6f-2646-4905-b743-86a53c862067
https://www.04597.com.ua/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/bd4e0d6f-2646-4905-b743-86a53c862067
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
BLOB 200
OK 2494445c-4e1f-4a5a-92fa-74b38b878ce6
https://www.04597.com.ua/ 0
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/2494445c-4e1f-4a5a-92fa-74b38b878ce6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 0
Content-Type: text/javascript

GET
BLOB 200
OK c093913e-7795-40c3-bbd0-893dfc74ac16
https://www.04597.com.ua/ 250 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/c093913e-7795-40c3-bbd0-893dfc74ac16
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length: 250
Content-Type: text/javascript

GET
H2 200 / Show response
c.mgid.com/pv/ 0
43 B 153ms
140ms Script
text/plain 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.mgid.com/pv/?pv=5&cbuster=1667737454969296151276&uniqId=1419b&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.04597.com.ua&lu=https%3A%2F%2Fwww.04597.com.ua%2F&sessionId=6367a76f-11cca&pageView=1&pvid=1844ce60979ba65cb35&site=567132&implVersion=11&dpr=1&tfre=2505
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765dce15b916887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
BLOB 206
Partial Content e1e94338-2c1f-4030-97aa-dd6426449a1c
https://www.04597.com.ua/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/e1e94338-2c1f-4030-97aa-dd6426449a1c
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame C247 36 KB
16 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 17:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 17:44:24 GMT

GET
BLOB 206
Partial Content 2245f921-33d3-407c-95ab-21944f9cde26
https://www.04597.com.ua/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/2245f921-33d3-407c-95ab-21944f9cde26
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 56ms
47ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQZ016TJQM3CQAQ
age: 3322
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: H0ihdhm/EJhbcC+homFO+mab68DYYvx/mk6E6cpnOvsu3WasxL/t0xcMLjTuGMaSc4h2RuXW7vE=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 765dce1619fe887d-LHR
expires: Mon, 07 Nov 2022 12:24:15 GMT

GET
H2 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
813 B 57ms
47ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: BQQP2P0ZGAY0CMXJ
age: 3026
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: Cxr/h9GEH2cm2grnKHiXrIw5MioqY/kDhHlX9SIKfHkMPhFjrTu42FaOoPgYIABs4KQfQTtjm/c=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 765dce1619fc887d-LHR
expires: Mon, 07 Nov 2022 12:24:15 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 00C2 0
20 B 80ms
79ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyQlRocm9uZQoKCAIqBnNlcnZlcgoVCAQqEW15c2lkaWFfYW5hbHl0aWNzCg0QFCEAAAAAoLztQDAECg0QFSEAAAAAAAAqQDAECg0QFiEAAAAAAAAUQDAECg0QGCEAAAAAAJ6RQDAECg0QMiEAAAAANDPTPzAECg0QMyEAAAAAzcz0PzAECg0QNCEAAAAAzcz0PzAECg0QNSEAAAAAzcz0PzAECg0QNiEAAAA0M3NYQDAECg0QNyEAAACAZmb2PzAECg0QOCEAAAAAAIBYQDAECg0QOSEAAAAAAFSAQDAECg0QOiEAAIBmZrqBQDAECg0QOyEAAAAAAKiMQDAECg0QPCEAAAAAAKiMQDAECg0QPSEAAIBmZq6MQDAECg0QPiEAAIBmZnqRQDAECg0QPyEAAIBmZnqRQDAECg0QQCEAAODMzKyRQDAEEhpDSy1MbUpUR21mc0NGVmxESFFrZEtEWU5sdyIcc2NyZWFtL3Rocm9uZV9pbWFnZV9sb2dvX29jaCgR

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/f811ceb9b4a6a990ad4105fc3f7ba433.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1566170a18c4d62246d196842d950128.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/ Frame F1F1 2 KB
973 B 39ms
39ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/1566170a18c4d62246d196842d950128.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/b6b1ad1164099ebc4153e4df2cc02eab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109de181e7f526c1bf6d3550ee0308afacac815e3deefa101679499b9036a97e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 03 Nov 2022 03:26:08 GMT
age: 291487
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 936
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 03 Nov 2023 03:26:08 GMT

GET
H3 200 0df8ca6f5b856da9a4dfa9aa9621605a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/ Frame F1F1 3 KB
3 KB 40ms
40ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/0df8ca6f5b856da9a4dfa9aa9621605a.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15ad34d5fd8b34dc6f4f90ac144b4298c28b979cb2efea82c4372736cf826b59

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 05 Nov 2022 08:46:49 GMT
x-content-type-options: nosniff
age: 99446
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3298
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 08:46:49 GMT

GET
H3 200 f0fdf50bd1ed1a626e081614e5b71fe2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/ Frame F1F1 9 KB
9 KB 42ms
41ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/f0fdf50bd1ed1a626e081614e5b71fe2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e393bbe184647893b768b1ed9ed4d09e18b604ff06be2daec1026ddf07a01ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 04 Nov 2022 13:55:20 GMT
x-content-type-options: nosniff
age: 167335
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9418
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 13:55:20 GMT

GET
H3 200 1566170a18c4d62246d196842d950128.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/ Frame 1546 2 KB
975 B 44ms
44ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/1566170a18c4d62246d196842d950128.svg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/b6b1ad1164099ebc4153e4df2cc02eab.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

109de181e7f526c1bf6d3550ee0308afacac815e3deefa101679499b9036a97e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 05 Nov 2022 05:06:30 GMT
age: 112665
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 936
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 05:06:30 GMT

GET
H3 200 cdc5358f5a153fa8323e134af0d16fbd.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/ Frame 1546 3 KB
3 KB 45ms
45ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/cdc5358f5a153fa8323e134af0d16fbd.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6acc11ead3805cbf773b41af7cbe10537765f2e4d1ac09b94141607a8fa5a010

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 05 Nov 2022 05:06:30 GMT
x-content-type-options: nosniff
age: 112665
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2787
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 05:06:30 GMT

GET
H3 200 a69225d345cb6a73b45498130d45ee0c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/ Frame 1546 3 KB
3 KB 46ms
46ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/a69225d345cb6a73b45498130d45ee0c.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bc29bf3a5fa1ea58ff2a45b0e2261a3e94c964ad11fb0e90bc803feec9b2187

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 05 Nov 2022 05:06:30 GMT
x-content-type-options: nosniff
age: 112665
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3243
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 05:06:30 GMT

GET
H2 200 1 Show response
servicer.mgid.com/1323283/ 2 KB
1 KB 86ms
76ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1323283/1?pv=5&cbuster=1667737455125537864858&uniqId=1419b&lct=1667433600&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=1600&h=90&cols=2&ref=&cxurl=https%3A%2F%2Fwww.04597.com.ua&lu=https%3A%2F%2Fwww.04597.com.ua%2F&sessionId=6367a76f-11cca&pageView=1&pvid=1844ce60979ba65cb35&implVersion=11&dpr=1&tfre=2661
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c40873f1a03aa5897812f7dce058c6f8d84c86e42f6ce98f11754e2ba1583ade

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 765dce16ab49887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 1 Show response
servicer.mgid.com/1323283/ 2 KB
1 KB 199ms
192ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1323283/1?mp4=1&ap=1&w=1600&h=90&cols=2&pv=5&cbuster=1667737455128793812032&uniqId=15ea2&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.04597.com.ua&lu=https%3A%2F%2Fwww.04597.com.ua%2F&sessionId=6367a76f-11cca&pageView=0&pvid=1844ce60979ba65cb35&implVersion=11&dpr=1&tfre=2664
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e05c7213cdbfba769a2cf710da4fa070ca06a9ad0034aa2813dcde6cae86b2ed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 765dce16ab4b887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame F1F1 36 KB
16 KB 47ms
47ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 17:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 17:44:24 GMT

GET
H3 200 vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1546 36 KB
16 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vLbRz7g6TQ5oo3iSl-9A8cc-tNTKSUSKynQIdvKxkcY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 17:44:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 67191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16061
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 17:44:24 GMT

GET
BLOB 206
Partial Content e160bb61-3544-46e7-bd15-81b815b65d5a
https://www.04597.com.ua/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.04597.com.ua/e160bb61-3544-46e7-bd15-81b815b65d5a
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 74ms
74ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323284.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 2851
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 765dce16c952dc39-LHR
expires: Mon, 07 Nov 2022 12:24:15 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1010 B 53ms
52ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323284.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 2786
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 765dce16c956dc39-LHR
expires: Mon, 07 Nov 2022 12:24:15 GMT

GET
H3 200 grib-2_63400a92c88d3.gif
s.04597.com.ua/img/section/newsIcon/original/is/2/ 6 MB
6 MB 82ms
81ms Image
image/gif 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/original/is/2/grib-2_63400a92c88d3.gif
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6abcb4d71468eb40e23701e643be4ba7a02797b8a204581c8858df6cb16aab88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6793870
last-modified: Fri, 07 Oct 2022 11:16:37 GMT
server: cloudflare
etag: 1665141397-885x400-0-0-6793870-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=14Pzc0laJhBe4AZ1aguglyaDp1eQ2YjOfczd8lh%2BH2zHmIAhdqnqA%2F4e3XKTxs7yXr1D4yUMejcfXvZzkRghiFyh2mZEq8h3jWHJ8pS34VTLx17CrCO9dIBPLtaGjzT9hmPUHN11HRiDf5cS%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce16dc4f769e-LHR
expires: Sun, 06 Nov 2022 19:51:57 GMT

GET
H3 200 microsoftteams-image-52_632475d0e4caa.png
s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/ 182 KB
183 KB 1300ms
1299ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/img/section/newsIcon/subdir/card/is/2/microsoftteams-image-52_632475d0e4caa.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f6fa576d6db35095585e38e34762be199e68f61811c7ce579499ece55aadb5a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59537
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 186600
last-modified: Fri, 16 Sep 2022 13:10:42 GMT
server: cloudflare
etag: 1663333842-885x400-1-0-255736-
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BSlkNepXh%2FvRfhiyH%2FowIOO4jh1guMjjZuz5lzrDgQ0VMg9wmgPzUjvZ1jMsNpyXBG6%2BDV73CecM9GKa9LwcwfXi3YIqvmpbvqGC8cwlBFaLtq1jxlnWbWyKaENno5yhO0gYsu3Fn9ijmOIDtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce16dc54769e-LHR
expires: Sun, 06 Nov 2022 19:51:58 GMT

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame 161E 7 KB
7 KB 135ms
44ms Image
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:51:47 GMT
x-content-type-options: nosniff
age: 142348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83606
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:51:47 GMT

GET
H2 200 edge.4.0.0.min.js
animate.adobe.com/runtime/4.0.0/ Frame 161E 39 KB
39 KB 355ms
61ms Image
text/javascript 2a02:26f0:1700:3::5f65:1b92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:3::5f65:1b92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Sun, 06 Nov 2022 12:39:15 GMT

