kolobok.ua Open in urlscan Pro
193.29.200.162 Public Scan

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

cafe /

Resource Hash

1bec51a920d0100ae00fde4c8920179becc3ec5030caa1151d5fc0ecd59cd5a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 142ms
51ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 142ms
52ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkolobok.ua%2F&tn=NAV&cls=top-navbar%20navbar%20navbar-expand-lg%20navbar-light%20bg-light%20fixed-top%20kids_pattern%20justify-content-between%20justify-content-lg-center%20align-items-end&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9DE2 0
19 B 190ms
141ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1648368611&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368611082&bpp=2&bdt=656&idt=272&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7973018591820&frm=20&pv=2&ga_vid=1969614288.1648368611&ga_sid=1648368611&ga_hid=804390791&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31063247&oid=2&pvsid=3087883753764316&pem=632&tmod=1609022736&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=287

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 27 Mar 2022 08:10:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Mar 2022 08:10:11 GMT
cache-control: private

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 30 KB
6 KB 135ms
48ms Script
application/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=4402709291275195.5&cpv=0f785b47-00fe-38fe-e392-39d8fb250430&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22f9ab4e84-0c69-1f92-0f4e-77f5781ee0f6%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fkolobok.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2205e648e5-e9d0-4928-cded-fe439e13dd74%22%2C%22tagid%22%3A%22d064867f-940f-4efe-bb4f-c03ea7d2f330%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1320537623%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%22d0a93b06-e9ed-e94e-184d-1e42c652a26f%22%2C%22tagid%22%3A%228ea486a5-d161-46a5-a5a4-b1d24d77a9af%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1836467761%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%2293fefe9b-7d94-6850-4022-a75c2e722c27%22%2C%22tagid%22%3A%2232016391-c510-4398-a7ee-c09e88869583%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1982059428%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%2235a0d4b7-e27c-a7f3-9012-d28fdc5ad55c%22%2C%22tagid%22%3A%22a075cdda-98ba-41a3-b223-8962ea9eb7f3%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1619353633%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A4%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

98bcb93bc2d9e5c9147d29f08c1cf5becdbf844b9f351afa20e01ece13d77dd8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:11 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 5541
X-Xss-Protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame EEB0 293 B
467 B 245ms
147ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=011cb4c5e12d82c2bc3c8b435c5f0bba296ed852

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.a58e82e150afc25eb5372dd55a98b778.html?origin=https%3A%2F%2Fkolobok.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

c41896ee7b4524bd50de896a3e2ead44700fad37e563805235b76a6621751c3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 27 Mar 2022 08:10:10 GMT
content-encoding: gzip
last-modified: Sun, 27 Mar 2022 08:10:11 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 065169a808e5af1cab21d762c92db21d8ad7506c0498ac5725c9cd2b03a0cbdc
content-length: 186

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 83ms
83ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 27 Mar 2022 08:10:11 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/44184/ 28 KB
11 KB 48ms
46ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:58 GMT
server: nginx
etag: W/"621a6a26-702f"
vary: Accept-Encoding
x-cached-since: 2022-03-22T11:36:30+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 23 Mar 2023 11:36:30 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/44184/ 42 KB
18 KB 54ms
53ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:58:00 GMT
server: nginx
etag: W/"621a6a28-a793"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:57+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:57 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/44184/ 13 KB
5 KB 49ms
48ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:52 GMT
server: nginx
etag: W/"621a6a20-326c"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:57+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:57 GMT

GET
H2 200 182f2d74c34963cea11e.b.js Show response
cdn.admixer.net/scripts3/44184/ 11 KB
4 KB 48ms
47ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/182f2d74c34963cea11e.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 51963d3074e03b274597ec8a657697e989d104197d060d7f71e4df8971c25edb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:44 GMT
server: nginx
etag: W/"621a6a18-2a79"
vary: Accept-Encoding
x-cached-since: 2022-03-22T11:36:19+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Thu, 23 Mar 2023 11:36:19 GMT

GET
H2 200 631117330f3e56489daa.b.js Show response
cdn.admixer.net/scripts3/44184/ 214 KB
74 KB 58ms
57ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/44184/631117330f3e56489daa.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 2cb6aa168491f0d76255839ccbed19fba4f560bcf0b95aea1dc84aa257ac685c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc29
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Sat, 26 Feb 2022 17:57:49 GMT
server: nginx
etag: W/"621a6a1d-3594f"
vary: Accept-Encoding
x-cached-since: 2022-02-26T17:58:57+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Mon, 27 Feb 2023 17:58:57 GMT

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
172 B 202ms
63ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kolobok.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 27 Mar 2022 08:10:11 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
172 B 202ms
64ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kolobok.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 27 Mar 2022 08:10:11 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
552 B 365ms
104ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kolobok.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
552 B 400ms
141ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kolobok.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
172 B 195ms
58ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kolobok.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 27 Mar 2022 08:10:11 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H/1.1 200
OK v1 Show response
ww251.smartadserver.com/prebid/ 171 B
552 B 429ms
163ms XHR
application/json 185.86.137.32
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww251.smartadserver.com/prebid/v1
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.32 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://kolobok.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
172 B 195ms
59ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/44184/0967ebea4a2a8854ab82.b.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://kolobok.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 27 Mar 2022 08:10:11 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 29 KB
10 KB 125ms
41ms Script
application/javascript 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 16:48:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61af9066-72a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 27 Mar 2022 09:10:11 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 58ms
58ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=A075CDDA-98BA-41A3-B223-8962EA9EB7F3&device=28&rule=990B1948-8B56-4DA2-BD8C-4C29C86D9944&requestId=2c2933ca-2cbb-4bef-896e-25e80785c63d&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MTA%3D&asign=-1571223232&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=C47A83CC-55B9-42E4-B331-49ED6E236C96&crid=C47A83CC-55B9-42E4-B331-49ED6E236C96&profile=7C88FCBA-DD81-4892-A724-C3969B97E235&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:11 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H/1.1 200
OK moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js Show response
platform.twitter.com/js/ 25 KB
8 KB 61ms
61ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.4391e0bf4053fbaa2a022e3fad2a1e1a.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 48c9a4d4aa290a866126159687441006eb39adf48ae31e1910aa0f21e0b21376

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:11 GMT
Content-Encoding: gzip
Age: 376824
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 8012
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (mil/6CE7)
Etag: "3123bdaf11a1d77bcf1836091c9b4631+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.34cf38a85ac899f1d6a0438a1659decc.js Show response
platform.twitter.com/js/ 20 KB
7 KB 123ms
61ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.34cf38a85ac899f1d6a0438a1659decc.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE0) /
Resource Hash: 8875e0e5a0f6bfaf4d66fde0622a609e9fe7b599adaef3ad01d6d613574c69b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:11 GMT
Content-Encoding: gzip
Age: 376776
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 6444
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:23 GMT
Server: ECS (mil/6CE0)
Etag: "0a27acfd1028aaadad57ff8929bf7266+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 204 /
loadercdn.net/ 0
169 B 290ms
89ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=3f760f3da8ee2a55&d=kolobok.ua
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Mar 2022 08:10:11 GMT
server: openresty

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 54ms
53ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=07ADF313-A3B4-484D-B185-2FC6EA8DA0AD&requestId=eae0d9d6-a043-493b-b75d-02a68e8f3354&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MA%3D%3D&asign=424291838&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&crid=1EBE7643-AB97-4780-A4A5-EC43BEC73EA9&size=350x240&profile=476857EE-5211-4F53-A2E9-6B14A06EFC2C&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 108ms
54ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=07ADF313-A3B4-484D-B185-2FC6EA8DA0AD&requestId=eae0d9d6-a043-493b-b75d-02a68e8f3354&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MA%3D%3D&asign=424291838&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&crid=C3C5CCA8-CF47-42BE-A945-6D3416B60CD6&size=350x240&profile=5EEA8F57-F0AA-4422-A5D9-20C13E0F2FBF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 124ms
45ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=6ffdc376-591b-46ed-8ae2-e6e60bd9239b&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MA%3D%3D&asign=2132250565&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&crid=8167273D-0350-4192-A2A7-6E2A0FB7CFFF&size=350x240&profile=36DBA250-021E-4192-BB34-F2EE916251DD&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 124ms
43ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=6ffdc376-591b-46ed-8ae2-e6e60bd9239b&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MA%3D%3D&asign=2132250565&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&crid=5E5EC4A4-287F-4613-8D3B-354B1602DCD2&size=350x240&profile=A01BDF0B-F125-40F1-9022-C7F2F7F7F847&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 114 KB
8 KB 459ms
273ms Script
application/javascript 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ua_kolobok_old&dnt=false&domain=kolobok.ua&lang=ru&screen_name=ua_kolobok&suppress_response_codes=true&t=1831520&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

240586c224a144ee7d2af365a708bb19a1faef992758e30908c456a1b3fa3da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=VZ",edge;dur=213
content-length: 7635
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 187
last-modified: Sun, 27 Mar 2022 08:10:12 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: afe831256d88416e2e2995561a80c050f4f4976d297958727776d8d3fa413182
timing-allow-origin: *
x-transaction: dfd9ad4f538ee20b
expires: Sun, 27 Mar 2022 08:15:12 GMT

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 18 KB
10 KB 94ms
93ms XHR
application/json 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=kolobok.ua&top_url=https%3A%2F%2Fkolobok.ua%2F&domain=kolobok.ua&url=https%3A%2F%2Fkolobok.ua%2F&referrer=&async=1&uid=9032656958
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 5ac6155860b883e2465bf9bd2237540ca694c50464429bc76bb2a3d747a66b5e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame BA1C 155 KB
53 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

274aa3d59402d638fc3796d27280252683775802b2ef269416bba220f0b7ba41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54118
x-xss-protection: 0
server: cafe
etag: 9385526961534451070
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:10:11 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 53ms
53ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=44B79AA5-6D98-4282-B061-968A02126BC6&requestId=6ffdc376-591b-46ed-8ae2-e6e60bd9239b&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MA%3D%3D&asign=2132250565&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&crid=9B1B0305-7D25-4D27-94D9-2AAB9CA411F2&size=350x240&profile=A30ACB44-18F1-45CA-BA85-5B440B44C7DF&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 58ms
58ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=32016391-C510-4398-A7EE-C09E88869583&device=28&rule=96C82BEC-B531-4B18-9DCA-C68C264FAC72&requestId=6ffdc376-591b-46ed-8ae2-e6e60bd9239b&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MC4zOTYxNTIwMw%3D%3D&asign=-109902947&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&crid=AB9F0D03-CC77-45C4-97D1-3628FCDA303F&size=728x90&profile=45223BF7-5B11-417C-A48B-79F59E3A3175&isopt=0&adv=N%2FA&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:11 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H2 200 swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 15 KB
5 KB 157ms
62ms Stylesheet
text/css 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11139618
fly-request-id: 01FMS77QYFR7T91A14VZPZC4YW
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f26a5f15eeb23df-ZRH

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 11 KB
4 KB 41ms
40ms Script
application/javascript 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 14:47:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6213a5ed-2b1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 27 Mar 2022 09:10:11 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 212 KB
66 KB 47ms
47ms Script
application/javascript 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: abda83b7b0fcad530a82341fef5a3b7acdfa13778c13debf5bddcc21beea49c5

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Mon, 27 Sep 2021 12:39:02 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6151bb66-34fc0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 27 Mar 2022 09:10:11 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 82 KB
28 KB 141ms
50ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ffbf0901d91c2643b9aef55cc55cb461e8be565f7b47289a03c321cb1cc4441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28045
x-xss-protection: 0
server: sffe
etag: "1170 / 54 of 1000 / last-modified: 1648245909"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.0/ 132 KB
38 KB 160ms
65ms Script
application/javascript 2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 11139660
fly-request-id: 01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6f26a5f15eed23df-ZRH

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 118ms
118ms Stylesheet
text/css 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:11 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 35 B
372 B 139ms
42ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 120ms
41ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
ad.vidver.to/delivery/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=9901a83f-35ec-461c-b161-fdc87fcb04a5&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=9901a83f-35ec-461c-b161-fdc87fcb04a5&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=a52afbf5-9ed7-5156-b4e2-61a8d6a27a4c&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://ad.mox.tv/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb
https://ad.mediawayss.com/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb&inner_redirect=1&inner_uuid=9901a83f-35ec-461c-b161-fdc87fcb04a5&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
https://ad.outstream.today/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb&inner_redirect=1&inner_uuid=9901a83f-35ec-461c-b161-fdc87fcb04a5&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
https://ad.adopx.net/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb&inner_redirect=1&inner_uuid=9901a83f-35ec-461c-b161-fdc87fcb04a5&redirect_host_list=YWQuaW52YW1pYS5jb20sYWQudmlkdmVydG...
https://ad.invamia.com/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb&inner_redirect=1&inner_uuid=9901a83f-35ec-461c-b161-fdc87fcb04a5&redirect_host_list=YWQudmlkdmVydG8uaW8sYWQudmlkdmVy...
https://ad.vidverto.io/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb&inner_redirect=1&inner_uuid=9901a83f-35ec-461c-b161-fdc87fcb04a5&redirect_host_list=YWQudmlkdmVyLnRv
https://ad.vidver.to/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb&inner_redirect=1&inner_uuid=9901a83f-35ec-461c-b161-fdc87fcb04a5&redirect_host_list=

0
481 B

125ms
42ms

Image
text/html

212.8.250.228
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb&inner_redirect=1&inner_uuid=9901a83f-35ec-461c-b161-fdc87fcb04a5&redirect_host_list=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Server: 212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-250-228.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Mar 2022 08:10:14 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