GET
H3 200 Untitled-2_edge.js
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/ Frame 161E 4 KB
4 KB 1163ms
1162ms Image
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edge.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61016573-11ee"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u27JJ%2BQ9kTJCLf8hU5AyUQXt41rXzECr1r3ABJddHnLH1JLK1Si74h7YjAsvlpcVVpCy%2BZKX1RR3qffnWhRvyelgvOICgsJMwcQEYPP1CNM5sXqOT8z17lp7VpUhO0gq7lDH2z%2FfUCiyiApcaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce180e2f769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/ Frame 161E 1 KB
1 KB 1163ms
1163ms Image
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edgeActions.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"61016573-4e4"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6o7J0EV5iLzDC8DQ4D7pXdd2gToe3ehnjnrIX2rqrvQ4OiDsswnYiyEpyaOPzN7kgLl6zKOhFgTi9ZwWOwh3eoOahWGfPr3DOwG2mIZVUFxMhZfgjvYK3zPEA5u1hYBSUk6MvI1zbHX6spO5Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce180e31769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame D037 1 KB
1 KB 180ms
91ms Image
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgePreload.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:51:47 GMT
x-content-type-options: nosniff
age: 142348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83606
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:51:47 GMT

GET
H2 200 edge.4.0.0.min.js
animate.adobe.com/runtime/4.0.0/ Frame D037 119 KB
119 KB 344ms
50ms Image
text/javascript 2a02:26f0:1700:3::5f65:1b92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgePreload.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:3::5f65:1b92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Sun, 06 Nov 2022 12:39:15 GMT

GET
H3 200 Untitled-2_edge.js
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/ Frame D037 4 KB
4 KB 1164ms
1163ms Image
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edge.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6109149f-11ee"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gBmBaItDzlmgkjFLiW%2Fnli2DsReO2AyYzL%2BrHlQdwPmTw6fw6Z062PIQpxnYCAXT6uICXYw3tC1SWavZQgBYMI7vPJKP%2FpnhAUsrux8EJdWIoOCGicuFSiEVpbChvOsC4n%2B4mXAT3I4ydAhe1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce180e32769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/ Frame D037 1 KB
1 KB 1164ms
1163ms Image
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgeActions.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6109149f-4e4"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KJ8LqKq6R9ug1lYBsVi4NTKPBdy%2BoHXuK%2F22XXW42zJZQvj%2FLezyj%2BdTlSrJQgR5na%2BjH8NUA1yQpOv0Z959OnDcUc7PRj91mlI8UnUHZkxT9wBRdSFlLIYd3MGf2twdC%2F9pD4zSBXD6k0dM%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce180e33769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 1 Show response
servicer.mgid.com/1323284/ 3 KB
2 KB 72ms
71ms Script
application/x-javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://servicer.mgid.com/1323284/1?mp4=1&ap=1&w=380&h=600&cols=1&pv=5&cbuster=1667737455270508318263&uniqId=04521&lct=1667433600&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fwww.04597.com.ua&lu=https%3A%2F%2Fwww.04597.com.ua%2F&sessionId=6367a76f-11cca&pageView=0&pvid=1844ce60979ba65cb35&implVersion=11&dpr=1&tfre=2806
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323284.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb558a589abb064f91d2793cc4c111012e8651602e873f41f5f604b64fdf88f9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cf-ray: 765dce178ad9dc39-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 aprrap_615aceaa07f68.png
s.04597.com.ua/section/poll_answer_poster/upload/images/polls/000/053/969/ 105 KB
105 KB 1218ms
1217ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/poll_answer_poster/upload/images/polls/000/053/969/aprrap_615aceaa07f68.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9111b221f80292dcd953dbb6654ee10b8a54d98e5a9a542e6be0c41df331557

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107336
last-modified: Mon, 04 Oct 2021 09:51:38 GMT
server: cloudflare
etag: 1633341098-300x300-0-0-107336
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dpie15xcxOMqUBabA1BOUJxtDSBcmqYkoGaz9uKuVAR3EzCIgtefFIclyDCWFi%2F0Ce0aFQVgOQme17R%2BLCGyFfMqbjAws9ySTHAKfMorqaIZ2PtRXF%2F%2FNO%2Bvvq8SMJ7rbtc7oXFp7FahYDCycA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce178d60769e-LHR

GET
H3 200 6303601606209701-561_615acead03b30.jpg
s.04597.com.ua/section/poll_answer_poster/upload/images/polls/000/053/969/ 7 KB
8 KB 1242ms
1242ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/section/poll_answer_poster/upload/images/polls/000/053/969/6303601606209701-561_615acead03b30.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2098820217ab85e88ba6c6434cab7d3d0d71d34e9ebe2c0a6ad14f435fc3366e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-cache-status-back: MISS
date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 59538
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7231
last-modified: Mon, 04 Oct 2021 09:51:41 GMT
server: cloudflare
etag: 1633341101-300x300-0-0-7231
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mu2zW3lNnoaF9XxK3BV%2BdHyBbOzUKsDn9t3qxL095FYBtiRyvdf8e07EaszfXFOjiIyknSPcJrwjQhKbaomh8jmYu62NovJ6ZuPzcPBdTw87jp9VmRukF%2FjSUK9j%2FX30cbnBN0bDxbRthfhqKw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *, *
cache-control: max-age=86400, public, must-revalidate
accept-ranges: bytes
cf-ray: 765dce178d69769e-LHR

GET
H3 200 widget-ssp-performance
c.mgid.com/ 43 B
167 B 133ms
133ms Image
image/gif 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/widget-ssp-performance?time=200
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 765dce181be7dc39-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: image/gif

GET
H3 200 mgid_ua.svg
cdn.mgid.com/images/mgid/ 2 KB
1 KB 45ms
45ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/mgid/mgid_ua.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 1SAKNE8T99VM7FFV
age: 2851
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ygWvmfZuUKec2ix2rXp9wGADIzJEt4+BbxwpugjObCowudhzU+Mv6OMB7bKnKqvKe27gjoifOFM=
last-modified: Tue, 08 Mar 2022 17:05:01 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1646759091/ctime:1646759091/gid:0/gname:root/md5:617c205137825561208ef7c1a2d8f319/mode:33206/mtime:1646759091/uid:0/uname:root
etag: W/"617c205137825561208ef7c1a2d8f319"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 765dce181bf0dc39-LHR
expires: Mon, 07 Nov 2022 12:24:15 GMT

GET
H3 200 Adchoices.svg
cdn.mgid.com/images/logos/ 836 B
1010 B 38ms
38ms Image
image/svg+xml 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.mgid.com/images/logos/Adchoices.svg
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: YX26RVNEGW9X6AWK
age: 2786
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: n34KGzJQ98MT9xBDtbJv2oufYNYTE1MJ4vzxC7KZ0Bli4Tknnuz5/OulQ9m/FQMVXjfciLfclSI=
last-modified: Wed, 17 Feb 2021 18:15:53 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: atime:1613585745/ctime:1613585745/gid:0/gname:root/md5:7d59364b7ed2df3f02507c9f92560df9/mode:33206/mtime:1613585745/uid:0/uname:root
etag: W/"7d59364b7ed2df3f02507c9f92560df9"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=86400
cf-ray: 765dce181bf1dc39-LHR
expires: Mon, 07 Nov 2022 12:24:15 GMT

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM2NjkwNC9lYWVmM...
s-img.mgid.com/g/14323449/492x328/-/ 18 KB
18 KB 159ms
84ms Image
image/webp 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14323449/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA3LzM2NjkwNC9lYWVmMDFmNTA4ZjM5YjJkZDBkZTZmYjU0Y2ViYjYyOC5qcGc.webp?v=1667737455-ZxaVjulhmePVUeedzvOG7oJmMA_BdZlpAqO9clPnnjU
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ed501b751b29a591082a3b85d4dec413e3ad3568aa598195103687895c2a13a

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 18:39:01 GMT
x-mg-request-uuid: 18e84968-0e86-45a4-8951-acc0b032cc61
server: cloudflare
age: 1001164
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 765dce189e527576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18532

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwLzM2NjkwNC81ZDdlY...
s-img.mgid.com/g/14445003/492x328/-/ 12 KB
12 KB 157ms
83ms Image
image/webp 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14445003/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX2ZhY2VzOmF1dG8scV9hdXRvOmdvb2Qsd18xMDIwL2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTEwLzM2NjkwNC81ZDdlYWE3NjgzZGJlZTE4MGY4ZDMwZGI2MDA5Mjc4Yi5qcGc.webp?v=1667737455-Sc3RY89DAuzJRkomMcMMeuqjxL1WIA1Yhw83SA_Jfng
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e797bbe5a3e6b222f5ca7561e7cca8d4257d2d659ef911cacd00843eed6b6b7

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2022 03:55:01 GMT
x-mg-request-uuid: 4c2fa3ea-ec82-4223-a71c-b99d902240d4
server: cloudflare
age: 839002
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 765dce189e557576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11826

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 80ms
79ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221101&jk=620334795948716&bg=!l5SllNDNAAZPh4lnb4c7ACkAdvg8WrMW60C9Zpq-V-Cm0_Eo_chQ_Pz2rxVvjlwvuMmASQvef0i1KwIAAAE3UgAAAANoAQcKAFdvLDDRoeBtMLFneGnX1wfS5iwykVeHLxfkBfpJh2zHNVkX8Mkqx48x56tnmjRPeu46GecCLU9z8DKwDLy4hDo8gsQYPhZvO-RBtzQOiPLAyXhrAGwwbV2ZAqtnPKODywyLccynNlhP7Xk0lRoAXj_bedatHaD7J7zZfJc68uUjxRhI8OffD-ayCHt9SmFfFq-ID18JgOSBetTeOVXb2rxsSy8PWJMeBb32OoFVTH5sCWydhlHlphsnyFk4VKWRuzOkbiXVTZ4W1ciSs4HeAYvOuu4bUlu-KJ0yY7FG1vkY4qKwqQd8w1qcj-ebxXT4ZaZaeRcgAaVXEVwrMgVYlNMBfg2ASy-1YdlXrS513pAeNASFHtUpib7CyP-ap4ua4UGx85r6UX6_eBL5bcfQQjoCtrTTXCoSa_QiLRN8NFOBlRB8YY7RWLgsYMu9AcIOdLDlkNnmzUXZGT51VcRP8LnGaLijpB3_8M7V58PxG1fyeL9bnTXINtcBX4rl8eDKlyzBqh_p0coTp6f-AZEenHuF_yTNEjJ_H6quClRlZWEgpRF5Tc6bWkVkj9Ho4JRRAzuSA67BKbLmq_rRTYQiXFqUVxu3SU5GtUkIJWfQdYcOYy-uDy3aO_Ai5bv96vhkGtw9YFy8h0MaKgrqjshWMRZkxS44cAV3wNJ1FM8HFdoui6P1u-W8WIFs_omLX89-7TQ_3dT4YIO6fPmJcjDYllTM9sDtYIboMDnPWu_MDBSD0AnQ5TcGslJz-_2XxLb0qfteFMYRaxNAfTh6PUD4b5ZxTCaD6WdGL5pM1xXwjZCirYQyGDgkDJrPyOdJoGybCLzT73BYbIcfCrtW6l3n_srot27gWtM_y225uYZh8iZrb3lbpQbLNIxqBFEsbTz9oN2fTWf0Xl8B4HcfB-bPMG75Lal4e73qZ3MRi1V8rPnu49-Yd4lZ63R1yuYfeqAIWSjzYo7yZO1OyKBzlGgoKQR2fu9oduEKZN6Lq7rSvc-q4IaRJzFuej4MKXHkShwLyKvIOdfnZA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF80NTAseV8zNjkvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvM...
s-img.mgid.com/g/14323462/492x328/-/ 19 KB
20 KB 114ms
47ms Image
image/webp 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14323462/492x328/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzM6MixjX2ZpbGwsZV9zaGFycGVuOjEwMCxmX2pwZyxnX3h5X2NlbnRlcixxX2F1dG86Z29vZCx3XzEwMjAseF80NTAseV8zNjkvaHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMjItMDcvMzY2OTA0L2EzYjQyYzEzYWU1NGM1MzQ2YTUyODFlN2RkOGZiN2Q5LmpwZw.webp?v=1667737455-gkcOSD3bjZrbOyL5m3IIWPR8lEdccOON32HIh-QnK1M
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40c60831b8c25acd5611370eaaebdd5cc62de84f0584a07b005ded37781411fb

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 18:28:14 GMT
x-mg-request-uuid: ce8505fa-6ba4-4eef-9887-235307c94a41
server: cloudflare
age: 1001663
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 765dce189e547576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19658

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zNjY5MDQvNWQ3Z...
s-img.mgid.com/g/14445003/492x277/-/ 11 KB
11 KB 110ms
45ms Image
image/webp 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14445003/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0xMC8zNjY5MDQvNWQ3ZWFhNzY4M2RiZWUxODBmOGQzMGRiNjAwOTI3OGIuanBn.webp?v=1667737455-Q5WaR98a7mOLnXs-7fliJlFIqM5WeEPcFLPUvsKOjG8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d20f06b43efed45942707f080ef9b77b62b892cdd3c21a225a690ea738e052c

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
last-modified: Wed, 26 Oct 2022 03:54:23 GMT
x-mg-request-uuid: e814fe2d-6779-4ca2-a7de-910a187835bf
server: cloudflare
age: 841163
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 765dce189e567576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 11040

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zNjY5MDQvZWFlZ...
s-img.mgid.com/g/14323449/492x277/-/ 16 KB
17 KB 151ms
85ms Image
image/webp 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14323449/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ19mYWNlczphdXRvLHFfYXV0bzpnb29kLHdfMTAyMC9odHRwOi8vaW1naG9zdHMuY29tL3QvMjAyMi0wNy8zNjY5MDQvZWFlZjAxZjUwOGYzOWIyZGQwZGU2ZmI1NGNlYmI2MjguanBn.webp?v=1667737455-hvX2xQvttBoUeHbUVAohoHyfNOo3D_GraDJ2IbVOgvE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db435d27c1c26ef6e3d4c25648e1b131b76b32170a51996edc2c58fc134e6ef9

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
last-modified: Wed, 12 Oct 2022 18:17:35 GMT
x-mg-request-uuid: 3abb42b3-93b1-49d1-8641-417c41ea7780
server: cloudflare
age: 1001687
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 765dce189e587576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16688

GET
H2 200 aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDUwLHlfMzY5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5L...
s-img.mgid.com/g/14097668/492x277/-/ 17 KB
17 KB 129ms
64ms Image
image/webp 2606:4700:1::6813:864e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s-img.mgid.com/g/14097668/492x277/-/aHR0cDovL2NsLmltZ2hvc3RzLmNvbS9pbWdoL2ltYWdlL2ZldGNoL2FyXzE2OjksY19maWxsLGVfc2hhcnBlbjoxMDAsZl9qcGcsZ194eV9jZW50ZXIscV9hdXRvOmdvb2Qsd18xMDIwLHhfNDUwLHlfMzY5L2h0dHA6Ly9pbWdob3N0cy5jb20vdC8yMDIyLTA5LzMxMDE0MS82ZmNkMGQzOWZhZTBmNzk4ZWIxZTc4ZDQ1MTZlYmM1MC5qcGVn.webp?v=1667737455-PuX7jl3pfqpHEnXZA0_8KR67GjYU7JDH-Nxzhaqcs80
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:864e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48ca19129f1ff74f3529721637e6935742fa3b196728b07bde57fb18621b41cf

Request headers

Referer: https://www.04597.com.ua/
Origin: https://www.04597.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: HIT
last-modified: Fri, 16 Sep 2022 23:01:29 GMT
x-mg-request-uuid: 76f625e0-5a9d-47b1-9df7-7cf9dc96f431
server: cloudflare
age: 1001120
vary: Accept-Encoding
content-type: image/webp
access-control-allow-origin: *
cache-control: immutable, max-age=31536000
accept-ranges: bytes
cf-ray: 765dce189e597576-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17240

GET
H2 200 i.js Show response
cm.mgid.com/ 0
101 B 135ms
124ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i.js?&cbuster=1667737455387203469845
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 765dce185f3d887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 i-noref.js Show response
cm.mgid.com/ Frame 7DF8 0
37 B 198ms
197ms Script
application/javascript 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.mgid.com/i-noref.js?cbuster=1667737455396846668071
Requested by: Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/javascript
cache-control: no-store, no-cache, must-revalidate, max-age=0
cf-ray: 765dce185f3e887d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H2 200 id5-api.js Show response
eu-1-id5-sync.com/api/1.0/ 56 KB
17 KB 160ms
80ms Script
text/javascript 2606:4700:20::ac43:4b59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://eu-1-id5-sync.com/api/1.0/id5-api.js

Requested by

Host: jsc.mgid.com
URL: https://jsc.mgid.com/0/4/04597.com.ua.1323283.es6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4b59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

077d2a9d8ebfc1d66cfd708a5beda595e51d8850219fe3a1bf90df244bb33121

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 558
x-amz-request-id: 7629XSZ0Q222DT4R
x-amz-server-side-encryption: AES256
x-amz-id-2: 2ZA3s0k0IxOYd65d4rs14S3xb+QiuNbo+YXV2li1Z0esFewZVfbEoORRjwath2AFoPNH5aDZd04=
last-modified: Thu, 22 Sep 2022 13:13:44 GMT
server: cloudflare
etag: W/"68154020ef14b5881614607902c7c21b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z4TVN261SRQ%2B6cdmKyVKnENgX9CoDMDRZ7mrVVUfsfvRSZ714sCC%2FdWRym2XNJz%2BfdGReVNvP6QVyDByEiewDiCQI0MHc83QoeAX2ASDEd2JV0%2B3d33Ric0Uf0lXGXll0wAbwBeQDz10HUQgiP2I"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=14400
cf-ray: 765dce18d89bf423-LHR

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame 161E 82 KB
82 KB 135ms
45ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edgePreload.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:51:47 GMT
x-content-type-options: nosniff
age: 142348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83606
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:51:47 GMT

GET
H3 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.0.3/ Frame D037 82 KB
82 KB 92ms
49ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgePreload.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 20:51:47 GMT
x-content-type-options: nosniff
age: 142348
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83606
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 04 Nov 2023 20:51:47 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2047769938&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.04597.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%86%D1%80%D0%BF%D0%B5%D0%BD%D1%8F%2004597.com.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Banner%20Place&ea=View&el=stretching_1_site&_u=aHDAgEABAAAAAEAAI~&jid=&gjid=&cid=2128360321.1667737454&tid=UA-77009407-42&_gid=766238972.1667737454&gtm=2wgb205PBKBDZ&cd3=2128360321.1667737454&cd4=1667737455561.w98tihzb&cd5=2022-11-06T12%3A24%3A15.561%2B00%3A00&cd7=No&z=1452607485

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34904
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 140ms
41ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

cc8ba4434d5a213c080af7ed513b934573bc46a9998595c264d42384743969e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 06 Nov 2022 12:24:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
230 B 141ms
45ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 34c529e43c9c6a40bcbc57bd26b970fc1a6f1e7696089df37e2e85a52953985f

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 6 Nov 2022 12:24:15 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 139ms
42ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

4bc35bdc9a25b060205598db6dfbcdad88a74bbbcb44f619818c89aaf93a8469

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 06 Nov 2022 12:24:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
230 B 139ms
45ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 1f5eda0eb545c63e8533834606d196a088c06d32ca6b14b9d0f15fcf3e949109

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 6 Nov 2022 12:24:15 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H/1.1 200 v1 Show response
lb.eu-1-id5-sync.com/lb/ 33 B
403 B 142ms
44ms XHR
application/json 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://lb.eu-1-id5-sync.com/lb/v1

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

c2d04c9f8f0809b7adda70a709a7ae44c279ebf51a4c1ccd01b2c8370c271287

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 06 Nov 2022 12:24:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H/1.1 200
OK v1 Show response
lbs.eu-1-id5-sync.com/lbs/ 54 B
230 B 138ms
44ms XHR
application/json 2001:41d0:701:1000::31d2
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by: Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software: /
Resource Hash: 462b110b44879cdea6bd6ebb9f9dbd0c4687b706e24c145346873269eb7194f6

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 6 Nov 2022 12:24:15 GMT
content-length: 54
vary: Origin
content-type: application/json

GET
H2 200 edge.4.0.0.min.js Show response
animate.adobe.com/runtime/4.0.0/ Frame D037 119 KB
37 KB 56ms
55ms Script
text/javascript 2a02:26f0:1700:3::5f65:1b92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgePreload.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:3::5f65:1b92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 59d448078f834cd81b002a6e12409909f5715e1945d035b4833b62b9834cce2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Sun, 06 Nov 2022 12:39:15 GMT

GET
H2 200 edge.4.0.0.min.js Show response
animate.adobe.com/runtime/4.0.0/ Frame 161E 119 KB
37 KB 57ms
57ms Script
text/javascript 2a02:26f0:1700:3::5f65:1b92
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://animate.adobe.com/runtime/4.0.0/edge.4.0.0.min.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edgePreload.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:3::5f65:1b92 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 59d448078f834cd81b002a6e12409909f5715e1945d035b4833b62b9834cce2f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: gzip
last-modified: Thu, 08 May 2014 11:58:54 GMT
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 37219
expires: Sun, 06 Nov 2022 12:39:15 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 42ms
42ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2047769938&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.04597.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%86%D1%80%D0%BF%D0%B5%D0%BD%D1%8F%2004597.com.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Banner%20Place&ea=View&el=block_1_site&_u=aHDAgEABAAAAAEAAI~&jid=&gjid=&cid=2128360321.1667737454&tid=UA-77009407-42&_gid=766238972.1667737454&gtm=2wgb205PBKBDZ&cd3=2128360321.1667737454&cd4=1667737455658.c2xx784h&cd5=2022-11-06T12%3A24%3A15.658%2B00%3A00&cd7=No&z=570321796