Redirect headers

location: https://ad.vidver.to/delivery/sync?userid=777a956b-895a-4618-97f3-95b44aa170eb&inner_redirect=1&inner_uuid=9901a83f-35ec-461c-b161-fdc87fcb04a5&redirect_host_list=
date: Sun, 27 Mar 2022 08:10:13 GMT
server: nginx/1.14.0 (Ubuntu)
access-control-allow-origin: *
content-type: text/html; charset=UTF-8

GET
H2 200 close.png
ad.mox.tv/images/ 15 KB
15 KB 118ms
118ms Image
image/png 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/images/close.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3eb4c5a5b9cbe9aca2ac1ea7729ee61b277819a7a7e2d0c657db0ac2f12efcfc

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:11 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-3ca2"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 15522
expires: Sun, 03 Apr 2022 08:10:11 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 41ms
41ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=07ADF313-A3B4-484D-B185-2FC6EA8DA0AD&requestId=eae0d9d6-a043-493b-b75d-02a68e8f3354&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MA%3D%3D&asign=424291838&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=D0EEA9F9-C933-4D86-8C78-4628D65839DD&crid=D0EEA9F9-C933-4D86-8C78-4628D65839DD&size=350x240&profile=08C7770D-D6A5-444B-8C99-6C11B1376450&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:11 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 85AD 155 KB
53 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a19eb6fed188c1c69d1692d8160dcb615c0feaec267361f2c144e4e25365c4fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54117
x-xss-protection: 0
server: cafe
etag: 1871724039442563815
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
H/1.1 204
No Content ev_prebid.aspx
inv-nets.admixer.net/ 0
220 B 42ms
42ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_prebid.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=07ADF313-A3B4-484D-B185-2FC6EA8DA0AD&requestId=eae0d9d6-a043-493b-b75d-02a68e8f3354&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MA%3D%3D&asign=424291838&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=742F880D-0B09-4A22-9509-965113280D36&crid=742F880D-0B09-4A22-9509-965113280D36&size=350x240&profile=C27F7D27-35B0-471E-9AB7-5DD4D760EF40&isopt=0&adv=N%2FA&dsp=UMH+Digital&dstUrl=&cet=18&sw=[e=screen.width]&sh=[e=screen.height]

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 43ms
43ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=0dfe8f1bcfdb49f2999ae585bdd62541&zone=D064867F-940F-4EFE-BB4F-C03EA7D2F330&device=28&rule=8D7C258F-60C0-4EF0-91FA-5F7201809734&requestId=eae0d9d6-a043-493b-b75d-02a68e8f3354&hp=-1705868720&page=kolobok.ua%2F&ts=637839654115073721&ap=MC4zOTYxNTIwMw%3D%3D&asign=-1228471018&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=0&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-EU-8&pxl=0&pvid=623e93c3-54b1-40a5-b6e7-8387ef5e2353&ip=217.138.196.100&item=CB144D34-D363-431F-86CE-451164B136E1&crid=CB144D34-D363-431F-86CE-451164B136E1&size=300x250&profile=45056D06-9DF3-4A81-A8EC-EC764B4150DB&isopt=0&adv=Google&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:12 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

POST
H2 200 z Show response
s.znctrack.net/ Frame CB59 102 B
447 B 91ms
90ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 6dcc7ee96c6524a16ad6a2104466a7b8aafa4f581b0407ef84ee5e4b4c791440

Request headers

Referer
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://kolobok.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/ Frame BA1C 297 KB
107 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890c30a228902a09743beabbf50c298d73fbfff5e7a8bc6dae17a0f21fce8444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109450
x-xss-protection: 0
server: cafe
etag: 17168363104177182839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/ Frame 85AD 297 KB
107 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203210101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890c30a228902a09743beabbf50c298d73fbfff5e7a8bc6dae17a0f21fce8444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109450
x-xss-protection: 0
server: cafe
etag: 17168363104177182839
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://kolobok.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 pubads_impl_2022031601.js Show response
securepubads.g.doubleclick.net/gpt/ 365 KB
124 KB 137ms
43ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5042f25c3eb1530880fa3b05325462c028492caf22141409999cdd7e6364b8ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 06:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4997
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126823
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 08:34:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 27 Mar 2023 06:46:55 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 297 B
781 B 144ms
51ms XHR
application/json 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kolobok.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

22da82d1cbd97e36fa29018fc8a8669d238cd378094f1217814ddcf51f85ced3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
DATA 200
OK truncated
/ 192 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 dinroundpro.woff2
kolobok.ua/fonts/ 35 KB
35 KB 90ms
90ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:56 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-8a10"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 35344
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame BA1C 12 B
53 B 111ms
60ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kolobok.ua&callback=_gfp_s_&client=ca-pub-3755662197386269&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame BA1C 107 B
122 B 112ms
61ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame BA1C 107 B
122 B 100ms
51ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7010 22 KB
11 KB 461ms
460ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

da3dbebee32225baa20f8645a889d1913fc0e2c1f3327bcbc10837ba261f69e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 27 Mar 2022 08:10:12 GMT
server: cafe
content-length: 11162
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Mar 2022 08:10:12 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame BA1C 14 KB
10 KB 104ms
55ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc7a3d5b08f7a3b905b53424a35b6955cb835b99667da806ba75843e46551f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10618
x-xss-protection: 0

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 85AD 12 B
53 B 67ms
53ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ Frame 85AD 107 B
122 B 67ms
53ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 85AD 107 B
122 B 76ms
63ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6308 29 KB
12 KB 604ms
604ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6fa78b0b3ae9b6afd9074686804c0310027aca712163d226a050e5bd5daf9949

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 27 Mar 2022 08:10:12 GMT
server: cafe
content-length: 12736
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 27 Mar 2022 08:10:12 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 85AD 14 KB
11 KB 81ms
66ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220323&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66a58dd76d725ef8ff91910b437b58798a01b4626a0247a2478ca7db6901a69d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10738
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame BA1C 17 KB
7 KB 141ms
52ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 85AD 17 KB
6 KB 144ms
60ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame F3D8 53 KB
12 KB 61ms
61ms Stylesheet
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:12 GMT
Content-Encoding: gzip
Age: 376825
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (mil/6CE4)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 62ms
62ms Image
text/css 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:12 GMT
Content-Encoding: gzip
Age: 376825
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 16 Feb 2022 18:36:21 GMT
Server: ECS (mil/6CE4)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 omZMXr6F_normal.jpg
pbs.twimg.com/profile_images/905017721569640448/ Frame F3D8 2 KB
3 KB 62ms
61ms Image
image/jpeg 2606:2800:134:1a0d:1429:742:782:b6
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/905017721569640448/omZMXr6F_normal.jpg

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:1a0d:1429:742:782:b6 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEF) /

Resource Hash

be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
x-content-type-options: nosniff
age: 545358
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2415
x-response-time: 121
surrogate-key: profile_images profile_images/bucket/0 profile_images/905017721569640448
last-modified: Tue, 05 Sep 2017 10:38:13 GMT
server: ECS (mil/6CEF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 81d7c5a4b49cb838ab1b0eb711e86e0685cc514212957551f0ba43141479fb20
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
500 B 56ms
55ms XHR
text/javascript 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 27 Mar 2022 08:10:12 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://kolobok.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 50ms
50ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 51ms
50ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 16 KB
9 KB 508ms
458ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3087883753764316&correlator=1801891258951844&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_kolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=2&adks=2882017350&sfv=1-0-38&ecs=20220327&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&abxe=1&dt=1648368612454&lmt=1648368612&dlt=1648368610426&idt=1980&biw=1600&bih=1200&adxs=310&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1969614288.1648368611&ga_sid=1648368611&ga_hid=804390791&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca3652916e64fa1d52c83a2daf37ae06d37f463bc83f520fc9fb15c37db438d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9138
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 439ms
390ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3087883753764316&correlator=1801891258951844&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_kolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=3&adks=921464779&sfv=1-0-38&ecs=20220327&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&abxe=1&dt=1648368612459&lmt=1648368612&dlt=1648368610426&idt=1980&biw=1600&bih=1200&adxs=310&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1969614288.1648368611&ga_sid=1648368611&ga_hid=804390791&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62dd5547094d8b057eba68bf550c928e04b2848a9367ffea540cab9f6d570c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9474
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
10 KB 1124ms
1074ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3087883753764316&correlator=1801891258951844&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckolobok.ua_C_WW_728x90_%2C728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=3097554659&sfv=1-0-38&ecs=20220327&fsapi=false&sc=1&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&abxe=1&dt=1648368612462&lmt=1648368612&dlt=1648368610426&idt=1980&biw=1600&bih=1200&adxs=310&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1969614288.1648368611&ga_sid=1648368611&ga_hid=804390791&ga_fc=true&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d659a191cc64a53469b534e67dfe4c3b4cf1339af803932b4c8b2bedbff5e5c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10306
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
9 KB 462ms
412ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3087883753764316&correlator=1801891258951844&eid=31063247&output=ldjh&gdfp_req=1&vrg=2022031601&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ckolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=117691725&sfv=1-0-38&ecs=20220327&fsapi=false&sc=1&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&abxe=1&dt=1648368612466&lmt=1648368612&dlt=1648368610426&idt=1980&biw=1600&bih=1200&adxs=310&adys=1208&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1969614288.1648368611&ga_sid=1648368611&ga_hid=804390791&ga_fc=true&btvi=4&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b7abe7805869dd8719f90d1c4286b56a6c65c2f1324d1e211ad1d69829392dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9500
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F56B 6 KB
4 KB 201ms
52ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sun, 27 Mar 2022 08:10:12 GMT
expires: Mon, 27 Mar 2023 08:10:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 610F 13 KB
5 KB 93ms
43ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 06:46:59 GMT
expires: Mon, 27 Mar 2023 06:46:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E001 783 B
742 B 145ms
51ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

406972b413d92b604cb71af66815968b1b2e4b0fbbb01e8562d00f5b50ebd5ee

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QEc47gCxcIeu4XDWGDTcTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 27 Mar 2022 08:10:12 GMT
date: Sun, 27 Mar 2022 08:10:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QEc47gCxcIeu4XDWGDTcTw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 95FA 13 KB
5 KB 94ms
45ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 06:46:59 GMT
expires: Mon, 27 Mar 2023 06:46:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 4993
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 942C 783 B
1 KB 141ms
50ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49ddf7f395073415d976ddfb685aa237f477eb3e06bd62252cae3c1b2de4c6cd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZdVLPi2XDENdB/nI1xDAfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sun, 27 Mar 2022 08:10:12 GMT
date: Sun, 27 Mar 2022 08:10:12 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-ZdVLPi2XDENdB/nI1xDAfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame 610F 35 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 16:25:45 GMT

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame 95FA 35 KB
14 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 16:25:45 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7010 42 B
63 B 75ms
75ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DuXVelltlcpPtgtPvq3esxK8tuHBhlolKfb8U8eCf0uzVZnnNXWlb_F6HAr5a5NEU43rCnclb8Whs3tKAU9gKkf1eYgFY6DH_ZuLWhwX8cYgbzGV4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 7010 2 KB
1 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:07:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7010 119 KB
36 KB 105ms
55ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 7010 15 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:53:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7010 0
0 102ms
50ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRP5bLDmD-_lDBcaXv5hX2mmfn_eGdqmEug65TS03RsG8kF2HurmSBUplQuRWfZ1PE-FppNP_LoMGDv_zbpN3r0pM3I8w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D517 624 B
297 B 52ms
51ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGMSfq8IBMAE&v=APEucNWXuykwjw_JOEUUnYyjbOAwOrNECjIpAFT1IdRq-ChE8trjsZs-DbKX7pcXnHAHMOh8JmBfR7yJSvJ62plYoysaYsojS41tbOs2Mxx17NSDi1XIuD3W-rMQ0MkNZa8-G4b9dvKVPfFMfRpIIoagEZgsUwDcmEy0beiIwOHEd3r38Fv-K5s