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34904
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Untitled-2_edge.js Show response
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/ Frame D037 4 KB
2 KB 789ms
788ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edge.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ea1cec3b4ad0d0d0cbc75fcfcabea3d6248280715dcc25afeba824dae09bff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"6109149f-11ee"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uh5FTI4dFiteb%2BD0ibUCe9PX3M8sAUhomYPLZuzjElvYgdq0RONRYY%2FOkt1GECzvlc3%2Fu7mczCoK3%2F8FkXLDFfepHz4V4bUJSeOiXYcSRybc3U7dbwZuvwrY4aD%2BccKIYvuXIkRwRtmRKdaN1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce1a6a2f769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edge.js Show response
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/ Frame 161E 4 KB
2 KB 787ms
787ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edge.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26ea1cec3b4ad0d0d0cbc75fcfcabea3d6248280715dcc25afeba824dae09bff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: W/"61016573-11ee"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FmQ1G57wUL1haEv%2FrTPcMWyJUDKb16j1s86iFJskx5PYRpkS4kUZJkY4QRtUZsLU%2BtJgGvQpX85NEqfuIRh1OKZon9dJNP3FpbXTjogqf2ROmW6HS9ILJD1LsfncpqZj16BVzeqWc1Ysr08BVA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce1a6a35769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
626 B 138ms
42ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

cc3ff5238548ffaac135d12bc554edbc029c3cd81d2054df06d61d968e8d91df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 06 Nov 2022 12:24:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
626 B 140ms
44ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

967f8e2b82ac5e7beb1be66b47d81c3d9c3cd72151c894446e3a14a53bac501c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 06 Nov 2022 12:24:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

POST
H/1.1 200 231.json Show response
id5-sync.com/g/v2/ 216 B
626 B 141ms
46ms XHR
application/json 162.19.138.83
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/231.json

Requested by

Host: www.04597.com.ua
URL: https://www.04597.com.ua/polyfills-es2015.a654f98f4d03ce02c384.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.83 , France, ASN16276 (OVH, FR),

Reverse DNS

ns31532338.ip-162-19-138.eu

Software

Resource Hash

f3b6b25871f74092299c49d88c8cb44ecdae1d9c05538d54cf77d277a0cf4399

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.04597.com.ua
date: Sun, 06 Nov 2022 12:24:15 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
content-type: application/json;charset=UTF-8

GET
H3 200 Untitled-2_edgeActions.js Show response
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/ Frame D037 1 KB
926 B 49ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgeActions.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ab5d930315db1a179f6c9d037cd6a0010743019b823b334fafb30ed09d29fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"6109149f-4e4"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sAjsmh6jz86gzkgIJgtGhe9UdZHTxdxA5Jm7Zg53s%2BTb5QBrLGeaJLmwrtkhNAU%2Bqa9CoRHrs9%2F4M%2FB7nhYIIExVuH%2BvpZnmD71c%2F7e4iCVoyngJcAEHpd%2B7FgIs9I9NRvDCA7UZiJVbIXM8Sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce1faac6769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Untitled-2_edgeActions.js Show response
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/ Frame 161E 1 KB
926 B 49ms
49ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edgeActions.js
Requested by: Host: s.04597.com.ua
URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/Untitled-2_edgePreload.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 57ab5d930315db1a179f6c9d037cd6a0010743019b823b334fafb30ed09d29fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:10:59 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1
etag: W/"61016573-4e4"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZS4PanumRqekPcq7M%2F%2FyJYfbyZfv2NL7tacwB%2F10TiHzF0B%2BsVhdA3Ro4F2t4%2BRZ%2BPTHvfq07X3dQLukTP%2FHAF2u0XsB2cHeMjZqpKbnBU4T4PPyzyGS6PUR105VLudfRjfKks39Gc1Vz3lpWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=604800
cf-ray: 765dce1faac7769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 c
c.mgid.com/ 43 B
213 B 139ms
139ms Image
image/gif 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=351|89|12|c5tFAuo6X8wGvZMzC92hucyFVzr3aDCjbCNp2ROziCk4B6JOQyT3vgULix9m_oRTFjOlS4yAZjif018I6adX1A**&fw=1&extjs=66044&v=351|89|12|c5tFAuo6X8wGvZMzC92huWywc-QhMSECmmzB485ygz1fBdBVypbWkYRPZmZLfCaAnhjiwp0YgnTAwsLWwkeWig**&cid=1323283&h2=f4mNXHc2P8vJX4X5YKO1Vw8Jp_1RKQSmrLX5h6o9TLc*&rid=ed7123ea-5dcd-11ed-92ec-e43d1a2a96ec&tt=Direct&iv=11&pageImp=1&pvid=1844ce60979ba65cb35&cbuster=1667737456583175639713
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 42f31b48-b743-48f0-8c0b-e472d4c0638d
server: cloudflare
content-type: image/gif
cf-ray: 765dce1fbb12dc39-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 c
c.mgid.com/ 43 B
213 B 141ms
140ms Image
image/gif 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?pv=3&v=351|89|12|c5tFAuo6X8wGvZMzC92huUlxqR18g_y1fjdyvsNXj5RfBdBVypbWkYRPZmZLfCaAvBiFdrfNujXoJd7KOZJm6g**&fw=1&extjs=66044&v=351|89|12|c5tFAuo6X8wGvZMzC92huWywc-QhMSECmmzB485ygz04B6JOQyT3vgULix9m_oRTHH-elZYx3K-PdwXVMcOIhQ**&cid=1323283&h2=f4mNXHc2P8vJX4X5YKO1Vw8Jp_1RKQSmrLX5h6o9TLc*&rid=ed7266ef-5dcd-11ed-92ec-e43d1a2a96ec&tt=Direct&iv=11&pageImp=0&pvid=1844ce60979ba65cb35&cbuster=1667737456584715493189
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 43feab0f-05b9-4bd8-96c2-81ed3bb2df7d
server: cloudflare
content-type: image/gif
cf-ray: 765dce1fbb13dc39-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 back.jpg
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 12 KB
13 KB 166ms
166ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/back.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e04aaee646ca43f7b9b67139903a4ebac52e451f33380cc23a1eaedd96d8d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149e-31cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpfR3F9%2BKmW3bG8VsuWwYKBRlByYcEb5nlxLhPURZc9R9DLur%2FMczVFNvemy8sG9PnbQwkPP8MQvmlVigsMqzapyLX4HOyuPd022%2B70IahjiWsg61Xuijjo6eFZbikcKLREw9Sscb%2B0a7Givvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b70769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12748

GET
H3 200 sl233.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 2 KB
3 KB 188ms
186ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl233.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75e382a8499e00d2397888399915c110ac3fcdfd1d44f7c9e37add3d27c8de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149f-89f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZOq7deGaEN2DYXP2izPVLMq23FQf6dy1Wh9brjrCBTW68cC87A8m2ClM3hFdCT2abyrSUe2g5%2Bo3MsBiYOzW1uu1tBLkzkfKCH4rsa%2B4BbK0cxQdxSXKP3HgqIKo9NPhmj2g23l9Ezvk4ywAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b76769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2207

GET
H3 200 sl41.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 3 KB
4 KB 218ms
216ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl41.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812a3644b9c30261fa49e27be51cc1ae3e38ef73a55c45d5767c39e7677bac53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149f-d39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdZq9Z19lYn9G6vsNWGD8KZYWzvQ99yKguojQI5D5yDZA6JCfKozWVb98ubi2n19%2B4pLWIo9pDwqVui%2FlSrTIhqTNwMTXFj%2BASB0t%2FHkbCDUjlm%2FrkcYhWRgkQ8FdY6l7b96KSQT33G8Mv%2BSoA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b77769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3385

GET
H3 200 sl21.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 2 KB
3 KB 155ms
153ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl21.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db3252eb35c110dba428147ee548537a117be98f0679fb2018839d79b3d9c9a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149f-9d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3gQ3EL3Cod%2F4bp1VFRuK1E84tTPM1K%2B95q33Jvvl2mBCgtjL9Lre9%2Fvj%2BPHy8wgwKH%2F0zCcnEXI5anya3BQGJN0GVHeei6hxtlUDGBgBLD%2BHVT8B%2F%2BVEWDU51qkRLQRG%2BAaah0RhmkP9%2FJR%2B%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b79769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2512

GET
H3 200 el.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 1 KB
2 KB 188ms
187ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/el.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4556d73d709f03474004f8dc5337f0af87b26145fb4612415156a105305e4cd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149e-58d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D6NdRBeNmDoZ%2FegyrnVKkJKLglF5vV0Ud403U5ZHZF8JZLdRNn81GW0NyP5X%2BUv11yXAM3rstXNWDHmkOc3BgdBvzQAZO4uUHc6khbcqRhYXQExMhWzuNTJ9J5SrrduaOqLhm6ugA1Umc7pfmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b7b769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1421

GET
H3 200 sl42.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 3 KB
4 KB 197ms
196ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl42.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59720c75b6de653b8b56933b69b2e05a90506b3544548c72e41a754efe4243a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149f-d19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pq12RXHd17F6KJmLySss17I%2BuUx6SdvrtJ3ooBMQ3cdMrTdP%2FLyuvtTxwnK%2BH4a0HZCGaeGDW1v%2BlGZmDw2kK7OVhOnhl%2B5Zmt2Urvtqe8bPPnqHhzqpT%2BE1mZE0yFd9uI8%2BFMvNGlodCAP4Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b7c769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3353

GET
H3 200 sl31.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 3 KB
4 KB 206ms
204ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl31.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f322c1ca6700be04f56c9624da5c45a25385ac0f4508d11c9d8af8c6a1e88f26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149e-d26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaxrICoKWg4oP98umb3eEYsnJPkwz7KV66rmiQyi%2Fl2ubnOK%2BkZBsgC5i31lBU10srzsKnFbSgxRn0WY%2BaEPHatH9xjEKAyTEyIxpe61N2Nkzej13tQN3fyWcAeZi6GId5epMr2zepLwbBpJvw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b7e769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3366

GET
H3 200 sl22.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 1 KB
2 KB 220ms
219ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl22.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 472fdf43bff0595124eb474cc7d77a73abd0899f80c664954964d03a35613732

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149e-47c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B3Yyc4GVdIHMIjQ2vMU2pG5W3TuNUxkjqiHEzwGRMBjpe31ejrcyJMwwuNL9uuPVYIsgIyU1JQtKLRltUFpV84hWneeK6NaXrtV8wyJZurU%2BmX6D2KzZPDHuUS33ZYVXCcbCEY9Zn00kxJimPA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b7f769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1148

GET
H3 200 sl11.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 18 KB
18 KB 206ms
205ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl11.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09769c247649f6f98e88dda047ed94313ab2e3fc0a3139c62c6a0e8797c0a95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149e-469c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RL3TSfI9t2fjABsSAb%2FOohhm5usX6E4m2xElMNbfAfqUlRgTrrvzLW11xJRM6laeE4aOwGucMQnAP1otP5m87Fq3k3gkVBmJUWVe4g234uQOhe8ztfREPa9gOVbKLoTEvg7z7050K3c46Qu%2FRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b81769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18076