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 27 Mar 2022 08:10:12 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7010 28 KB
17 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AY1xotaDYmbTrqisLceDdgk3suABCC8mzWj0oz61gMpmgRIBNQP0WYCTsDqx6-SzFAG97AKdE2lbkC6fxCNxjsZeIAwsBAT34MlK0wweZGdrGI1IDLGinof3vR3B1HuXAuloolCZB6a9wEkV7-F9v23WK61A&cry=1&dbm_d=AKAmf-DycSoIovXMsdLbgUHmluQPty4hHpTi6M62I_LkS0yCGVPYEhHo1N8qkxI1EQgGWciA8yUZGrHfL6wpSEhNWCkMoUXVlKu7gQBlmov21LURbnWs0QXih_Q6BT0SY9seLWoVB4J5djbu5i7ETcYmWb5BdbvTuzU_Arv81THOXJmMAgxDWniNkP7hgIV3h9ah4tEArpZ5qnWz1Fp3VS2oYI3vitZCZ943Q1RDTHE7xfnbh6FF2Sqjnm4X9ZDbvifkVJ4iNLT4W2rM5MBdhoaRBg1O5xQjkNZ6Eoz1yN-q9aKtTVJ37FEdZv3cextL3uGet0VM3TiB0m48D45eF8l4rv1pwqKC2-WxD-ZSZGtC6-aFX5duz1_3dliwPex6qkFsbOa5_gvHcMEuM7H6P5D78iFK_-iGP8LnVPsv_FjVPYUOcLXr8FAJmNbfIeVhp8b6_lA0TaAl4AApM_DhPaGPj9UiEcJoJZQEZZF1stjcYwQ8VkFkV2qU3Iuw8F-FYA5jzd2ailajsFYx7s-Scv92cIkcOZ5b_htIK6dMezhpzg5Jhrd-BOHg8OUvn3QrO7vAyDEA3dXtiymjDMSkKgg8pOg8TsdHvivA4jC8fFBT5yO94s6gj8-hNMW7P5quLWSuFDjJkoKq-5fSVuxsQua8k842nv5r1c4MmIvFiypFe1O32tYIWqevWEcua9z0nV1wh2M79hxRZjleLdjbwHCXFMYt_l7L5UDj1PIsLO-7Pgt5pFVGNec9jn8t-aBnxaqnjfKYeBm7DysTGB9lo7YTsT8a_FhlDF-hfKrlL_Wa0kruBA1ot3uqOdoLNlBPKy2gA7pb1Smgkbe_VFmNZG_Yuj4IW7FRHaUfRoa2jm4AKeXw-0A-Oaq44oNUcaITj7UexLHrsmMeuzkRZtbBDPROPVQnQpaqL1XoTxqs_w000B2ok_S6QTE-1qWqV69nEKLZcAh0_vtRGRPgGjjnF2Kxt75TK-4UzPlIIr4DWDGV2z9nDb0j5hKmJ1zJEykLdh9jeYMtxUW66fKUrR83iHwyHkhJos1iXxW0Zr-8ERzZLQnkFzdb3PqbR92CHU02bEAUwdNJrje7FIRIeGpj1hZmwXfTbcUfdKGQxwtWwk26pzNEWkgPJapxH9Q_UIDPfY9HBOW7AhxtEhcypJMYfMJdgaWX1AQDs4eqtWuXIFGjd5CPWlDLGEv-Q87c0RiyWV5nxhvKEu4yxAbiPndy_XYkYDtkYnjZ9nsTSCnDrqC1g5rh_7DvVA0LohdOjASkoWwpj3_aa_-TMMDdifB6skJGhO8qL_zNs9pHQZDfdYt81SCINvMhaHfW1VBhCiJlsmy1Y0Afz3pYz87F9ik9vN9pWtyCMSksRboMJ-3ulxzYvOtxwFlnmWeowYmZq7spdEh456dvNrFPT2r5hXcwP4s4s9-KVtDqU0uoGQbu40X7BflgVFJ-wbx5kKxsLrP04Vhomilv9ARJW2Gl2lKi6qc6M3LUidyB0tAKF7yjtxkrSh815uvkMXKBY2Wu3dLVd0KKk0Z-0rebidaZGepObkN2jDqfU_7FJdGq1PhmSSeHjArHYdhSrx3GdpGtgRXjKjJsecfVLHxKncJ97OeMMoPZUKij9W-xyxS6_ELG_NFqRZiWyWyI4jpr9HsxabIgCdyaFQQMVCyUNVCI3vxMKySE-YNxgQ5QjaT09hORFkFyFrBgEK6k2sD8Y3TENiZqDNQ7DfZP3TIOtqAkiaAqkNMCqMwMSAgq1BvAtoqeVKMlIRTiDgXlTcHq6D7ePJzTynH3n6dgvqleggYiToPK8iegnXZ8oI8K1oef201xqM7udHtQbsKy0cb8g9BxzYdQfKEcEjzjM74OzF9Fhhs4ASvFjVwBJ5gO1E49cxQ_DHrFMw2pNMJ8qW9Mxf_UUAfn7La6thAVnzx-6Msqchao1VKh9hxQgLSNBeuYQx7UgbvQQIR4H2B2ZWfgxpBOGnEw_HnzVkZnT6QWv7x2sJvOk8JapZPWcGTHUERmQM4CbLXeN58_a3UWYJUTVYR50L-hsBSrkKdqHbbJOOwCt8zdD-akLCS9gNLo0sqqhrxNvc_4oaFfmlaMK6wLd1nwHcwFzAtNhegk8FcI68QS46p-T6tIqtt6RNmI9pEQTWnm8eWIGADduLW7qMYiHZP6HKxK3P9HY-xudkCQIRzEJtCXgbWooy3QyqzhO7n7ivU4rP6iRJ_fvypoP4ts_alYMofwXrvxLXYUeTUFIVNPHaZXkFKdEkj7p74RygSwUo0NVAg49KPeGTydgGH2rqp-Csv_-k5HlL3qHvUpMwsJTIH9LEUQB8fbMdzhI3O-0RvPMMO1-kzQoG9O_rtbcjVf0QjFINoh2YnxDBS6Z5B4Vg_tIIVMhq0cin4l-ubj0o4RpGqqiiT-4I3oqvpZrUMJJ9z7QIZDxLtB0jPTMYB2WPUrHtRpGWygi1kt6dCDKRnyHZHG4HaA__Jh9r-22wRu4j6t7wm_UhKAFulpwS56mlqzHw3EqAf676LpeA71_tmJAcnnbZVqwuuK_g4G9YBuNu-w1UB7xtC0oTPi_KFziOBIPqmu3IG6hTIBkHnT84BxK7zujT5GYV5lNhWdiM9z6cx4d87eTGbwC47-N24Bz5EG5zWCK1pn064kGKir0VkuE3KP_QWU6b7yqgz0wvGTqw8t-J7a6QCj4nQcS55ScEB_vGUiFlKtgxp8w6wtxHeF6yx1m0iY7tEYxOXPcjXIgtiEct8VZU5tUV2Yf3twBuSw3vtx8JQLDv47oydS_cenvbfSgPXXxh7GLxBX10hUGzIPiKvwnh_nM6rvtJwCpxSiCeE9wzPZ7AKnKc3s3dDPhbavGd0TkctlRXTZj6qbLgJREBeZfIotp_r3f8TjwOk3qvPikugModtYTrM4T7qqZtRsAwjOGTqreolFZsun1q9VYZT57AvrARCH62j94O3YFlbMOOyB2Zy8QE_ielXQvqCmDTRujYbCNna-vhevbKuM3k7YO4eHjY1b-KCxCpSxWgZnTEl_k5uJtfZQxJkBYv0tL7BoZGH9V0p6Mfxf-nL8dNRno-9XzOTtzSNNShyCH-lzWPlWio_JuY0zBSc3wYhpMhBPS3R5JpneDVwp9Ssqm2aB5BX93UT2vxteSbuBKButomneejarOUmUCKO0ljZStvxmZZG3U54Rty2GjJ8HVrAjO2eSJWzUftGkbMe3AWphgGyQxPKFGA&cid=CAASJORorJKJZ9gd1TTi4Cd0ZsoR0XHwd2Cr-UqI6PCqRdtlSJfX4w&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

739686de0e3fb252fc27954ec6d791637119f17fc4d195ac69d37f641f2687f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 942C 0
0 91ms
91ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=3894914922604689&rc=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 44ms
43ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=a075cdda-98ba-41a3-b223-8962ea9eb7f3

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 42ms
41ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=8ea486a5-d161-46a5-a5a4-b1d24d77a9af

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E001 0
0 81ms
81ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220323&jk=3914727801430701&rc=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1

200
OK

jot.html Show response
platform.twitter.com/ Frame 16BF
Redirect Chain

https://syndication.twitter.com/i/jot
https://platform.twitter.com/jot.html

80 B
633 B

61ms
61ms

Document
text/html

2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/jot.html
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CED) /
Resource Hash: 90214d135602962e47ea9587a7eeb62fac1c64a541e373ea76e2b4e8b33e3f88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://kolobok.ua
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 376824
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Sun, 27 Mar 2022 08:10:12 GMT
Etag: "d9592a6c704736fa4da218d4357976dd"
Last-Modified: Wed, 16 Feb 2022 18:46:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CED)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 80

Redirect headers

date: Sun, 27 Mar 2022 08:10:12 GMT
pragma: no-cache
server: tsa_f
status: 302 Found
expires: Tue, 31 Mar 1981 05:00:00 GMT
location: https://platform.twitter.com/jot.html
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
last-modified: Sun, 27 Mar 2022 08:10:12 GMT
x-transaction: 00a82773430dd38a
content-length: 0
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-twitter-response-tags: BouncerCompliant
strict-transport-security: max-age=631138519
x-response-time: 110
x-connection-hash: 065169a808e5af1cab21d762c92db21d8ad7506c0498ac5725c9cd2b03a0cbdc

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D517
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpNX4ZY3yZ-4rELFnPwGj8&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpNX4ZY3yZ-4rELFnPwGj8&google_cver=1&C=1

43 B
1012 B

79ms
76ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpNX4ZY3yZ-4rELFnPwGj8&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGMSfq8IBMAE&v=APEucNWXuykwjw_JOEUUnYyjbOAwOrNECjIpAFT1IdRq-ChE8trjsZs-DbKX7pcXnHAHMOh8JmBfR7yJSvJ62plYoysaYsojS41tbOs2Mxx17NSDi1XIuD3W-rMQ0MkNZa8-G4b9dvKVPfFMfRpIIoagEZgsUwDcmEy0beiIwOHEd3r38Fv-K5s
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:13 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEpNX4ZY3yZ-4rELFnPwGj8&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame D517
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkAb5DaqTJ21tug7rusVWwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1

43 B
892 B

63ms
63ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGMSfq8IBMAE&v=APEucNWXuykwjw_JOEUUnYyjbOAwOrNECjIpAFT1IdRq-ChE8trjsZs-DbKX7pcXnHAHMOh8JmBfR7yJSvJ62plYoysaYsojS41tbOs2Mxx17NSDi1XIuD3W-rMQ0MkNZa8-G4b9dvKVPfFMfRpIIoagEZgsUwDcmEy0beiIwOHEd3r38Fv-K5s
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame D517
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPDkRfkFdIU526Fk2aciGaQ&google_cver=1

43 B
1020 B

89ms
83ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPDkRfkFdIU526Fk2aciGaQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPwBENm9sbICGMSfq8IBMAE&v=APEucNWXuykwjw_JOEUUnYyjbOAwOrNECjIpAFT1IdRq-ChE8trjsZs-DbKX7pcXnHAHMOh8JmBfR7yJSvJ62plYoysaYsojS41tbOs2Mxx17NSDi1XIuD3W-rMQ0MkNZa8-G4b9dvKVPfFMfRpIIoagEZgsUwDcmEy0beiIwOHEd3r38Fv-K5s

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fd9b6049-f1f2-4786-99f6-f0fe81491bff
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPDkRfkFdIU526Fk2aciGaQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D517
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

170 B
188 B

102ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:12 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 91025819-8d26-48bf-a28e-881126abb1e9
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 7010 25 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AY1xotaDYmbTrqisLceDdgk3suABCC8mzWj0oz61gMpmgRIBNQP0WYCTsDqx6-SzFAG97AKdE2lbkC6fxCNxjsZeIAwsBAT34MlK0wweZGdrGI1IDLGinof3vR3B1HuXAuloolCZB6a9wEkV7-F9v23WK61A&cry=1&dbm_d=AKAmf-DycSoIovXMsdLbgUHmluQPty4hHpTi6M62I_LkS0yCGVPYEhHo1N8qkxI1EQgGWciA8yUZGrHfL6wpSEhNWCkMoUXVlKu7gQBlmov21LURbnWs0QXih_Q6BT0SY9seLWoVB4J5djbu5i7ETcYmWb5BdbvTuzU_Arv81THOXJmMAgxDWniNkP7hgIV3h9ah4tEArpZ5qnWz1Fp3VS2oYI3vitZCZ943Q1RDTHE7xfnbh6FF2Sqjnm4X9ZDbvifkVJ4iNLT4W2rM5MBdhoaRBg1O5xQjkNZ6Eoz1yN-q9aKtTVJ37FEdZv3cextL3uGet0VM3TiB0m48D45eF8l4rv1pwqKC2-WxD-ZSZGtC6-aFX5duz1_3dliwPex6qkFsbOa5_gvHcMEuM7H6P5D78iFK_-iGP8LnVPsv_FjVPYUOcLXr8FAJmNbfIeVhp8b6_lA0TaAl4AApM_DhPaGPj9UiEcJoJZQEZZF1stjcYwQ8VkFkV2qU3Iuw8F-FYA5jzd2ailajsFYx7s-Scv92cIkcOZ5b_htIK6dMezhpzg5Jhrd-BOHg8OUvn3QrO7vAyDEA3dXtiymjDMSkKgg8pOg8TsdHvivA4jC8fFBT5yO94s6gj8-hNMW7P5quLWSuFDjJkoKq-5fSVuxsQua8k842nv5r1c4MmIvFiypFe1O32tYIWqevWEcua9z0nV1wh2M79hxRZjleLdjbwHCXFMYt_l7L5UDj1PIsLO-7Pgt5pFVGNec9jn8t-aBnxaqnjfKYeBm7DysTGB9lo7YTsT8a_FhlDF-hfKrlL_Wa0kruBA1ot3uqOdoLNlBPKy2gA7pb1Smgkbe_VFmNZG_Yuj4IW7FRHaUfRoa2jm4AKeXw-0A-Oaq44oNUcaITj7UexLHrsmMeuzkRZtbBDPROPVQnQpaqL1XoTxqs_w000B2ok_S6QTE-1qWqV69nEKLZcAh0_vtRGRPgGjjnF2Kxt75TK-4UzPlIIr4DWDGV2z9nDb0j5hKmJ1zJEykLdh9jeYMtxUW66fKUrR83iHwyHkhJos1iXxW0Zr-8ERzZLQnkFzdb3PqbR92CHU02bEAUwdNJrje7FIRIeGpj1hZmwXfTbcUfdKGQxwtWwk26pzNEWkgPJapxH9Q_UIDPfY9HBOW7AhxtEhcypJMYfMJdgaWX1AQDs4eqtWuXIFGjd5CPWlDLGEv-Q87c0RiyWV5nxhvKEu4yxAbiPndy_XYkYDtkYnjZ9nsTSCnDrqC1g5rh_7DvVA0LohdOjASkoWwpj3_aa_-TMMDdifB6skJGhO8qL_zNs9pHQZDfdYt81SCINvMhaHfW1VBhCiJlsmy1Y0Afz3pYz87F9ik9vN9pWtyCMSksRboMJ-3ulxzYvOtxwFlnmWeowYmZq7spdEh456dvNrFPT2r5hXcwP4s4s9-KVtDqU0uoGQbu40X7BflgVFJ-wbx5kKxsLrP04Vhomilv9ARJW2Gl2lKi6qc6M3LUidyB0tAKF7yjtxkrSh815uvkMXKBY2Wu3dLVd0KKk0Z-0rebidaZGepObkN2jDqfU_7FJdGq1PhmSSeHjArHYdhSrx3GdpGtgRXjKjJsecfVLHxKncJ97OeMMoPZUKij9W-xyxS6_ELG_NFqRZiWyWyI4jpr9HsxabIgCdyaFQQMVCyUNVCI3vxMKySE-YNxgQ5QjaT09hORFkFyFrBgEK6k2sD8Y3TENiZqDNQ7DfZP3TIOtqAkiaAqkNMCqMwMSAgq1BvAtoqeVKMlIRTiDgXlTcHq6D7ePJzTynH3n6dgvqleggYiToPK8iegnXZ8oI8K1oef201xqM7udHtQbsKy0cb8g9BxzYdQfKEcEjzjM74OzF9Fhhs4ASvFjVwBJ5gO1E49cxQ_DHrFMw2pNMJ8qW9Mxf_UUAfn7La6thAVnzx-6Msqchao1VKh9hxQgLSNBeuYQx7UgbvQQIR4H2B2ZWfgxpBOGnEw_HnzVkZnT6QWv7x2sJvOk8JapZPWcGTHUERmQM4CbLXeN58_a3UWYJUTVYR50L-hsBSrkKdqHbbJOOwCt8zdD-akLCS9gNLo0sqqhrxNvc_4oaFfmlaMK6wLd1nwHcwFzAtNhegk8FcI68QS46p-T6tIqtt6RNmI9pEQTWnm8eWIGADduLW7qMYiHZP6HKxK3P9HY-xudkCQIRzEJtCXgbWooy3QyqzhO7n7ivU4rP6iRJ_fvypoP4ts_alYMofwXrvxLXYUeTUFIVNPHaZXkFKdEkj7p74RygSwUo0NVAg49KPeGTydgGH2rqp-Csv_-k5HlL3qHvUpMwsJTIH9LEUQB8fbMdzhI3O-0RvPMMO1-kzQoG9O_rtbcjVf0QjFINoh2YnxDBS6Z5B4Vg_tIIVMhq0cin4l-ubj0o4RpGqqiiT-4I3oqvpZrUMJJ9z7QIZDxLtB0jPTMYB2WPUrHtRpGWygi1kt6dCDKRnyHZHG4HaA__Jh9r-22wRu4j6t7wm_UhKAFulpwS56mlqzHw3EqAf676LpeA71_tmJAcnnbZVqwuuK_g4G9YBuNu-w1UB7xtC0oTPi_KFziOBIPqmu3IG6hTIBkHnT84BxK7zujT5GYV5lNhWdiM9z6cx4d87eTGbwC47-N24Bz5EG5zWCK1pn064kGKir0VkuE3KP_QWU6b7yqgz0wvGTqw8t-J7a6QCj4nQcS55ScEB_vGUiFlKtgxp8w6wtxHeF6yx1m0iY7tEYxOXPcjXIgtiEct8VZU5tUV2Yf3twBuSw3vtx8JQLDv47oydS_cenvbfSgPXXxh7GLxBX10hUGzIPiKvwnh_nM6rvtJwCpxSiCeE9wzPZ7AKnKc3s3dDPhbavGd0TkctlRXTZj6qbLgJREBeZfIotp_r3f8TjwOk3qvPikugModtYTrM4T7qqZtRsAwjOGTqreolFZsun1q9VYZT57AvrARCH62j94O3YFlbMOOyB2Zy8QE_ielXQvqCmDTRujYbCNna-vhevbKuM3k7YO4eHjY1b-KCxCpSxWgZnTEl_k5uJtfZQxJkBYv0tL7BoZGH9V0p6Mfxf-nL8dNRno-9XzOTtzSNNShyCH-lzWPlWio_JuY0zBSc3wYhpMhBPS3R5JpneDVwp9Ssqm2aB5BX93UT2vxteSbuBKButomneejarOUmUCKO0ljZStvxmZZG3U54Rty2GjJ8HVrAjO2eSJWzUftGkbMe3AWphgGyQxPKFGA&cid=CAASJORorJKJZ9gd1TTi4Cd0ZsoR0XHwd2Cr-UqI6PCqRdtlSJfX4w&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:09:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7010 41 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:34:28 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 610F 0
9 B 41ms
41ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7sPpRA
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 95FA 0
9 B 41ms
41ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fC0pxA
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6308 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ARUmiaFiHMUZqRCQ3U14IV3JAF2Ov9nD77-1X6_e7X9_Vd0OM0B0MpjCtjsQnR6GaAzHlWUbbtp2qtkbPA0O6LhRUio1ZA5-pXk9Q2F8ougdmMRtY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 6308 2 KB
1 KB 168ms
43ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=24745814&cmp=27428741&plc=331181895&sid=4007930&aufilter1=1819931&prr=1&ppid=103&autt=1&auevent=ABAjH0g03n_TCDQOWvUQ1FtKzgNJ&c1=1819931&auorder=27335844&aucmp=16571935564&aucrtv=413140130&auxch=1&pltfrm=1&ausite=266259341223&turl=https://kolobok.ua/&aubndl=&dvregion=0&unit=300x250
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 09:42:27 GMT
Server: Microsoft-IIS/10.0
ETag: "95ce63d2d032d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 6308 8 KB
4 KB 163ms
44ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: ba44a4000b666007db8fa277d623d51b23843f158b52060fbfa9db34b7c52c79

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 11:59:17 GMT
Server: Microsoft-IIS/10.0
ETag: "809856cad3ed81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3290

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 6308 2 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:07:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6308 119 KB
36 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:10:12 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 6308 15 KB
6 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1014
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:53:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6308 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTOMwSRDlwvmKuLBDimsVQS7ma8RZlkiP3kl2vke0SA5gT5hHTVBl6xn7oPdmQHCAo7p43ux3Mgjevw0XKao-F6jcsu6A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1796 624 B
297 B 55ms
54ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8YoomAxQEwAQ&v=APEucNXPKqP_N2IRHjOzWXf28D2jEVMn-_kz_hKnVdrhllgj-xriJHzHpzVhNDlXFjnwcaFfLCL1814fxQ35YhKpW9R5MNsL0eGBG9LljqhNkOp1sYKN55NPTT55iHSli4VI5D7CFCm4BBVVWxQahU7iA5ONd5NgBFmRL1IB3yaZOV6MT6X50bg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 27 Mar 2022 08:10:12 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6308 14 KB
11 KB 74ms
74ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdTskp-raKv2InT_b7hdg52ATeScDc_J4AUXW33vfc9xH1r4kyfYhHp5rVXinhxY9GllMFvtmwkkkRPZG5eid1I72PdGCjx5H5ezaNBDyulnfHucjW9KQ-kvAirAXqjAyca50HpvTIvxZUPhhj6TM6aQ7Hsg&dbm_d=AKAmf-DMEQw526GE3Lvhn2PqB_P-h7Rhx9HdPKITb5LsOcHhSEPwtayO7AQefH-ne_xtjmW33Ah8-w6DxKyf63CR23ANVKR8A1wQ1xZ3bzzaGgjbLQmwsU0oSVejFz8PtiCpzNn70IDl08jnc1-z1uCVEynKio7ilDiOEdpVP2L9hHTCcnoBaMAGyzTIcXi_GEGhuFcMqNRebNW2akZ_ZdRxS59n4BGldn4O4Mf6uidDppc38l7nWOTqohmjcUCi1prBBWYSWVQrbJh5zzXEVrdTNGFwqIKFi9h5xpYGBbXRhFnFZFYIPELQAKHy-hwTcjyTKtvT6P_h0s1OzVbCpDlVUQs-UEOBvXW0NIBcHDJWtfyu0oC5qS9ENUWLfIhkFIWljx9F5kXgQ8E07K4QLhmDZQQYQ7W2XkndR0GpIXvx3jpzLOLVojqGFGaSq91P-XybroBZ7-Uzx8y2FMRfnJWXa_juZAG4E5QX9qjUz6a2sNbzw6m2kc-eJ25YBrrgr4cF-yGgwP5j3KE2BDZWAjAwagknP_d7cNoLA0ge7UQkNB8Mapk6jaKSG9qd8M_oSOMZJvbJuYcWavHRVgXZrK2F1FkdAOh43J_HhtQbyegMXj52GHk14-DwgJSvFmqDZbjSY_J60PSwn6wmVXcVLlsDMCloEGCQqBL9a1FJRuIK2Kq6vqfj8SBQ4vKjor8qOW0QGqoOTsVowJ8iobNYQVnp8GpESb5IRq0nsgBZLodxLS_Gtjzj4GMhDrg6MeQ47MUbUWa2NFZp0LO3ixoEoQ8orLP94qwt49V2Sy5lda3WqEQcQvTlcbOZDWOT-2X9rNAPp0JGb7mU_aeJ3NzJGb5D0fScdaChS29dwE2o2iu3L5R_eMfVVTRyi4ssM8GG1IjktVctpBOu2_Sn5JliSeF9hU3aH2VuQveXWG2qemlpJFgg8s4-lAdvWDeeYaj1y6ZZF28jodAolQ8l8ucqUy0MyTTHYQLGOL5S8phrJJPTDIkMkW87-zae3zLztQzP00SyALJRkPb0dLFNZYjTFDhOv7X4tbTHtVFLWSv-r8YNIh3O01txjbuvlmJYrYidtJirTIauZ0qf35C5QLNG6nUq1MSfIsMJyqgr9TfslqQKYdkpenISxlyu7XUrHIpPu3pfZoLdW6vIgmsn2Jc8kQWdL4dd9S05QiiU_WxWKHYQG-MCJ1DFiMwOtFUlTdS7RmG0pfhomBEKdR0QerT1zJbJ1ee_H52WKShiTgNwgBwgeLaYgzFE9EmtNtZNBMLKkHzIIYdqJsw9U7iygzro5Js2XI6y6AZOHK_sRA7lqghYyB-QU5aJCusLL8gWZxJS_J55PcdfleldBz996pMQpU9QjkNV4CmcZHTtfLYdrSkmaKCPx4c5qfkyqOe_MrBRoWvio6aPmHu2yF0bpEU57zzcO8pokYYPJuYT7qN19N15IQcL1CyvSLSzbLkPj4ErdKvccIwDzKKHEZ0Emr9eOTPIjuNMEPQEAWBW3psmfanlYAUrNTRn2WCLAA21l-14VMuoYfGXEeDiSPOCMnWRGQEgp2qd18CN7va5uJo58_38cAoB9WDUl1EOhEhdVlX1pvs3BvFgmEYgDF2i40lR1e7zcONn8h5vA_Lzk9Zmr2lfZ0MwPm9U9QJ3glIJ4p2KygDLwUj8HRqtdcMYvmBIsaqVClSjW4PUXHwGG-PUwGAEiIsDGNYJuRbBWq7EGC6t9_oizdRHk6awVROSTWnJWGjsy41vsSUgHyh4ETShjkUzqQGJxE1VUlAmFVmr0GisKg4jaixsIUGWENmUMJ-2VJIpaLgZiFPDUPm5lhOrOfPBKrcFtwNdbGKU2Rel-fYyvtilyc8keg2CPEgmcge5hwR39aGpMEOfZ89bdOROtabWxStlCUyckF_t-z84EKJcpDhaahyMafv_UxxdYBDMAmat68mvutAsChJt2ViB1ORxDaKJ4rwgTnILPD947SFZGqNMa1OypAEOBRJi-8HzBShe_JSjWUSLiZ4riChrgxLWkKFBeZ-HvY1y4Bm-NCAhQsthH4LXyfxTZwhWjJHUXJRMArd8D3R6IDB1S9aruFG1U1Y55Jixsp-lsk4-Byqfq58AgFemnloJjzEggyQuIkeMq-Fv_kYhvtAf6lDVHEsEylVsBnlgB_VIspXQapaxcoOPhDf2JeqMLzK3PAWsjEIaxQ9kQajv-ATCdbz1sY3e5NyabwdNJCno5f9Q0tVUH1X1lPatQX7rUB_UuVvxJ4fPFgq5JyzbT7mUgElhn2XvOw1HQX4RbUie_2DmZpvIrNhItIa720nogj2cryBVT6Dt7em7mkOGJUFL0X9VJP0fKZzMA2W_rwlFDjtq30qEBPNDenIy_He8UTYBKoiLJ4T-DT2S11hUSlmpq--PxUR99RyJZ4umCm0LWtacPX7lp4iq5RAS57PCBg7OnzSQZGj6qm9plMSXyPxOm3URASZokXu8dv0tTccAU3FZJwWP4WWoOkHvW846cRoTMT45rJ4Y08j5AUOul5-wQnmLt0eLZlKDz-vMQp8p_KmxR4FsH66OUHTru5FpIzxlijOAdhiKa26mIrDer8w9pHsl62niNWOnKDZZsHKNuy7Vq5iSK0lKjRc25IVpp3KzJZwnxUBSCOwgWw9ikqRinO3Nzbw0DHtS0kC8OLHifPpKNnL5GdmUyk5YV7V2&cid=CAASJORoZobw-7v03SvipWvqv9pajG4pfvv1IRN38S1z_EwXNd8upg&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ef3ddb60a2e7f1ed4eed78dd09dc6745cca0a2a56132aa8f41841243e1b122c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10753
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
servedby.flashtalking.com/imp/1/170420;6331247;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360728x90Natasha/ Frame 7010 1 KB
2 KB 153ms
37ms Script
text/javascript 209.197.3.19
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://servedby.flashtalking.com/imp/1/170420;6331247;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360728x90Natasha/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kolobok.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkolobok.ua%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=460869.1582258819
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.19 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS: vip0x013.map2.ssl.hwcdn.net
Software: prod-xre-app23.lhr11 /
Resource Hash: 715af2a9a07b5df6011f01f74bf4f352036ea220fa6a2092239b4befdd986361