GET
H3 200 e1.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 905 B
1 KB 173ms
171ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/e1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29dc416edd26ff4ae7dce42eca09dc24b3f21e6168644c50f79f37f69a8bcc8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149e-389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3%2BT6q3WxtvvZJSPu6W5JGCygK%2BVRThTYV0ndOnRaGgaIw9A8h3CtncYUqS2SDCoW4hNIKGBrCj4l0j3c5Xb2mkvv8pw0SDGagRXqfp3Ua5spdx3u%2BBvO9HRYzkF0FJtxjBSx6ZLJ615KKfo9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b83769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 905

GET
H3 200 e2.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 570 B
1 KB 194ms
193ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/e2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e54afa45038082bd0de90fe92e2a6f6830a6093cf58138aa41729d3f2c38fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149f-23a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PjEaIdzL0D4%2FCOP0YXSBcXtrDlD1JZxfp%2BzWOYqy%2BKdNFgW3DV9ysjm9%2BbsTJ3%2BtRe%2BL%2B0anhHQHpN%2Bp87dTxHj85YIcEH11Tcwg3aGvvWdv3Izrlp9q4aHAWkArUZCVAEmBWSmMbEEQh24DnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b85769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 570

GET
H3 200 sl12.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 5 KB
6 KB 195ms
194ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl12.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7bc01bbd60b08ae518aafff716a3f389db5990cc8283bd192204b0c0e44b1fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6109149f-1462"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOuew%2BTBC7Tsf4Zpnd9zMWtMEhh7xvzfvKpGH2JnYIoZODveMGj83%2BSD4j%2BE%2B1SfKTTrGA3zXGk3QQbs%2FTeNZUn11LTg%2F9lUmqtIQt8U5E%2Bd8RHiUYui4vnggpQ3B2RJeGErEN%2BNKJ36h22klg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce201b87769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5218

GET
H3 200 back.jpg
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 12 KB
13 KB 189ms
188ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/back.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e04aaee646ca43f7b9b67139903a4ebac52e451f33380cc23a1eaedd96d8d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016574-31cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tPqIpfJsZB7PGU5zPRVK1in3r%2FNkd6WZdrQyyAkybosHw7%2FmbX8nx40QIxQg4lYCYaS%2FjlEf3Y8eYq9a2SROksso6dZEencwRwb3mNAbj1gPFZVS6nwSo2%2Fy%2BXh2zciVX00Eioo6Ab1iar03lw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202b8f769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12748

GET
H3 200 sl233.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 2 KB
3 KB 204ms
202ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl233.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75e382a8499e00d2397888399915c110ac3fcdfd1d44f7c9e37add3d27c8de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016574-89f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=awj0CfgwwGoS%2BWmx%2Bm5WiRcltUYxyR2sVAVlyMKA5hfRHdUPhM560qfg%2FzWSWK5aiH5cF0BpVcL04pkDkXjQpbBzY8kNsBPGKWiZbsXdfsUvY7FMg66Su%2BygvH6MtgT5qtjz9bayex%2F%2Ble3sdw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202b91769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2207

GET
H3 200 sl41.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 3 KB
4 KB 213ms
211ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl41.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812a3644b9c30261fa49e27be51cc1ae3e38ef73a55c45d5767c39e7677bac53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016575-d39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aJUcbbzCe2Nsr82DqTjVmLxLHSrBre9NLXm85hAxLSuozJASM8mjDLs%2BgW8%2B9cv5jUxyp%2F%2B1mIpdXx4SXrfACwhD1QG3%2BjfmeXQMbQCp5C7gzfz8n7JTtg%2FDPSX9HUHbm9tesx%2BtgxPv5a2RXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202b93769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3385

GET
H3 200 sl21.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 2 KB
3 KB 186ms
184ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl21.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db3252eb35c110dba428147ee548537a117be98f0679fb2018839d79b3d9c9a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016574-9d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7J6J9181IcGIQkYbf03tnmt%2B%2FgsW7RDvNpH6QJsHDLJU1kZ30cN23WnY5QcT57yHKffp%2BJlxZ2baCJ9ArgtiQ1oN2XCuQxyiSZNiVWOBuld3RJdSj%2BqDWwvUBBxSs%2FiseXzPbi6SVxSSvM1mg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202b95769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2512

GET
H3 200 el.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 1 KB
2 KB 164ms
162ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/el.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4556d73d709f03474004f8dc5337f0af87b26145fb4612415156a105305e4cd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016575-58d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqktvgQ4gCMgAT7dy1lDwh%2B0fLsMYDbwk8z3eFjsYVQEYtR6YLCES2YCNyZySCG94DuZ168MZ%2FpNgefRK8gjpgEGhArxqsf4UcelIxRnZVEzPASf8rDo3zeLprwhJ42zGscIPwlRk2dTH%2FePtA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202b97769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1421

GET
H3 200 sl42.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 3 KB
4 KB 202ms
200ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl42.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59720c75b6de653b8b56933b69b2e05a90506b3544548c72e41a754efe4243a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016574-d19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BwbU3BNtB8gdYnxsIIrNM2mhGqQBPb%2BXGgnpBMqLBGtl2HJX5dokkE%2BVKlocZnA4kYsfmF8AOnuU3ZHfHMieH7It%2ByDNqQPdGjWsqZ3dS23dJOZNVQdWaRNGt7y2%2B7rMa18wmb%2F5nBMbpC5qmA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202b9b769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3353

GET
H3 200 sl31.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 3 KB
4 KB 204ms
202ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl31.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f322c1ca6700be04f56c9624da5c45a25385ac0f4508d11c9d8af8c6a1e88f26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016575-d26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmrUoSXIRlOaC5Vb35%2FzM5WMZBrottlrZGgTEtHLny6BzsIj1%2B6108qU0WiX4yqZz%2FuI%2BDESyur2u8aN%2Bt6KbalszwY5msDe9eOyi8Z31qN5b%2FVxb2HvLxVsnh%2B0dASs85v3Tda9bP11yQSO5Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202b9c769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3366

GET
H3 200 sl22.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 1 KB
2 KB 223ms
221ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl22.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 472fdf43bff0595124eb474cc7d77a73abd0899f80c664954964d03a35613732

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016574-47c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WR%2FVcjcH%2BJgJTmWKKHOCLN46CuOTZF9qmv6gfqg8%2FgGbti%2Fy1mPp2HLKZVbTGewoyWvFs6AoT3gTRUWDfDYGPA5F93eZQRxLCZfahYwv0atCL6SEdpj6aYAh1ELzZ202qEU8PsLcNe1uNzi2Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202ba0769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1148

GET
H3 200 sl11.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 18 KB
18 KB 210ms
209ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl11.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09769c247649f6f98e88dda047ed94313ab2e3fc0a3139c62c6a0e8797c0a95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016575-469c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3HrIk5kXvwjHqXx1nAb4dEgKKecJ60MGensoiQFwoSGey1wvOjWPcMUAOuFiePU5N7YWDLCUKgeU4ftcoScape0zUumIz%2FRbVlg7gHs3pGS3tIvWaaeg2tHfHVoBUjEDLdqim1moGSQfaLVkYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202bac769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18076

GET
H3 200 e1.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 905 B
1 KB 188ms
186ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/e1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29dc416edd26ff4ae7dce42eca09dc24b3f21e6168644c50f79f37f69a8bcc8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016574-389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R9GMHYrcjadfQFUuaBKU8ia3eC2pVNjrlZdpX9GV5T0Ceo70prplAkUfrlkGraaRRJ%2BANjkhBhwCr0G8IaCllvX4YkTyySqyYOZ%2Fsh2toj5C63QvcmXjHYcBqJHbF%2BBrnOePHySyrt6a1foYsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202bae769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 905

GET
H3 200 e2.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 570 B
1 KB 211ms
209ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/e2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e54afa45038082bd0de90fe92e2a6f6830a6093cf58138aa41729d3f2c38fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016575-23a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IhKJ54RoAvXUhGC4z4UvfAPHd1V9%2BjBb%2BzPQMwBc0O6%2Bi8QOx5djk0k3L3tapH%2BPM3XhU0%2BPZOMK1nA60w8Yk0gDly8BlS4zsbkzOhtK1t8NL2lllVp0C4clNnJ5nEjv60iZkg%2FNhfpETrYS4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202bb0769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 570

GET
H3 200 sl12.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 5 KB
6 KB 220ms
219ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl12.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7bc01bbd60b08ae518aafff716a3f389db5990cc8283bd192204b0c0e44b1fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: MISS
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "61016574-1462"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8fRUIIs7hghPWSG1Y%2FRjjxnV3J5ZffF0tSQib26Sm6grr8mK95oQ16ND7iMgtNuKTaprPr1NbjnX3kxLltUa5LvLLygnPy9Z5n5A73lo2e90QHmXxYfD3tGm%2BINe978Clx4CBuOdwXRedWG3Rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce202bb2769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5218

GET
H3 200 c
c.mgid.com/ 43 B
212 B 137ms
136ms Image
image/gif 2606:4700:1::6813:874e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.mgid.com/c?f=1&pv=3&v=288|184|28|c5tFAuo6X8wGvZMzC92huVXlNR7sjUmBW0wPA-GGlixfBdBVypbWkYRPZmZLfCaAox7PDGaSlL4AqPfYhx9wuw**&fw=1&extjs=66044&v=288|184|28|c5tFAuo6X8wGvZMzC92hufnzvrAI8VCdodbzqnwzgFPuhWr5ycYZpSB3QhpNfAa7dzNtRWg4jtVVm7kMP-nEmQ**&v=288|184|28|c5tFAuo6X8wGvZMzC92huUsJbC9T1wEcMzWpL8PgIp44B6JOQyT3vgULix9m_oRTYqueqmEF84Nr1uenY05Etg**&cid=1323284&h2=f4mNXHc2P8vJX4X5YKO1Vw8Jp_1RKQSmrLX5h6o9TLc*&rid=ed85c373-5dcd-11ed-90a3-e43d1a2a04aa&tt=Direct&iv=11&pageImp=0&pvid=1844ce60979ba65cb35&cbuster=1667737456674539009303
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:1::6813:874e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: DYNAMIC
x-mg-request-uuid: 3bcaeab1-7e90-4a29-9514-d2a46e2204f1
server: cloudflare
content-type: image/gif
cf-ray: 765dce204c3adc39-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43

GET
H3 200 back.jpg
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 12 KB
13 KB 42ms
41ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/back.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e04aaee646ca43f7b9b67139903a4ebac52e451f33380cc23a1eaedd96d8d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149e-31cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEgZFJvA7S0V6ROJTFkeVBp8uWYC2HQ9hsok1xTrNfvAMg4c18tx7RrGoKk%2FIqrzt2r5fsxsGGw%2F7n2lbY68QWkiu3t3jZNHavUNo4IIZ2v%2FNqJ%2FSdWiSE33bk4dGwZlY9Aqq1w6MkGKePZY4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218dc6769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12748