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: prod-xre-app23.lhr11
X-HW: 1648368612.dop245.lo4.t,1648368613.cds075.lo4.shn,1648368613.dop245.lo4.t,1648368613.cds002.lo4.sc,1648368613.cds002.lo4.p
Content-Type: text/javascript
Cache-Control: no-cache, no-store
Connection: Keep-Alive
Content-Length: 1489
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5077 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 254144
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1530 6 KB
3 KB 90ms
41ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 08:10:12 GMT
expires: Mon, 27 Mar 2023 08:10:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 48ms
48ms Image
text/html 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=VHpZSWRzOEV6c2paUVJuVDNXa0xOc0lyUWVSeUEwYWdZUFRNbXFld1B5UmN5L1dRbmFmOVlWUTlVaHJkTFUxa3ROZlZmRU5saTZBQlI4NWpTeWc4NkxRS3Z6d3NTTlR2OUFWdGJyOEpYV2xlMmI2UjZSTTd1QTZqTnJMZmZKYnFsWEQ2cmxpdlp6Tk1KMk11bG9YaFVwKzlobHdLWjhJai8yRVc4Z3N1WkdZNlRIWHNPQmRBVENSOXFuaktMZ201N0RiTUVwTmpRQkoySWNMT2l6MDlIQm0yNk05M2hzQW05Z2hHa3hpS2lxNTRkL0ZiTFpqOUdOWGh2d0lsSlNHRg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 42ms
41ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=32016391-c510-4398-a7ee-c09e88869583

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:12 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 43ms
43ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:12 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 container.html Show response
5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8852 6 KB
3 KB 67ms
43ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 08:10:12 GMT
expires: Mon, 27 Mar 2023 08:10:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 45ms
44ms Image
text/html 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=TjdSZVVEczg3bmp6eTFkQXNKRXBRNjZnR1lhOHBUNDIxS1djN1h2T1NuUXhjeGd0YkJ2ZFRYa2FXbzE3WHUvWGN0VGtYL1ZRWEp6czNmTW5uaGQzUGpTUTNwS3dMTjh1NWprWnRkdVcrZmJyTXhYaTNtRlVnNWxpQUc3QlVoUXNuS1VxbFR2NFRPVEltb0Ivd2JRRytGU0Y3LzhoVDRwTWdXUHdqeDB4akhaN0lueEd4eTAxcDIya1pnc3JtY01KR0ZXUzkzbVJiQlF1NTJ6dG9iaXE5WlZkdEtkeUhlUVZzK1JTZ2RUc0NlbllWeFZxWHhsQ0ZvSTVrbG9rTi8wMg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Mar 2022 08:10:12 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1796
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4v-mD02bbxRoMiXtY9CAU&google_cver=1

43 B
1012 B

85ms
74ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4v-mD02bbxRoMiXtY9CAU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8YoomAxQEwAQ&v=APEucNXPKqP_N2IRHjOzWXf28D2jEVMn-_kz_hKnVdrhllgj-xriJHzHpzVhNDlXFjnwcaFfLCL1814fxQ35YhKpW9R5MNsL0eGBG9LljqhNkOp1sYKN55NPTT55iHSli4VI5D7CFCm4BBVVWxQahU7iA5ONd5NgBFmRL1IB3yaZOV6MT6X50bg
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB4v-mD02bbxRoMiXtY9CAU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 1796
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkAb5eUgGbJu2pwUtXIAggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1

43 B
892 B

81ms
80ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8YoomAxQEwAQ&v=APEucNXPKqP_N2IRHjOzWXf28D2jEVMn-_kz_hKnVdrhllgj-xriJHzHpzVhNDlXFjnwcaFfLCL1814fxQ35YhKpW9R5MNsL0eGBG9LljqhNkOp1sYKN55NPTT55iHSli4VI5D7CFCm4BBVVWxQahU7iA5ONd5NgBFmRL1IB3yaZOV6MT6X50bg
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 1796
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEEvoGsHIptZmV6oWMJahMNM&google_cver=1

43 B
1020 B

36ms
36ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEEvoGsHIptZmV6oWMJahMNM&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-IbBCbim8YoomAxQEwAQ&v=APEucNXPKqP_N2IRHjOzWXf28D2jEVMn-_kz_hKnVdrhllgj-xriJHzHpzVhNDlXFjnwcaFfLCL1814fxQ35YhKpW9R5MNsL0eGBG9LljqhNkOp1sYKN55NPTT55iHSli4VI5D7CFCm4BBVVWxQahU7iA5ONd5NgBFmRL1IB3yaZOV6MT6X50bg

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ca7d4be8-b44b-4b62-835c-ff0747820d5a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEEvoGsHIptZmV6oWMJahMNM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1796
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

170 B
188 B

56ms
56ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f16986d1-812c-4d33-9c91-fed18b41908d
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6308 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DdTskp-raKv2InT_b7hdg52ATeScDc_J4AUXW33vfc9xH1r4kyfYhHp5rVXinhxY9GllMFvtmwkkkRPZG5eid1I72PdGCjx5H5ezaNBDyulnfHucjW9KQ-kvAirAXqjAyca50HpvTIvxZUPhhj6TM6aQ7Hsg&dbm_d=AKAmf-DMEQw526GE3Lvhn2PqB_P-h7Rhx9HdPKITb5LsOcHhSEPwtayO7AQefH-ne_xtjmW33Ah8-w6DxKyf63CR23ANVKR8A1wQ1xZ3bzzaGgjbLQmwsU0oSVejFz8PtiCpzNn70IDl08jnc1-z1uCVEynKio7ilDiOEdpVP2L9hHTCcnoBaMAGyzTIcXi_GEGhuFcMqNRebNW2akZ_ZdRxS59n4BGldn4O4Mf6uidDppc38l7nWOTqohmjcUCi1prBBWYSWVQrbJh5zzXEVrdTNGFwqIKFi9h5xpYGBbXRhFnFZFYIPELQAKHy-hwTcjyTKtvT6P_h0s1OzVbCpDlVUQs-UEOBvXW0NIBcHDJWtfyu0oC5qS9ENUWLfIhkFIWljx9F5kXgQ8E07K4QLhmDZQQYQ7W2XkndR0GpIXvx3jpzLOLVojqGFGaSq91P-XybroBZ7-Uzx8y2FMRfnJWXa_juZAG4E5QX9qjUz6a2sNbzw6m2kc-eJ25YBrrgr4cF-yGgwP5j3KE2BDZWAjAwagknP_d7cNoLA0ge7UQkNB8Mapk6jaKSG9qd8M_oSOMZJvbJuYcWavHRVgXZrK2F1FkdAOh43J_HhtQbyegMXj52GHk14-DwgJSvFmqDZbjSY_J60PSwn6wmVXcVLlsDMCloEGCQqBL9a1FJRuIK2Kq6vqfj8SBQ4vKjor8qOW0QGqoOTsVowJ8iobNYQVnp8GpESb5IRq0nsgBZLodxLS_Gtjzj4GMhDrg6MeQ47MUbUWa2NFZp0LO3ixoEoQ8orLP94qwt49V2Sy5lda3WqEQcQvTlcbOZDWOT-2X9rNAPp0JGb7mU_aeJ3NzJGb5D0fScdaChS29dwE2o2iu3L5R_eMfVVTRyi4ssM8GG1IjktVctpBOu2_Sn5JliSeF9hU3aH2VuQveXWG2qemlpJFgg8s4-lAdvWDeeYaj1y6ZZF28jodAolQ8l8ucqUy0MyTTHYQLGOL5S8phrJJPTDIkMkW87-zae3zLztQzP00SyALJRkPb0dLFNZYjTFDhOv7X4tbTHtVFLWSv-r8YNIh3O01txjbuvlmJYrYidtJirTIauZ0qf35C5QLNG6nUq1MSfIsMJyqgr9TfslqQKYdkpenISxlyu7XUrHIpPu3pfZoLdW6vIgmsn2Jc8kQWdL4dd9S05QiiU_WxWKHYQG-MCJ1DFiMwOtFUlTdS7RmG0pfhomBEKdR0QerT1zJbJ1ee_H52WKShiTgNwgBwgeLaYgzFE9EmtNtZNBMLKkHzIIYdqJsw9U7iygzro5Js2XI6y6AZOHK_sRA7lqghYyB-QU5aJCusLL8gWZxJS_J55PcdfleldBz996pMQpU9QjkNV4CmcZHTtfLYdrSkmaKCPx4c5qfkyqOe_MrBRoWvio6aPmHu2yF0bpEU57zzcO8pokYYPJuYT7qN19N15IQcL1CyvSLSzbLkPj4ErdKvccIwDzKKHEZ0Emr9eOTPIjuNMEPQEAWBW3psmfanlYAUrNTRn2WCLAA21l-14VMuoYfGXEeDiSPOCMnWRGQEgp2qd18CN7va5uJo58_38cAoB9WDUl1EOhEhdVlX1pvs3BvFgmEYgDF2i40lR1e7zcONn8h5vA_Lzk9Zmr2lfZ0MwPm9U9QJ3glIJ4p2KygDLwUj8HRqtdcMYvmBIsaqVClSjW4PUXHwGG-PUwGAEiIsDGNYJuRbBWq7EGC6t9_oizdRHk6awVROSTWnJWGjsy41vsSUgHyh4ETShjkUzqQGJxE1VUlAmFVmr0GisKg4jaixsIUGWENmUMJ-2VJIpaLgZiFPDUPm5lhOrOfPBKrcFtwNdbGKU2Rel-fYyvtilyc8keg2CPEgmcge5hwR39aGpMEOfZ89bdOROtabWxStlCUyckF_t-z84EKJcpDhaahyMafv_UxxdYBDMAmat68mvutAsChJt2ViB1ORxDaKJ4rwgTnILPD947SFZGqNMa1OypAEOBRJi-8HzBShe_JSjWUSLiZ4riChrgxLWkKFBeZ-HvY1y4Bm-NCAhQsthH4LXyfxTZwhWjJHUXJRMArd8D3R6IDB1S9aruFG1U1Y55Jixsp-lsk4-Byqfq58AgFemnloJjzEggyQuIkeMq-Fv_kYhvtAf6lDVHEsEylVsBnlgB_VIspXQapaxcoOPhDf2JeqMLzK3PAWsjEIaxQ9kQajv-ATCdbz1sY3e5NyabwdNJCno5f9Q0tVUH1X1lPatQX7rUB_UuVvxJ4fPFgq5JyzbT7mUgElhn2XvOw1HQX4RbUie_2DmZpvIrNhItIa720nogj2cryBVT6Dt7em7mkOGJUFL0X9VJP0fKZzMA2W_rwlFDjtq30qEBPNDenIy_He8UTYBKoiLJ4T-DT2S11hUSlmpq--PxUR99RyJZ4umCm0LWtacPX7lp4iq5RAS57PCBg7OnzSQZGj6qm9plMSXyPxOm3URASZokXu8dv0tTccAU3FZJwWP4WWoOkHvW846cRoTMT45rJ4Y08j5AUOul5-wQnmLt0eLZlKDz-vMQp8p_KmxR4FsH66OUHTru5FpIzxlijOAdhiKa26mIrDer8w9pHsl62niNWOnKDZZsHKNuy7Vq5iSK0lKjRc25IVpp3KzJZwnxUBSCOwgWw9ikqRinO3Nzbw0DHtS0kC8OLHifPpKNnL5GdmUyk5YV7V2&cid=CAASJORoZobw-7v03SvipWvqv9pajG4pfvv1IRN38S1z_EwXNd8upg&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%242%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254144
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:34:28 GMT

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5077 35 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56667
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 16:25:45 GMT