GET
H3 200 sl233.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 2 KB
3 KB 43ms
39ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl233.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75e382a8499e00d2397888399915c110ac3fcdfd1d44f7c9e37add3d27c8de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149f-89f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WW0Uuj1kefKUSVBRp0fpJBrUvxNkNgeUEBhE0QNbq9%2B6nQoghDUuK8rEX9M6397P9ylk6GzduI4J05RztGWdmq09cbnwdflthCczHeMcjAW0KTYtYqQ9YVsj3hfoUgephtXe0JnZzjyrkerjJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218dd1769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2207

GET
H3 200 sl41.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 3 KB
4 KB 44ms
39ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl41.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812a3644b9c30261fa49e27be51cc1ae3e38ef73a55c45d5767c39e7677bac53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149f-d39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7cjP69WWUAYNaDEVTq%2FEYARJzSS7X3J35UJDci7zyRodNHhv8G%2Bv8sfHIICXLyvfMbOPVxupP%2FeB%2FiYHr6F4RgBg15II6U0h65MEP765QIbr4amvxnJrtEs5nvpqdPwGsqGu%2BuKSWtSP1P1j8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218dd2769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3385

GET
H3 200 sl21.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 2 KB
3 KB 45ms
41ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl21.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db3252eb35c110dba428147ee548537a117be98f0679fb2018839d79b3d9c9a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149f-9d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPk2Ws3TkFzj0FxmmOebUUKJKYtciYxXYOE4GeiXSufJLCkFTuWEMYIdt4ZOpMifBsTD6MsIWXZrkVyt3HBwgEtzW1U2JluX4gwLADmaxgripmfyEryOJhOViCHp242cxZ2K%2Bvx7OHxuRDRayQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218dd4769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2512

GET
H3 200 el.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 1 KB
2 KB 45ms
41ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/el.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4556d73d709f03474004f8dc5337f0af87b26145fb4612415156a105305e4cd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149e-58d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FWEH9arW%2BU%2Br7QVx4SzRUGVEnA%2BMzK3WlYuV4C4tgl07H493InpMatJt9maJVJDoWB%2F3nwzcFbdQ14gowDr1FyBATUcqSR5p17nqURTDhNwYzDTMYBcpmGSS1k1vv5Wns09w6jLQxdZ4ep%2FvyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218dd6769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1421

GET
H3 200 sl42.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 3 KB
4 KB 43ms
40ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl42.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59720c75b6de653b8b56933b69b2e05a90506b3544548c72e41a754efe4243a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149f-d19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QET34JdRUbujDyF5tv6vigSubR0epSI%2F2Eat1gbziUsSZqzVKw5QjSkZRoHTafAj7XyTaa8h1FoIaebX4mbUqU4uGPr3f%2BDSCjNYt97cL%2FDpYLz3WzZzNM1%2BuI4khs0cPxYoj6b%2F1yYSbqnBYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218dd8769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3353

GET
H3 200 sl31.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 3 KB
4 KB 52ms
48ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl31.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f322c1ca6700be04f56c9624da5c45a25385ac0f4508d11c9d8af8c6a1e88f26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149e-d26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d02js6G0d9N8uYJrX39a9rMbW6Q2Mcj7c9O29ffSzyQwk%2Fn2FpDT%2FEajNJW3RYPXiowRU3ilIWHEJybubZ5iei2lD%2BQDDI1z%2B0rNuq%2FsxzQ%2Bt8IbEvHm7VwhmFlT9DWABFwwXmZTg7txnDQLTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218ddb769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3366

GET
H3 200 sl22.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 1 KB
2 KB 43ms
39ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl22.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 472fdf43bff0595124eb474cc7d77a73abd0899f80c664954964d03a35613732

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149e-47c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpi0OwevRvVUbaT4cs1OsJKLeCA6rmphPi2i8c7AwiE0%2Fup4A6QUvDf7i%2BfSWilNgJ9pi1iYst3j9Zn8oXA6IccwAWBjaFwK4p28fDrQyP7Fc03xvzW5R9%2F3LzADUPqONvn3Ll3XxKdIkSW6PQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218ddc769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1148

GET
H3 200 sl11.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 18 KB
18 KB 52ms
49ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl11.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09769c247649f6f98e88dda047ed94313ab2e3fc0a3139c62c6a0e8797c0a95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149e-469c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NHhuArj5NTiOx%2FliCtpGRT1x4QO4rxX3gb14dXcVuyBzma98eL9D0wlHRllvccK4%2F6ynMMeu%2F9tEl%2BBEvoq8K9iRyUKKDP9rpOvk%2FXJ676u7ru2flrs%2BeMPGFrLyDf29UEVRL%2FWQ7uzufT002Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218de6769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18076

GET
H3 200 sl12.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 5 KB
6 KB 57ms
53ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/sl12.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7bc01bbd60b08ae518aafff716a3f389db5990cc8283bd192204b0c0e44b1fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149f-1462"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qptM3%2FfWym4PPFp4PY6YqaHvcGSb8VaGZwznv3erPvao07DGMDjhI4qc7N1BU7%2BAbDFFWJ4LWTU01tAtHiRbl4kE4proMXah9svX61ZXbTMVXXI1GwBHkXDUju7aqEQNMALZWTctLP02j2ya5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218de8769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5218

GET
H3 200 e1.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 905 B
1 KB 45ms
42ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/e1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29dc416edd26ff4ae7dce42eca09dc24b3f21e6168644c50f79f37f69a8bcc8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149e-389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2F7F2y7nv7DvKO8x%2FP%2Fd3qBm6sn%2B%2BV5dGN70K6WFqk8CbNLA6LJrZw6dWDE0EqmNjyLIpJ6XQPAQIoMIVFmZnQBeuRAcODglFmcOkzpLs8VlPNyVI5GJ%2F6YgC6Nc3ZhU6Icb%2FEOSImYTu4LPow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218de9769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 905

GET
H3 200 e2.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/ Frame D037 570 B
1 KB 57ms
54ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/images/e2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e54afa45038082bd0de90fe92e2a6f6830a6093cf58138aa41729d3f2c38fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_6109149d41704.zip/catalog21580x110ua_6109149d41704.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3NSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMiI7czo4OiJiYW5uZXJJZCI7aToyODU0MDtzOjQ6ImxpbmsiO3M6MzI6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9jYXRhbG9nIjt9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Tue, 03 Aug 2021 10:04:15 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "6109149f-23a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DMdB6sNazlnzK2h8TWxozoB7uXfGh%2BoUf5JGuFBKmRvhepMzxj7lILdJm%2BJXwmX%2FldShqL86OfZxATUcmZUW72vzMQrj%2BETI3uiKuGK680JsV%2FJDa%2FH9bCLM29rsjpfqXRYNWdnTMuBzXlh%2BFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce218dea769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 570

GET
H3 200 back.jpg
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 12 KB
13 KB 46ms
45ms Image
image/jpeg 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/back.jpg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69e04aaee646ca43f7b9b67139903a4ebac52e451f33380cc23a1eaedd96d8d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016574-31cc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IZJT8wmKKwt5pCoJjvG%2FtMiBfDzIIQJL0DJMDNx82ny4xR8%2BwlnGvNt8bBWm0QczpnrmNMGekx6A4xWEaGlFAHQa1xWHMo2UwzCjFz4RvcF25RtjI7JZ15t9%2BmuUltcfmy0izN%2Bm2EpksHEJJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce219df5769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 12748

GET
H3 200 sl233.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 2 KB
3 KB 46ms
43ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl233.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a75e382a8499e00d2397888399915c110ac3fcdfd1d44f7c9e37add3d27c8de0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016574-89f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52NfpBmYyQwebcAxH2GMkg0piBxPnwg3eVxSwIZxif3un2H0RweiUkSa9U9W0GGimhR%2BfRbKHPKH%2BjzXZfdQQQ%2FQXJzR6Kw80MgGwHzJ6a3Yj2NxOGGaQ0tDxx4GiC010HFsG%2FlbI%2FwNXasDCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21adfe769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2207

GET
H3 200 sl41.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 3 KB
4 KB 46ms
43ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl41.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 812a3644b9c30261fa49e27be51cc1ae3e38ef73a55c45d5767c39e7677bac53

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016575-d39"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VRJKyRZvfnPSDaJQa2q%2F6f%2FNYtnWJSVlPzZ3ysmEWzYLiDFp6SbHPbnl89HgtsUmLCTBO3oDsZG%2BjWkLBGCexRLdKNViNUKbmLWUN2O%2B0db6BUHOt1E6%2B%2BrxnSGhMjRlJuaq3895fiFf109ufA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae00769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3385

GET
H3 200 sl21.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 2 KB
3 KB 46ms
43ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl21.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9db3252eb35c110dba428147ee548537a117be98f0679fb2018839d79b3d9c9a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016574-9d0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JcsOpzQYUCzRmkNoLNEnoApCQoOTC5RBo4Hn%2F7WUZemueBTeWG7CSy2CB0D4JzEVITKsy2jU86XbpmhU5r2Ghm8SbQirALX%2BSKnZCrz3RLE7l0XQzqlenfjCNr4CzXXFV8GRkUrt9%2BNJtj9pUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae01769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2512

GET
H3 200 el.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 1 KB
2 KB 50ms
48ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/el.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4556d73d709f03474004f8dc5337f0af87b26145fb4612415156a105305e4cd1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016575-58d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R%2F%2BoiDqxbNSI01lCCkePRi2cFHCVdbDY8ui4mbX7VWIc12ysruGuLyoV1cGaP5AgrQfWdcX9LYxHkgghDrBMyF5T7kauM9SX6NewcMa98jjo8MIuQzLB17TKfyOXms4ckJWg30GJ1jqranT5Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae02769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1421

GET
H3 200 sl42.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 3 KB
4 KB 46ms
43ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl42.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59720c75b6de653b8b56933b69b2e05a90506b3544548c72e41a754efe4243a9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016574-d19"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqnFK6OdaCtmrZ90fhn66XOZlXkv5j0lgz6MlOAewADUVxyK7MwVzFd9YKuyQm%2BYwlfZRZ9xeSo%2FV%2F1VclvOueW4HM46Xo8s%2B%2B5yVzD5KfQtPrRCd905zCMgzsg9MRuH2%2FaXp2frv8Cg9hiUuw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae05769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3353

GET
H3 200 sl31.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 3 KB
4 KB 46ms
44ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl31.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f322c1ca6700be04f56c9624da5c45a25385ac0f4508d11c9d8af8c6a1e88f26

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016575-d26"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ms8A3IBjJ%2BOupiO0Z9uUJ3%2FuX7%2FZAGDEtbdD0T%2BXoyJXTz3thZNmXnW8PEmm3OlCB1HNmgkTWzAI1PpmrJkzRDp8F6T7n4%2BDizQ8lXCTN59zqS%2Flqt10Plz%2Brk7vzrZzAmbEGlxtTCWT6dmCug%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae08769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3366