GET
H3 200 container.html Show response
5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1C92 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 08:10:12 GMT
expires: Mon, 27 Mar 2023 08:10:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 54ms
54ms Image
text/html 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=SWZFS1BkUDdaajZ3Y2ErRmYvMVNNMDZCejBld2FnSS9DYkxQVEhyN21HeUhaUWhaWVJtbVJTb1VBMWdnblVnakRTRU1STHl0R2VXSXh4bEViN1lBUEVSeVp1N0loeUtFYjhNWXFQd0picjY5Q3JCcXhGVmtEM00vcmIreU1tbUV5bkwySlRuWWdpQ2pQSVF1QldDUFZOdUFpM3k2d2tLWTMreCs3QXFPVitOejRvaWEzcmRsNWk4ejlOTVRKbW5FQ3RJZ05JdXpPaSsySWZmRUgxQ3VuVWJIZUZVTnBKN3RYeC9hNFpTZmY3Mjd5MndmbGk3NVhPOW4yMXBUK0dUMQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 43ms
43ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B308 22 KB
8 KB 42ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 254145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame E1FE 624 B
297 B 56ms
55ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNUCId0jY56oHXRPip4QiNoRr5OVs0aWAzWax4-7-FB19Y2JVjF-WZmLP2Sc6R9G1WG879a4cWt4yhRN4TIwd26pd3bUgbQ1jT_udgLgKoWaS2aAVJVMqwBf4hp38PPpWF94yjC5NMH4s6qQn-yua9l7YkZem-ibt8DNNHyZY1QT1BimdZg

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 27 Mar 2022 08:10:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1530 77 KB
32 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbeSaBT5ctFY31q0GSw4H2Q41JqutTZq5LPE79d-hS8yEq44wk-T0-Yvn0hyMJ98cT6q4MBsGmfrs0wTPA0UP0Vvv8_g&cry=1&dbm_d=AKAmf-AeCxzGfmNlsYC2zfQwHmLFFkqFxcTv9GbcKQrp1OlZ8b3nuJc3ciY8TqEuReBfTZ_BscYDVBtDe7OSieIJ6w0Jd8wKOpS8qtU7xBqxenHr_NKw2yAOFQ_y0XVMjHg8CC5jHzj2a1jeqsSzrGxqYV1UdCnUWboeqnqIIXw1qI9v4f5R0sEQLKk2AQduBeD5S0EFaKbQdwmaocZARAF0WLXeJiC2k7C7M2Y6a9qnJm6N6h0O66cIhjGcsUOA9L23tFVFjfuDaAgK4ZoNT_fWNOnnXJNPEHkWeRyJ2ihXlfgoAC7tHUvWZgBICRUEhxyY5Zq-AWvt0RwIop4R46Hgcdw8OvqBTZHr_XjxhmknhAuspxR4VubvhC-VZOCheq_7wAyIVkYS4xYK2nNS6_NWMnApkVBsOJ42J2_60ZpH9br7lsGGd4GbgLdMvN-YZacqDExyGi5oZSvULHV5shq746E8EgM_sMtUrDg1UUhCTtM1_6fl4Q749BFqqecUVd8EBL-yEEKttYMunfkcjAQp58OfOPng5zaBucNnBnxsI8tXSMqlAchOeZSrJNtJBs2fq3NgEe5becLhxwlGc3lbh3f8iEmJOis1qffMW9jB-giBAnou35lAZIRK6IhryotJXGzWRTyYsJDWGfv7E-7I6f2ynoTnIPk858PP7nM1jHCSK4yWwxr_rhTJz8v5hm2JjyWAHurFgQNOE7h_s3gMOEiPSrE9IfszmIBl8GSJw75fojRpo_3TJWFGp39XAXB-mvTxhAqdFwUGB6Mh4lMty1dRMAyRfE1oIiu2_vdjw8n3R6ul07grp5i4uGxw0hIaAc8fBuj1YRofKIegNZtvISYlcs70tqL-WjZyrgVC_rxaXVCW2bDT-3QvBPrMXDHQgWXoJfYQHfBA2UwM6QCK1lCOvq9Fbmq6lCnv3x-ieqNQT8ysmNkGA-5mDOmC1itmwsDXCVFadrqGAgHSQTMB-NSYTtDZccqj-yeeuvyS086PdnBty2dHJl3O063OLhwyOu8hpufKLkukxDI-Ti0obIP1kZy-7Uuw2m-8nb581MTcvUboCKdXnIWwu69bsPfzxX9ojPY7DGQ9KT7IR2j-iKKuYRmhp_pxHtxGbp_PfJun-cPYG8Hmu9qro4cpAPxjtZYNjWWfvAJW547b6NMf4w7bKOkPwn9wfi8Vlxtd6bw6lGXwm0odKAfymTgF4OfEk0qm7LDqRkfArjce2GDQvCotbh3BXZ_ztXPk3MR8jS2Pu2La_yUPZMoca2YbkfVFBxGOjYiW03D6vh-_ApANsUMrP9gyvvy6wpzuVjytUW9sE07aJPN8J-dIRdozBOWUSuydJ2_ChOTzaEsFVPCM6k9vNLb9N1RDizR7eUuCueXhpkJ-SuT8TzRutpI6UYjt7-UqOkIK4VpUDEDcsSK9sbHU05vTUx11_nwJDJwmwCryZcNuASNPJzl-PUgJTrBszixZJQuZK5N3dNJzqzHdcjNOICjniMN8liduksqSB-K3p3sy-NkLEqTvfNxyNZXl6WpcAylO6O06wClMpQkYWUlFvD75L5kqX3tJ9v3gUV9BYyp2K-Dk9mV4zVe5ENbWe0h1Ku-mjuA4kmVxNC4f45-yiHLLKzNo_Yj2URO_6MQDhOOWT50e779fDWwg3xs7mLcka0HxvYTGZDzdXFL3TWjmWKO2FCtJHBzqm_sHKpemamf3afiEYWYCbDvnG4o5jnjJcU7s6glP4Hbgwple2KlvNCuZpmqwbtjspBHNelVmJQMZWs1hjySwg5TMZ8ck5cZFu4jnLDlZXhKRkCZ4WR4danAXPy-YTiCV5GixxzwOn4GwYTtTv-ae2fkCdcflZoHYE3lI7mlv7LbuYWcxIrJjJrTBo2VBp_WfG-qJPM-0-rKRywGzV-ir1PWXENJaGQxYNJr3IfHipqwVyAfr1CJCktyXX7zg8i3FfmA2p7qDcUwNnUE8m3hjhwwIEaY56t8P3hjxmayDSKkNKuJsluBaPB2SIhjkjxhDl13FXQxi0HBV2rP2IdHneawiqz3xQspgeqPhVDBSD22dPGjQNmH9FfXIwdYuTB_GXINQU5PpD0fEy9QbJmTmzHwpAjHj3SjuAkfajWvuqqWgipVwR9KU-vE4IGeqdbBVmvUkQaLAGKpbhVO_EWYFG4kasCGEUKWYKGOLekKBm5QiyRH8_SaRPKTgBF6wIAlsUKYlOi7WQuEU72yZbulpQpSBAi_QlmhdIwelCefdXbsVyr53YviGzZnvKN2AbcIw5uddiqVllLb9JI3i2B0v908KxeWYN-QIomQXAs8Ub1-K8MxjzdIc0KK9dvihZ5QaQof1c0LYg9C76WYhBHk4TJWoNNx-P-1I86AlRlwrPN2bmtBclmSUV3VjDLi1iCg8CATlI1JfJkrhKNm3C4yr_N5Ip22hGIqqiZlc63XfHDILrKV80eCUYz2X2ZWRsGKv25fnlF3V_vjj7nsBdwYnT1hBjt8Rxo99ZYdGT53pkUTL8rhVmsxczoAIMXc92iPIvGAFdpQpYHj0L_G9CxYNMofYr9OFiDntnLt6NDcpc9HuPs9iSOW3QZGONomcCIHwW9iKQaQcz5Iwcl5ggMxZMtpsHKDTsyomJe81uZG0e6P7CA71MjoU5LNsljc9tZiux4KnWU_ICcxgIluRGKoem-yWXZ5m625r5gYoRy2SNmWOsoqmThR5quEaazRRPOvfbdqpczKAuA1D5_-bSBtc-P-TOW1YzBkJ2tetQt-i4yIFtxJ65jD1SH7lkimUMiOmUwqwOlqQVyk3mSOz911Rg8SuApgp8XfnBdXoZVi7oWRnyNh-jyi-h4X3VuFjLjw2nmoG8bOPsliSUhG8AXDbPKtBSRfEI0YDhPyU6YB10UgKkTzjSuXWPkq9OePnPdC4ke73a5n32T0VVLZbf5gVJ13Fa2_vTUoNeKFem8XUs6EMWy-ssjjTatEWk9yFYQV-jKgA8pfihBOB8RFxcsvo2IvK2oHemrmYB8T2f4ptRRHvyzWe3HpOnGrfLH39YI0CLEZRxeW_xo60ftUaytfL6RqPl1q7xdb0JcfZD4PdahpSRkQL5dHWraePFfALGsA_CnWMB0hCwt0m52GrY-fjQsyMh50fuPIWaiy0XCRNx0XPovBYN7wcZn8hDXfBAl6gTfrO85eEcECtLS4&cid=CAASJORoW56dbH9CKmw_W7Y0xFYsWTtyxAvRqkVM1Kh1ZlMi172tHg&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3781637a4fabe7d5d35f7d4a9f62c35dbabe1dffc724805e0d74f32154dcba65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33039
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1530 42 B
63 B 74ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dgd9RTa0J-vdt5FMQKwwtqrQ4ZNvCyokO_VQ-_dN4Fo8ShU6zgwckYnq4U7N6O0zgzFNG9ds88QU8siMFzd9r2Q27_Q2a18A1saXztN9tH3JaJUWo

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 1530 2 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:07:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1530 119 KB
36 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 1530 15 KB
6 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:53:18 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1530 0
0 50ms
50ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ5mp_eQxKaNRuWmBmtK8whAxqEemPoI_3nr1VY3PBD42PJz3uLboiNU95rHgS5DMVcEnwx7PBUHcyLD6y4YVtSu3oVtg
Requested by: Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 200
OK j-6331247-3451578.js Show response
cdn.flashtalking.com/xre/633/6331247/3451578/js/ Frame 7010 54 KB
15 KB 240ms
71ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/xre/633/6331247/3451578/js/j-6331247-3451578.js
Requested by: Host: servedby.flashtalking.com
URL: https://servedby.flashtalking.com/imp/1/170420;6331247;201;js;DV360;DemandCreation2022Q1PhotoshopEMEAUKCONDISPLAYAffinityDV360728x90Natasha/?ftx=&fty=&ftadz=&ftscw=&ft_custom=&ftOBA=1&ft_ifb=1&ft_domain=kolobok.ua&ft_agentEnv=0&ft_referrer=https%3A%2F%2Fkolobok.ua%2F&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}&cachebuster=460869.1582258819
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 9fe21660451041243f1f8a4e941828eb1a20f493b577822cbc845da85c50d02a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Feb 2022 10:55:08 GMT
Server: Flashtalking (AKA)
ETag: W/"17e0e00bfb0c9b76ebdeaae83fe7b3a9"
Vary: Accept-Encoding
X-Varnish: 787888693 788121071
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript; charset=utf-8
Content-Length: 14538
Expires: Sun, 27 Mar 2022 08:30:13 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B58E 624 B
297 B 52ms
52ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNUtkxmjxEvqTP2dj40TiE_RydnTZZQ6WNaFEIQ-Ane9WZpLGrAVQMqGnNpwMxCHHSdZYCW1Hl3Sd-fHQSNE-hohgAKqALtTVBB6vRBiC3-g1PCyHAoQIrn5E9yYcYo5mCvusIHb9QBWwPUshsiaLxgpkDD6XH7ggdfKuRTwNjRQX0rtvEDMgRk-KJjuQxK6RrKUR9_u