GET
H3 200 sl22.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 1 KB
2 KB 46ms
44ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl22.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 472fdf43bff0595124eb474cc7d77a73abd0899f80c664954964d03a35613732

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016574-47c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQJl9wlYL43ZEcr1tqJuLgmtBURdkruuo4BKFSnrWO8lUMr8FOI4N4s2Vx372vuLN6DjNe9C2hgzRt2MXjwXQ3Ab2tpA3fv9X5kM9CfgSX153ISSWYOSecvWIlnpyvXvVPoTXMPCFoAFrMVwqA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae09769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1148

GET
H3 200 sl11.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 18 KB
18 KB 57ms
55ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl11.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b09769c247649f6f98e88dda047ed94313ab2e3fc0a3139c62c6a0e8797c0a95

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016575-469c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5CTGgIhl42nY1OpIvnyhOLKbQAxSryFaNQhQ4OtQe7mm3CD2zRBj9jtLOE5utJCTJSWIZY%2FH5B7pZYvNHiWzWc6T2swYX1h%2BK%2BBinfmQJvBwXLmiVv5KnYqSt8pL%2B%2FaqZIaf39x6rZohhLJw7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae0a769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18076

GET
H3 200 sl12.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 5 KB
6 KB 47ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/sl12.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7bc01bbd60b08ae518aafff716a3f389db5990cc8283bd192204b0c0e44b1fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016574-1462"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U9sHkqiPrN0jQHnTQPmrJEenbKVRpiDRDZOLSA%2Ba7iMfbBMjLtMxAaEm5r%2FefFxmLpQlflEYuW3SQaGh4S10GoipiaS84eob8UtRkMxh5DUgaz0zSGpNQdAum7D39qlfveTQg8bVEI2Dsdk3IQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae0b769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5218

GET
H3 200 e1.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 905 B
1 KB 47ms
45ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/e1.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c29dc416edd26ff4ae7dce42eca09dc24b3f21e6168644c50f79f37f69a8bcc8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016574-389"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wQITmWvTY6Q0rgRQZIbI7Zb6YPy5NhdLb32xad1v%2FUaqPlj%2BECeCzqfROoZzlbDNa2McRZFKyCxz2w8OjIfUlZsE2PSwZClEKlIrMSZYfPHI6NiQHwdTlVbbuFC3Sn7Hn4u0rQw5WHvZgAS3A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae0f769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 905

GET
H3 200 e2.png
s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/ Frame 161E 570 B
1 KB 49ms
48ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/images/e2.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62e54afa45038082bd0de90fe92e2a6f6830a6093cf58138aa41729d3f2c38fa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s.04597.com.ua/upload/jackets/catalog21580x110ua_610165732f298.zip/catalog21580x110ua_610165732f298.zip.html?clickTAG=https://www.04597.com.ua/redirect/counter/TzoyMzoiZnJvbnRlbmRcZHRvXEJhbm5lckRhdGEiOjQ6e3M6NzoicGxhY2VJZCI7czo1OiIyNTg3MSI7czo5OiJwbGFjZU5hbWUiO3M6MTI6IlN0cmV0Y2hpbmcgMSI7czo4OiJiYW5uZXJJZCI7aToyODQzMjtzOjQ6ImxpbmsiO3M6MzE6Imh0dHBzOi8vd3d3LjA0NTk3LmNvbS51YS9wL2Zvcm0iO30
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 06 Nov 2022 12:24:16 GMT
cf-cache-status: HIT
last-modified: Wed, 28 Jul 2021 14:11:01 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "61016575-23a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=axDGKLzv%2FkCzOUo4Pup2Eltx0yXCWBC1M%2BPDshipklfoSAXaXcBR%2Fw9O97XFIVIJZxYZL4FmM81Sor2N11iQ6RpbbY1EdhlnnEQTV55ucENub1%2B0dZa7dnO3%2BPNalIYcc60of1hKY0PqKVSfcw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 765dce21ae11769e-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 570

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
40ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=2047769938&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.04597.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%86%D1%80%D0%BF%D0%B5%D0%BD%D1%8F%2004597.com.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Banner%20Place&ea=View&el=lower_stretching_site&_u=aHDAgEABAAAAAEAAI~&jid=&gjid=&cid=2128360321.1667737454&tid=UA-77009407-42&_gid=766238972.1667737454&gtm=2wgb205PBKBDZ&cd3=2128360321.1667737454&cd4=1667737456965.8vfjoqyk&cd5=2022-11-06T12%3A24%3A16.965%2B00%3A00&cd7=No&z=1532619070

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.04597.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 02:42:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34905
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 f0fdf50bd1ed1a626e081614e5b71fe2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/ Frame F1F1 9 KB
9 KB 41ms
40ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/6545368571368206767/media/f0fdf50bd1ed1a626e081614e5b71fe2.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e393bbe184647893b768b1ed9ed4d09e18b604ff06be2daec1026ddf07a01ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 04 Nov 2022 13:55:20 GMT
x-content-type-options: nosniff
age: 167338
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9418
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:36 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 13:55:20 GMT

GET
H3 200 a69225d345cb6a73b45498130d45ee0c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/ Frame 1546 3 KB
3 KB 41ms
41ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/2464080974130948964/media/a69225d345cb6a73b45498130d45ee0c.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bc29bf3a5fa1ea58ff2a45b0e2261a3e94c964ad11fb0e90bc803feec9b2187

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 05 Nov 2022 05:06:30 GMT
x-content-type-options: nosniff
age: 112668
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3243
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 11:00:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 05 Nov 2023 05:06:30 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 127ms
49ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-HVMDDH6B1F&gtm=2oeb20&_p=2047769938&cid=2128360321.1667737454&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1667737453&sct=1&seg=1&dl=https%3A%2F%2Fwww.04597.com.ua%2F&dt=%D0%A1%D0%B0%D0%B9%D1%82%20%D0%86%D1%80%D0%BF%D0%B5%D0%BD%D1%8F%2004597.com.ua%20-%20%D0%B3%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D1%96%20%D0%BD%D0%BE%D0%B2%D0%B8%D0%BD%D0%B8%20%D1%96%20%D0%BF%D0%BE%D0%B4%D1%96%D1%97%20%D0%BC%D1%96%D1%81%D1%82%D0%B0&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-HVMDDH6B1F&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.04597.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 06 Nov 2022 12:24:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.04597.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.04597.com.ua
URL: https://www.04597.com.ua/dist-assets/images/cap.jpg

Verdicts & Comments Add Verdict or Comment

256 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.04597.com.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: f7d3029f39e430b89401fa27822598d2
.yadro.ru/	1970-01-20 16:00:18	Name: FTID Value: 1ZPwTj39IM8R1ZPwTj002IiH
.04597.com.ua/	1970-01-20 07:17:03	Name: _gid Value: GA1.3.766238972.1667737454
.04597.com.ua/	1970-01-20 07:15:37	Name: _dc_gtm_UA-77009407-42 Value: 1
.yadro.ru/	1970-01-20 16:00:18	Name: VID Value: 0OntNx3f6VuR1ZPwTj002IjA
.04597.com.ua/	1970-01-20 16:37:13	Name: __gads Value: ID=cc68f57e680544b7-22ed8d5c6bce00d8:T=1667737453:RT=1667737453:S=ALNI_MbUu0mj3HeJCIhF10Qxi1ijsIjGdw
.04597.com.ua/	1970-01-20 16:37:13	Name: __gpi Value: UID=00000b7d7f1e721b:T=1667737453:RT=1667737453:S=ALNI_MZjj1J2ozGu8-9xCrQW-90X3u4HdA
.mgid.com/	1970-01-20 07:15:39	Name: __cf_bm Value: xa5DIq_R_6zLwquxoEnLVqaXDrfO9he2hh_88DOmuks-1667737454-0-AX1HQAQarIXyZPL6QFiSHzxgfMWuKif+zGntuAtOAGt4DaWsvv5RORF/+6h8OQf/PkxYsSa/EztZVUmCAD5wu3A=
.adriver.ru/	1970-01-20 16:51:37	Name: cid Value: A4HfVP1l074ufi7ZFio8Y4Q
.doubleclick.net/	1970-01-20 16:37:13	Name: IDE Value: AHWqTUl2kEp8tmdKDG8nCL52ud4fXkjj5aBdSVNBhQn3UgYZ92hQ7k3gUlaxOvs3nxs
.doubleclick.net/	1970-01-20 07:15:41	Name: DSID Value: NO_DATA
www.04597.com.ua/	1969-12-31 23:59:59	Name: MgidStorage Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A2%7D%2C%22C1323283%22%3A%7B%22page%22%3A1%2C%22time%22%3A1667737455372%7D%2C%22C1323284%22%3A%7B%22page%22%3A1%2C%22time%22%3A1667737455373%7D%7D
.04597.com.ua/	1970-01-20 16:51:37	Name: _ga Value: GA1.3.2128360321.1667737454
.04597.com.ua/	1970-01-20 16:51:37	Name: _ga_HVMDDH6B1F Value: GS1.1.1667737453.1.1.1667737456.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