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 27 Mar 2022 08:10:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8852 77 KB
32 KB 131ms
131ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPrCvHCrPMpffzrnPPcK8pLgH9R9TC7eGWSnXD6PiTf6CKMu3jPZK3HSVUGkpyQgMzRyifti4JSeO_AFAduICdIhkVjQ&cry=1&dbm_d=AKAmf-AlNkKEEzKHDcVvK0U4ovkAGJ0w8PwYl4gTvSQcoCaKo-1AMd0yqMyP2y0fUsBonMcCfX_MSbTYZARxI__f1w6z-c4TMe76hSZN3tsTptf7oYvwLeABlj-n9PRofdWmOrb1lBzMC4etKbHcUhe4LVEnDyPePfdWEgA7GRX8hYGc9TnuBUd6iD2eL4W0Qtbm-etHJFdF1frRDzbUFg2HiIXcrcJLAm1188T5w-X8jwE50wiQil2e_D5S-JSVFfvN9HpzUQzWDMQJfTtQguw5uInWMLcBd8kz3p9W4szidl_g85-_SH2tE8ZTctAYJIZXwoC7pUn-NuVcbL8pHH5dIEnPR44u58f5fIicZLHFtIpZpPeY58AKidOguIxyuYhEu4NFrEWujHNRNg9gs7_8IPXlUFoEt7Bgt4gB46tNbC8l5f2guKuY_fXv-SKvGDYWhsIJfItLKUiq_Cfu5V2LmyScQqoBjbjI-9yb8ba-FTXThXEct434Bp9rJMdCv6ugwm-sNnrG_jlpF7C3qLDW7ug0pInCdZmpI-1sMMkSS8wLxI9i_lR1HPbCHSkwobxqVxynfIqUhI2sZT_fBbQb7D3CCYImMgRL3MlN4J9-PWjDwuBSVt6wyjkdZ8cbAY58-9xFT0gjZNUHMcG9vGqamfYJvDlgeQfHJa6n7PECmy2rSdrbdTbtqersclRYWPxJlayES9CHYtXwNfnvZX7ZQbiJ5LDlaTNki6nJCtLrL-6JVUaXrT_ZbLb4uWxwmodWlqLeyJ9wRBUzO68D4IgA51ZImMKjlsD3d06RdpbhyH3hYf1Qwc7n3B10CAle8d5uL7ZJVX70wU8mRiCSNwGl0ma1UX8Pnj7XvAhArKfn2-NvkcshO2eGxuGfNZyM9VJOl5T1a8DzOvLnq5qEp_sfJz4mHM4icBEe12MADBRw2hREeTANEmWIY07KnFdXNBxVvCluESZsroE92aTOtlEeh6GocZJ_yvssXe1GE6J7b8WRPHjS7yNuH-dWWEDEJ0YkM4broI2j6kswXZUzvyLTGJVh1jvUI9zrtZDRAGutqjRQ1gnF8_PxGfHu1OapsxS67dTak214NwGLeSr6-uyZcypaV_-7jJQCQ6RBfQaf8zmR0TBpCMnlT8BWgph7H9do2hp-tm2Oy7soA8bsB_IKSXAX91qUBWY9r7cnEt2hzelmKtFeddHXZyv4LGRLz_8Fb98eZHBFY0TbuiIsvMxRTHr7EING49BvQCjc3JWD3E5E2aegkhM-MeVySLEMIRSZpG_SOdMG36AwDv_ZKK3bNWBe_EmdJ6zbmgSKWZyzSqLfWePcXVX694-sRNURi8FYhwKkGiVribI2lmhdlLxyGLpl4QvTnRikuDlF_Oa5fnof5DieMGE0-XHosIBpYD310XRB_Nx-PrOE5_I3CHbuqdr5LRSlAm3l0A-f5CrZyH0oJ817p6dJMzj4tDz0HxX1QsUkT0B4zx2WrsI4uDH6otG8hwMYuTIv5rsv4_dVjKIZsww5LGLx5zqYhsstVWdi5RKq8Dk-GxWYGngz03BtBC1S5p1glhNGNkNyIgMiO7u5RrytiJyIKCuGCxXZNwgL7KzG1b87Msu5GoT-W15Ku4O6bCIET1mb7DEEf8NzWh7hQiR21Ra1Y6cd-QPh1M9VfoXVxD921olG6qMFarrcYjwGGvpDfwuI9aGYT14oZlA0CTITRYfad3f1U1yqcVRnj0GPqY6gX00UZYQEF-IzZZ8W-8Fhbra8fsV5sdMH8GZKaseKP2l5FKc_u0EBGMdzfU0S82Ab4jc1PGqRXXCX1PIZ6UIeZPtLCux3Op-Ui9TpPPDK3WFeBiTTKWfeN3BklM6faMBT_s-tFdtA6u5uUEeXZWSHmFQyYB-cRzD5fSstY6VYLXBwoo3DDeO1otnzHgiBjwh7FySfLt5lcFxGdT-zPnPXnaQK32yQ7nDs2TX0fP_IqNff3iEKnHsvAce5aCIegF98awwapp3PRosvb5Ykg0nQYeDry-yHfCv11QlQVIFukaMJyTIV1T-3no3YULQ_Y7otgYMu4EFCuDuRTMLyuDjgCeawoLdBDfBs4558mauOQKcEfHwtc-rUT_UwbJxY0I2XKVZySIOvAkzrs7LOGT4xYp-_3ugZgK9rKnLsQ5hg-2RmgtZaWfMvcl8rbsIiNj4YCWbMx6TILdmZm57kMjQgVIABwXQ9v37ITEMyiO7YApDZsFCneGKJGSDOWx6BGtml2AKCXj7ncbKXpzTE6kqYRdY5qFUdmd1rlOCBY6H4sPl7JBZudqpHYQEpcPD9ii4D-3UwFc6ZGkhngoE7bnLds2ADEzvGbgEVMphzJmujqRhsS2nZCs425AJBjVSzM2wnSiU8GHh95vm9eNmiLEiZsuWyzWL5SRJ5EbGBo6qTNGSFs3BJu84SnxW6RofKIEdWO0CHsNH15Ur12NWrINeXjBK5RqkY1VVY4PvZ8REpLvEKelkRXzQzC08aESyVH_Nq5DeBQmgXAYXSACCwwOsYz5Pg09njlPjZVmehNvDO7aUu06zp-p3QfK81zV-d1_lWaOposy6q900yDqPiqVMxUjbEvAVWKJgMl12MgpDRo671U3GgRmTLPALP0E2MyFsqizg9mm4XcIDuEnXUctR58xqYOCCGNRAV4rNT6osSSHvEC_WFg0NYwTUhIZQKqddxhCuq3DLDzeFN9HJBiXm0lyrOcNAoIxi7P4PYTjK_uHnDQqOLQ2X1r7SgKHOrSihqVFZHlZ55mAQJTOyM_f7KWWJ_Argt9UUyddp0GBsEf5aiNSpTLXmsRU1lzRGLuJ-lZnqJ4HQpNiN89Tq1fKbuRPiDD7OpAKn6lSFhLKVhTVBp-uhDy4IKyK4WrLsgVbLEgks8_3JBINLlhJ1EmuKBC3I3r-XPkvzOhw48NlaIHu7KofYLm7RhO4Siz9LVIv0t8A4wS71qtuTqXAZQ5B-2kzkLHqpMOwkGnsSRcMgHS3X8ghu6H6_c9jVJkbgSU3hanJCD7ry_WvaM7YbAl0Pdy7HR3mppjZRUOmj5wGUcDnhmId3kUeO6LEltFYPlzsOMYNydgA5GK6trR60AufBIZJA-qcuh9LfzDuWrbXN5UjzjEjf4NlsEZIu6EJ0ywTuDt_1V0C7CizBLojPPJ-efJl9xpNkuwiMWag95uUdAn1o&cid=CAASJORo3NDQlLw_c4QRBhjz8DWfc3dQDj7urPC5c-mgiMif4Mt05A&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c5db83b8f00e38df9d6e5f5522c6b5f794cc86748f1d1536cc3ff922d56c154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33217
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8852 42 B
63 B 75ms
74ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C_ksUsrc-ZIADOsKBcPvU-DwrbH9CB712aseJIC3ReI1N7JIjO3s1sAe1FyzEsd55geIbqiImM1z0kl5Trua-Ft3p-5R9uhnoDWpl4YhAiiQtzZcI

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 8852 2 KB
1 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:07:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8852 119 KB
36 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 8852 15 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:53:18 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame 6308 55 KB
18 KB 102ms
102ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=24745814&cmp=27428741&plc=331181895&sid=4007930&aufilter1=1819931&prr=1&ppid=103&autt=1&auevent=ABAjH0g03n_TCDQOWvUQ1FtKzgNJ&c1=1819931&auorder=27335844&aucmp=16571935564&aucrtv=413140130&auxch=1&pltfrm=1&ausite=266259341223&turl=https://kolobok.ua/&aubndl=&dvregion=0&unit=300x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Encoding: gzip
Last-Modified: Tue, 08 Mar 2022 09:42:39 GMT
Server: Microsoft-IIS/10.0
ETag: "80d16fd9d032d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1769 640 B
316 B 55ms
53ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNWBOK4yp1n_QJnSZMbebv4rla9-E944fZ7423GnnBQpP1pD2D0BJSqe7qq7oOmw8Jjadard-FSuV10o5iCDT3Ml2xk9MMTWXakNNrhodZ44Kjn2VZ7ALKORKGT4tn08meA0pUH0uizGYYknnUIkpuC0NoqGioS3S2TTbBnUcy3aLn4dsxQ

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 27 Mar 2022 08:10:13 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1C92 77 KB
32 KB 96ms
95ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Blr9wa-VJC_8nBLVF8R_kbMAMGoWZBMCtSs0odPJzaEHa784UfV3F-6fczL8Z1Hgj2pWHJk-iHqryIhYv5v3x8m0SWkg&cry=1&dbm_d=AKAmf-BI2edbLQTyqba34Ul_C1mqs07BBwNDLE2g7euqBjK7QQRHelq9z--8plkPvpQe59H8x0nVOvrYT8Z_Nflw-kw88ne7_QdpA9ZmY5or2p7_Wd9RSigwSLd8Me8E43aZux4owAEpXS3S4n9v3w3kUy7alZGWvhhN0vVrYXTdsfyV2qSYsn49O8tuz8AZ5B7htbCD136kMg_yd-kFwYEQcqnjj8_unPgt8s33BwgLAdOO2nrcfrnInCk879yqOwgvgNVmqx_AFCHPaFiEv3zGWzmg1EuO_shDLneqQgycvAFMtfz-hRIFf2xM2ckrqR3SdfBAg07xP1HaPA6R5MWXDtKngnuBzQJ4w0ErAqbsKvrbwtFcXl2qaIY6RtXaVIvj4xXVtBy-hebhqLpncZBLfkRX5OLvKiL1rEiDt_MBSbYNqZxoJ2J7rqs_B0qf66yNnefeX_l5lekMnsMkwupZi12dC1n5KpCkbO9skCZfQr9UUYbshAHKRzuoc8gvOHOo_jCgUI_1xHZwOEDJ233naWQaxESvK-MKLRmISIOdHJwsKUZD_kkFugsTZ1X0PHk0j3_35eMpGxYAH5Al7v51alSQV_SQzMbYdkLBciHSlTjGU5jmqXP45lSTO1wEF9Q4o5yV2dVP3bNHp-EOUCAEfz2VsxTTegW8G3NcddvLBQX62bIRE4U_bSgOqn48Wmo2iV5VqakgbyE5OpGvzrPgrPy2YRK6RW1nL5uFe06SCw3DXgA_UtYsrRCOyz8Isywsm7zpl7qdg4nBuTZaDaz1eukA6LR8QDgXgnNxmF3_gZJmV_f0S3wrLUKKRtD0_NKVk7ln1u0evg309FOm24QxqcmYL8z1m-1W-2P3nCC_hvYXO586SBwK5j5c3u_ywsVvwMXaEAyyzZ8a42RuqyDGnNko1C34qLomGAeJshtSbTwrUCav0Gw-Fsq5pSsGxejDxB-KBOznE0m8OJUxQ6Zv5bPD17k0PwNOEb0yYRmYFwGkvH_voO4UfXMVP3QsEExrDZbp2wkBxvYoflDo9c42luztZMmd6FAMwKnnblMJnVwSVBvLqe-GdydxAlltzcswz8Y5FgsM7efNakRHYXt0re-FtneNt8Kb0BFPvd6Jeak1jba6mnn6UkT1voo72vXR11Ze3LYA4gLNKh3_YXrD1OL7FiMvkjFx1hmNAqSHPad3RyFrGEG-P43pEy0HhmT0QKYwSvGd7OO_Gza4XyqTcupS0wJXD5gZhlHNjarTduyc1e0b8s5SdpnYSa-5wYzTMLEwECeh0Z6tOKgnUSkmo_hCE-jI4IosXWSfkB3wz9qwUdYm3vtaogmWQZmd9MzgHLE9oGawxEiKr0-QHbUwkEMJacjURHYCysw3hGz1hOZOd7dgGhzpt6rQBbhsX3yxx0Oi3gzwgd0w-zbodAlgkq9kclJvYfVnnYosBtPebI2h0QSI6OsYeRkYoN7chDby_I0TNTN2a9MzHzgUuJjAdl7W-vvfdZdUUXIVHe7EoO3TOlvn3Dz-Wm678My3mHMKIBV1iMr42XlmMtjA42rc1Cof8JeBztjLRUjTv7BLWmFT4NiHtsB6OfriJ8j4XPLNuWnKTXxMXRoSdN4VF1jdXWvU7Ra1Suf9geM-tALYCxJescdFTMMSvj6Fm443Eu1HucQbel7nFiyI4Dc-nNxo1JB5Rck38_xwvk9r0Sramdis_nX6If_scdCZYSpR44ToryT_ssciScoDx3zw9Ar8nZKzkZaaLJpI6_SOaAWbJRHEmyxsqx2--OfXfDv3Rs9T4zrgw1VPIoDaT5qgW-ixCzQlhP879nBr3gx1jH2Q-1qSsTfgrwIf_qsvumoEKSKDlreY5zyRClcQ7EYav7C1sgeLV3dDcRY4R5dXeLG_w_O7-sPx21nKHqlZAPvd8iyZY9UE3bdqAZUkYVvm8VXYrsPH6KcJC9Ifd8TSSXPrHHygM1KBn-7f8I0MArPfXARZViw7Ni4U0UXAyql64KdLz3KAjCoxT_Qw5oPnrvcGfOUWHTWBiSELcbFIXx1hrSI9BKLCyvArI8j1dnkzLseC0Zmc_FjheUsHVH1EPk78kpFJ48LyCLrnuxObQQyJu8ywGpcrGh3FJEB_fhKJD0rCcWre6q-jXL1lnVSwTscXRsvbbZizdZGu-N3nVgb5zhfuAhHAMHcjte6pKzmDRLTCaVaZIybvGzEaUoD65kDic2tU5fd9-z3jkRq1L1GMvBKFCditLRR--giabCK7M_OTMswNhOfWXRvkoyFM7qzPrLtja3MzqbVjnVNj6rn7x3phxeQzo_f3mIbF8eILwjtjoczHyRM1qFo4g3eyY5X-avJsZv8F12_sl6BVfixY4qQQf8paToGRBRzfmqCOqRhfL7dewStUDsz0t5DMwryxGHI_2XjRZ3W7YuBS1h5F8647_BFVNuJ7pq6gH6lIT16MZ4MedVkv_51XbXxQbmxhr7Ms95iBh5xaCf5VtTWDlxxtsYdg4yB1j1JQQDYqfsvnqCvN37gWcvbeUURcstJHwM8TTURDwshlXjtnOJZFHNIrKQ_jszvZWgyIH7JQFp5YwUt6RWO08V6niWVWjLDgz_O_xTI21ljY6YX2aKjhBMx6mJxiKrHdMUEGgUDxyvdE7Mgcw81dUlq4bm4-NhCJ06O1P9BggPpU0Kw8QPuBQ4XmxNfiEey-wLyEDIfjEAgnYXGI5WTLIP3454_f4XkmEjD7UKMmydL2BFxB_BIC_R_9XPynVDDEXIT-b3kMBawzQlNGnagoRSvN-vNxJ2DXPep44X5-QkEa607Er9_z-kUt_mCcUj_yFLYN8eZ14v0wpB1e0FPjok7I63thus5yk2YXdH_G9oPlftRpH1_i5jY96tVqd3eVXPsvYM6w9G4fAk0k6XrKqwcRPu1zVeUkSzHFLWTQWR6vgDH8_VxA-vEPujzl1XvCepqOXssX6DDok8T9vxli74hzCspttW1kY3A3UHS9RPS8oTClBM5xiDiWIcRGszvomEaUjGTeij2WKSNHexdzQjoqvdoG7D6MWMLTEPHTiAEDS72rOp28uak2ZeVFBI_mO8s5DjnKGgXk51nwFXSN_a6bZmxHhJEyiyWP6f2bkOX0N_JZbwyPvFNOrWzBK8HzopxBiYkpkCb8kHdh4L9-YMpYSueTOTqp70ANdmqXupE&cid=CAASJORopfwWyx5g9N-pBRxtP1s307GsA9H13nVKzwOY9vXhfY8rkQ&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