04597.com.ua
ad.adriver.ru
adservice.google.co.uk
adservice.google.com
ajax.googleapis.com
animate.adobe.com
c.mgid.com
cdn.mgid.com
cm.mgid.com
content.adriver.ru
counter.yadro.ru
eu-1-id5-sync.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
id5-sync.com
jsc.mgid.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
s-img.mgid.com
s.04597.com.ua
servers1.adriver.ru
servicer.mgid.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.04597.com.ua
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.04597.com.ua
162.19.138.82
162.19.138.83
195.209.108.51
2001:41d0:701:1000::31d2
2001:4860:4802:32::36
2606:4700:1::6813:864e
2606:4700:1::6813:874e
2606:4700:20::ac43:4b59
2a00:1450:4001:801::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2004
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a00:1450:400c:c0c::9b
2a02:26f0:1700:3::5f65:1b92
2a06:98c1:3120::3
2a06:98c1:3121::3
83.222.14.88
88.212.201.204
88.212.240.204
01f64a75c3feff9ed7a5fc4c933e551a59cef30cdb67767f1696d3fd8582b0d9
0241872a3f1e6df53a7fe0555469ca74f8a82babe84e48080dd96543e2081499
02b45b1bd0e2b3edbb52ec45468e32f7253eca5780f1953e26c84251d6717b57
048d8f608ca63b1e20a99d279e34127fcc577c335412ce246374a978481816ac
077d2a9d8ebfc1d66cfd708a5beda595e51d8850219fe3a1bf90df244bb33121
09832c7a84ffe6a1056fdb350a073549910252a70dde9e3faed2214121a0b3d1
0b716714eb4fabc3721d120eb31b988e43665b05959a5f60a34a343004ec9930
0e6c31dd5c8b1aa103750f3f472f429c5e4e067523d2b9740cc7aad075111ae6
1098a26349bf23da8b07456ed0002e82e8182d6f047cd52feb03bc9e232219e1
109de181e7f526c1bf6d3550ee0308afacac815e3deefa101679499b9036a97e
117dc2dea8f4f9b9855ac02f2e541a1f05fc59e94c89a13180609f86f337793a
13697b2938b3527230451d30c39cd2212348f6e36d5c6f2bd373c57bd153cad7
141f4ece65bc087908202669708c340e43c6a45c3d3be773e0cade65cb01e910
15ad34d5fd8b34dc6f4f90ac144b4298c28b979cb2efea82c4372736cf826b59
15b192d13c1d029346a73cb1b2eb3a1b8905dfe8df1aaf9ced37356de9380e32
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
184400e86583160bf90609a1b1b7a24d8de73d90dd7002a6f494445db89b85a0
1ca85c7ca8bc74acb508f08d7805bf1d1a853fb782f903a03a632db837f58e73
1f45ec49ef8ba141166495912187578b9fd5b0a8e09f26ad217a51aa03d9e8c4
1f5eda0eb545c63e8533834606d196a088c06d32ca6b14b9d0f15fcf3e949109
2098820217ab85e88ba6c6434cab7d3d0d71d34e9ebe2c0a6ad14f435fc3366e
20eb0f282b611a320d2eba08ebf42b1582a7d2bf8e00a5fdf1d5b8a549a861da
20ebb7d18e97154c58db74707efc31669968efde8e862a9cdeb89721a7fed707
24fe0316f3e22efc5cc8fb3e11cdeaf79be262ba88f9b015564623f2d04faa61
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26ea1cec3b4ad0d0d0cbc75fcfcabea3d6248280715dcc25afeba824dae09bff
294c16ad56daef5956b8d2a3e49e549c2de3b087260ee4304054c5cf8de47f73
29a24baf918a3b9bbda58c98de4ba638f939c8b46fe292000cb833a50e4c303d
2e393bbe184647893b768b1ed9ed4d09e18b604ff06be2daec1026ddf07a01ab
3482530dbebd202b14119b0cc146042e0059387b955057e7548c92bf04614d38
34c529e43c9c6a40bcbc57bd26b970fc1a6f1e7696089df37e2e85a52953985f
35fc35f9f256e014e708cb476f46a14656e25c799a698d5b46aeb1088f57c8a3
3a180577000dc7ea70fe921a385bab54deaefd2f24efaa32f1fc7ebb6d2abd2e
3dcf54169ffd27698fa1dc5fc84073e5a36e2795e37c0da9c1a45e9b124266d4
3f4ea2823a18da128b559fe95eb86fe244701529b27fc9143edaf6c074567b73
3f6fa576d6db35095585e38e34762be199e68f61811c7ce579499ece55aadb5a
40c60831b8c25acd5611370eaaebdd5cc62de84f0584a07b005ded37781411fb
4556d73d709f03474004f8dc5337f0af87b26145fb4612415156a105305e4cd1
462b110b44879cdea6bd6ebb9f9dbd0c4687b706e24c145346873269eb7194f6
472fdf43bff0595124eb474cc7d77a73abd0899f80c664954964d03a35613732
485a362041ef0235c736b8315ea2c906c868bb04b35fa41b7e0c820e89800584
48ca19129f1ff74f3529721637e6935742fa3b196728b07bde57fb18621b41cf
4a5b9bf598050a6a9815f073281a8c3573551f368c32f418cc3d54b9ad07e271
4bc35bdc9a25b060205598db6dfbcdad88a74bbbcb44f619818c89aaf93a8469
4d20f06b43efed45942707f080ef9b77b62b892cdd3c21a225a690ea738e052c
5211765919a736a3bc0188b821c690841b50c1e41270beaba6bd9d645d8f5aa1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ab5d930315db1a179f6c9d037cd6a0010743019b823b334fafb30ed09d29fd
59720c75b6de653b8b56933b69b2e05a90506b3544548c72e41a754efe4243a9
59d448078f834cd81b002a6e12409909f5715e1945d035b4833b62b9834cce2f
5c6b8a0e8e384d2c4f2778835dba35d44ffac0723b3d163f5ade766d4d2acc72
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e54afa45038082bd0de90fe92e2a6f6830a6093cf58138aa41729d3f2c38fa
6618b9e896668a4f31412b7be6751c198a88b157fc056d4932e41e7f6d38acf6
66b9e7b3626ca7d5f824d16774b542b51be40dce0d9542bca980c9a429324093
69659400b58bfdc2311a463ed2d84331600c7ca6573d02ef1159d26d814feb8e
69e04aaee646ca43f7b9b67139903a4ebac52e451f33380cc23a1eaedd96d8d6
6abcb4d71468eb40e23701e643be4ba7a02797b8a204581c8858df6cb16aab88
6acc11ead3805cbf773b41af7cbe10537765f2e4d1ac09b94141607a8fa5a010
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d4e1472ea875ccdb433da6e6768fab6887738136b365acfb4706ab83c8a51cc
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
70d5c4de881e718d0b7638959680ba86722d44eecbe4058d20dd77b8d0d97155
74234e98afe7498fb5daf1f36ac2d78acc339464f950703b8c019892f982b90b
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
7992a4430843ef8b4bbae534358be3193aa1ae9c78f273e8e8a70b6af1244ac5
805bdd5d8618e8a5f21ac3641bb4f8e4f2575a064ea15cb7a4e94ca57112ee5c
812a3644b9c30261fa49e27be51cc1ae3e38ef73a55c45d5767c39e7677bac53
8278b0ca040f256daf508183f85488c428f870d83a1e17611aafea565088fc83
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
838edc6d978026af4451448c5d190f946756ebec6da1c2bf99d1e8fabcdde3a6
85226518f0e058ff7fac140469425a8484f9348a8f00a9d730b619345163e5e4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
93a858bc1bd6dc82aef74aeff50bc620eef799e1129e28c972cac96592a33b6a
967f8e2b82ac5e7beb1be66b47d81c3d9c3cd72151c894446e3a14a53bac501c
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9bc29bf3a5fa1ea58ff2a45b0e2261a3e94c964ad11fb0e90bc803feec9b2187
9db3252eb35c110dba428147ee548537a117be98f0679fb2018839d79b3d9c9a
9e797bbe5a3e6b222f5ca7561e7cca8d4257d2d659ef911cacd00843eed6b6b7
9ed501b751b29a591082a3b85d4dec413e3ad3568aa598195103687895c2a13a
a1d20a73db2cf2e2e79b6851b6199630c4e4d7f1bbe81cd95f3e1d94b62472cd
a38edc33b1a495330049e08900146a814d9eb1e3848121c07cccbb8d612286c7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a75e382a8499e00d2397888399915c110ac3fcdfd1d44f7c9e37add3d27c8de0
a868b9666226a92fd3ab5aa1d1dabec3a8ef5af20384797b3373bd9727c354d4
a94106799ab6e3a607cab3fb4b1436ac9cd183b807f7a78c23ff3b35f1eee218
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
ad7b38d9f963e0eb028bda9b8394ccd0077fc06bf69fe02675943b2f9ff0e555
adfc09044206d0268861a72bb1f5697b46ea721d16149eab12ea1aef235cdb55
b09769c247649f6f98e88dda047ed94313ab2e3fc0a3139c62c6a0e8797c0a95
b2f5205f2ce7b11e16e5768b1a8dbd7d065e1c6f11312046af2f28334eb485e6
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b686109d49d7f450404f35715c8992933ca5337fb8efeae7a3211a2739bb1d40
baab89ad42da79b51399631677122b560c6e503cda81dcc427f6d7433e22d7e6
bc2ee668fdb44daa8c2d6a25fd9c20f8de06911b20db86dad36557047ecd241f
bc55f712c7d14651306093d28dffba0f649bd9f37ea365066249df215b5411bf
bcb6d1cfb83a4d0e68a3789297ef40f1c73eb4d4ca49448aca740876f2b191c6
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
c29dc416edd26ff4ae7dce42eca09dc24b3f21e6168644c50f79f37f69a8bcc8
c2d04c9f8f0809b7adda70a709a7ae44c279ebf51a4c1ccd01b2c8370c271287
c40873f1a03aa5897812f7dce058c6f8d84c86e42f6ce98f11754e2ba1583ade
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
cb558a589abb064f91d2793cc4c111012e8651602e873f41f5f604b64fdf88f9
cc3ff5238548ffaac135d12bc554edbc029c3cd81d2054df06d61d968e8d91df
cc8ba4434d5a213c080af7ed513b934573bc46a9998595c264d42384743969e5
d43db3f995755d571d807fabb94d555428fac1d78be116cff1609ed811388bb1
d7bc01bbd60b08ae518aafff716a3f389db5990cc8283bd192204b0c0e44b1fd
d9111b221f80292dcd953dbb6654ee10b8a54d98e5a9a542e6be0c41df331557
d99f77a187454fecc18b59b2f520b1598b246d01e142bfdc4de56eb7221a9330
db435d27c1c26ef6e3d4c25648e1b131b76b32170a51996edc2c58fc134e6ef9
e05c7213cdbfba769a2cf710da4fa070ca06a9ad0034aa2813dcde6cae86b2ed
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e33eee60c4bc339f6ed377f10b148d46bb46b95a8e5ff67075ab6c14001aa287
e37071398d21f18dff2370ee0885f38811bb69bb465b398100ab3101fc521d6b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e69f884bf552754f97c35ad2e86bec854e0fd2b9fad1226e537b74e33e819a29
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
ee3dca31dd58bb5cb51258b090f6100ed646d8b3f128f5229ce17a579e3d5bc0
ee7e2244540eb65b19a062ef3080fd7b00fa552bac569e46a866242e78631b30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f322c1ca6700be04f56c9624da5c45a25385ac0f4508d11c9d8af8c6a1e88f26
f3b6b25871f74092299c49d88c8cb44ecdae1d9c05538d54cf77d277a0cf4399
f5066f8f09de4fd8778596bf2825873c557b3423b893447d23088a9671333d40
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f70fda1d90debf63e46708c846f0c8e4a1bb3b60588c99112edc6b177ed655fd
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f87f4a561ce38d359b192193a62150e43895850d004aa46ba48a58130b3c4bb2
fe3ec9b85db5df4f56c57e2961d66e283ee1216e236efd959f84af3c3febc371
fecdb0327c1bb1f89a993a4d187d457521a47cca02b4b6927eb9834179585633
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.04597.com.ua Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

252 Requests

95 %HTTPS

79 %IPv6

17 Domains

34 Subdomains

29 IPs

5 Countries

17486 kBTransfer

21751 kBSize

14 Cookies

12 Outgoing links

Page URL History

Redirected requests

252 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.04597.com.ua Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

252
Requests

95 %
HTTPS

79 %
IPv6

17
Domains

34
Subdomains

29
IPs

5
Countries

17486 kB
Transfer

21751 kB
Size

14
Cookies

252 HTTP transactions
5 data transactions