946efb98e262f69b3a0eb02cc57a7637ecfae2803362b909dbb2649cc8a4d8fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C92 42 B
63 B 78ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B5wfurrc5YoAjb_yokpVurg-G4Gs4ZBkdxBhTipSmQ81_9X-xd58xSPkSONKGB3LEacfgrPWabir3cEeXwUaOREcMN6jPrY0KgqE-SRef09MfYK-I

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 1C92 2 KB
1 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:07:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C92 119 KB
36 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 1C92 15 KB
6 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:53:18 GMT

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame B308 35 KB
14 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 16:25:45 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E1FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1

43 B
892 B

65ms
65ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNUCId0jY56oHXRPip4QiNoRr5OVs0aWAzWax4-7-FB19Y2JVjF-WZmLP2Sc6R9G1WG879a4cWt4yhRN4TIwd26pd3bUgbQ1jT_udgLgKoWaS2aAVJVMqwBf4hp38PPpWF94yjC5NMH4s6qQn-yua9l7YkZem-ibt8DNNHyZY1QT1BimdZg
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame E1FE
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkAb5eUgGbJu2pwUtXIAggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1

43 B
892 B

99ms
99ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNUCId0jY56oHXRPip4QiNoRr5OVs0aWAzWax4-7-FB19Y2JVjF-WZmLP2Sc6R9G1WG879a4cWt4yhRN4TIwd26pd3bUgbQ1jT_udgLgKoWaS2aAVJVMqwBf4hp38PPpWF94yjC5NMH4s6qQn-yua9l7YkZem-ibt8DNNHyZY1QT1BimdZg
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame E1FE
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPsp5Z8Beu7GJ5ZTpVDz6SU&google_cver=1

43 B
1020 B

87ms
70ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPsp5Z8Beu7GJ5ZTpVDz6SU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNUCId0jY56oHXRPip4QiNoRr5OVs0aWAzWax4-7-FB19Y2JVjF-WZmLP2Sc6R9G1WG879a4cWt4yhRN4TIwd26pd3bUgbQ1jT_udgLgKoWaS2aAVJVMqwBf4hp38PPpWF94yjC5NMH4s6qQn-yua9l7YkZem-ibt8DNNHyZY1QT1BimdZg

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 24cf0af5-5f88-4e9e-82d0-112de27481a8
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPsp5Z8Beu7GJ5ZTpVDz6SU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E1FE
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ff9c5bec-7967-4ef0-b29d-d3bfb2a96f99
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B58E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1

43 B
892 B

64ms
64ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNUtkxmjxEvqTP2dj40TiE_RydnTZZQ6WNaFEIQ-Ane9WZpLGrAVQMqGnNpwMxCHHSdZYCW1Hl3Sd-fHQSNE-hohgAKqALtTVBB6vRBiC3-g1PCyHAoQIrn5E9yYcYo5mCvusIHb9QBWwPUshsiaLxgpkDD6XH7ggdfKuRTwNjRQX0rtvEDMgRk-KJjuQxK6RrKUR9_u
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B58E
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkAb5eUgGbJu2pwUtXIAggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1

43 B
892 B

72ms
71ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNUtkxmjxEvqTP2dj40TiE_RydnTZZQ6WNaFEIQ-Ane9WZpLGrAVQMqGnNpwMxCHHSdZYCW1Hl3Sd-fHQSNE-hohgAKqALtTVBB6vRBiC3-g1PCyHAoQIrn5E9yYcYo5mCvusIHb9QBWwPUshsiaLxgpkDD6XH7ggdfKuRTwNjRQX0rtvEDMgRk-KJjuQxK6RrKUR9_u
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:13 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArRNsnNT45PGHq8Ij_BlKw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B58E
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPsp5Z8Beu7GJ5ZTpVDz6SU&google_cver=1

43 B
1020 B

52ms
52ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPsp5Z8Beu7GJ5ZTpVDz6SU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNUtkxmjxEvqTP2dj40TiE_RydnTZZQ6WNaFEIQ-Ane9WZpLGrAVQMqGnNpwMxCHHSdZYCW1Hl3Sd-fHQSNE-hohgAKqALtTVBB6vRBiC3-g1PCyHAoQIrn5E9yYcYo5mCvusIHb9QBWwPUshsiaLxgpkDD6XH7ggdfKuRTwNjRQX0rtvEDMgRk-KJjuQxK6RrKUR9_u

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: b7405b2d-be3f-40d8-a610-b2b68494d060
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPsp5Z8Beu7GJ5ZTpVDz6SU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B58E
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 54f7dd12-fccc-4a3a-99bb-b92d3f090ba4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 1769
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELqSakgVKp3PYYaQd3hD_uE&google_cver=1

43 B
114 B

37ms
37ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELqSakgVKp3PYYaQd3hD_uE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNWBOK4yp1n_QJnSZMbebv4rla9-E944fZ7423GnnBQpP1pD2D0BJSqe7qq7oOmw8Jjadard-FSuV10o5iCDT3Ml2xk9MMTWXakNNrhodZ44Kjn2VZ7ALKORKGT4tn08meA0pUH0uizGYYknnUIkpuC0NoqGioS3S2TTbBnUcy3aLn4dsxQ
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
via: 1.1 google
server: OXGW/17.2.1
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESELqSakgVKp3PYYaQd3hD_uE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 1769 43 B
305 B 113ms
42ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNWBOK4yp1n_QJnSZMbebv4rla9-E944fZ7423GnnBQpP1pD2D0BJSqe7qq7oOmw8Jjadard-FSuV10o5iCDT3Ml2xk9MMTWXakNNrhodZ44Kjn2VZ7ALKORKGT4tn08meA0pUH0uizGYYknnUIkpuC0NoqGioS3S2TTbBnUcy3aLn4dsxQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.2.1 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
server: OXGW/17.2.1
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 1769
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEOyw9DUtZ4rA_3fs0u5PP-Q&google_cver=1

23 B
172 B

147ms
67ms

Image
image/gif

104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEOyw9DUtZ4rA_3fs0u5PP-Q&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNWBOK4yp1n_QJnSZMbebv4rla9-E944fZ7423GnnBQpP1pD2D0BJSqe7qq7oOmw8Jjadard-FSuV10o5iCDT3Ml2xk9MMTWXakNNrhodZ44Kjn2VZ7ALKORKGT4tn08meA0pUH0uizGYYknnUIkpuC0NoqGioS3S2TTbBnUcy3aLn4dsxQ
Protocol: H2
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 27 Mar 2022 08:10:13 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEOyw9DUtZ4rA_3fs0u5PP-Q&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 1769 23 B
172 B 227ms
70ms Image
image/gif 104.89.28.165
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNWBOK4yp1n_QJnSZMbebv4rla9-E944fZ7423GnnBQpP1pD2D0BJSqe7qq7oOmw8Jjadard-FSuV10o5iCDT3Ml2xk9MMTWXakNNrhodZ44Kjn2VZ7ALKORKGT4tn08meA0pUH0uizGYYknnUIkpuC0NoqGioS3S2TTbBnUcy3aLn4dsxQ
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.89.28.165 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-28-165.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 27 Mar 2022 08:10:13 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 43ms
43ms Image
text/plain 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=d064867f-940f-4efe-bb4f-c03ea7d2f330

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 27 Mar 2022 08:10:13 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1530 106 KB
38 KB 134ms
42ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
Origin: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 14:41:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 1530 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DbeSaBT5ctFY31q0GSw4H2Q41JqutTZq5LPE79d-hS8yEq44wk-T0-Yvn0hyMJ98cT6q4MBsGmfrs0wTPA0UP0Vvv8_g&cry=1&dbm_d=AKAmf-AeCxzGfmNlsYC2zfQwHmLFFkqFxcTv9GbcKQrp1OlZ8b3nuJc3ciY8TqEuReBfTZ_BscYDVBtDe7OSieIJ6w0Jd8wKOpS8qtU7xBqxenHr_NKw2yAOFQ_y0XVMjHg8CC5jHzj2a1jeqsSzrGxqYV1UdCnUWboeqnqIIXw1qI9v4f5R0sEQLKk2AQduBeD5S0EFaKbQdwmaocZARAF0WLXeJiC2k7C7M2Y6a9qnJm6N6h0O66cIhjGcsUOA9L23tFVFjfuDaAgK4ZoNT_fWNOnnXJNPEHkWeRyJ2ihXlfgoAC7tHUvWZgBICRUEhxyY5Zq-AWvt0RwIop4R46Hgcdw8OvqBTZHr_XjxhmknhAuspxR4VubvhC-VZOCheq_7wAyIVkYS4xYK2nNS6_NWMnApkVBsOJ42J2_60ZpH9br7lsGGd4GbgLdMvN-YZacqDExyGi5oZSvULHV5shq746E8EgM_sMtUrDg1UUhCTtM1_6fl4Q749BFqqecUVd8EBL-yEEKttYMunfkcjAQp58OfOPng5zaBucNnBnxsI8tXSMqlAchOeZSrJNtJBs2fq3NgEe5becLhxwlGc3lbh3f8iEmJOis1qffMW9jB-giBAnou35lAZIRK6IhryotJXGzWRTyYsJDWGfv7E-7I6f2ynoTnIPk858PP7nM1jHCSK4yWwxr_rhTJz8v5hm2JjyWAHurFgQNOE7h_s3gMOEiPSrE9IfszmIBl8GSJw75fojRpo_3TJWFGp39XAXB-mvTxhAqdFwUGB6Mh4lMty1dRMAyRfE1oIiu2_vdjw8n3R6ul07grp5i4uGxw0hIaAc8fBuj1YRofKIegNZtvISYlcs70tqL-WjZyrgVC_rxaXVCW2bDT-3QvBPrMXDHQgWXoJfYQHfBA2UwM6QCK1lCOvq9Fbmq6lCnv3x-ieqNQT8ysmNkGA-5mDOmC1itmwsDXCVFadrqGAgHSQTMB-NSYTtDZccqj-yeeuvyS086PdnBty2dHJl3O063OLhwyOu8hpufKLkukxDI-Ti0obIP1kZy-7Uuw2m-8nb581MTcvUboCKdXnIWwu69bsPfzxX9ojPY7DGQ9KT7IR2j-iKKuYRmhp_pxHtxGbp_PfJun-cPYG8Hmu9qro4cpAPxjtZYNjWWfvAJW547b6NMf4w7bKOkPwn9wfi8Vlxtd6bw6lGXwm0odKAfymTgF4OfEk0qm7LDqRkfArjce2GDQvCotbh3BXZ_ztXPk3MR8jS2Pu2La_yUPZMoca2YbkfVFBxGOjYiW03D6vh-_ApANsUMrP9gyvvy6wpzuVjytUW9sE07aJPN8J-dIRdozBOWUSuydJ2_ChOTzaEsFVPCM6k9vNLb9N1RDizR7eUuCueXhpkJ-SuT8TzRutpI6UYjt7-UqOkIK4VpUDEDcsSK9sbHU05vTUx11_nwJDJwmwCryZcNuASNPJzl-PUgJTrBszixZJQuZK5N3dNJzqzHdcjNOICjniMN8liduksqSB-K3p3sy-NkLEqTvfNxyNZXl6WpcAylO6O06wClMpQkYWUlFvD75L5kqX3tJ9v3gUV9BYyp2K-Dk9mV4zVe5ENbWe0h1Ku-mjuA4kmVxNC4f45-yiHLLKzNo_Yj2URO_6MQDhOOWT50e779fDWwg3xs7mLcka0HxvYTGZDzdXFL3TWjmWKO2FCtJHBzqm_sHKpemamf3afiEYWYCbDvnG4o5jnjJcU7s6glP4Hbgwple2KlvNCuZpmqwbtjspBHNelVmJQMZWs1hjySwg5TMZ8ck5cZFu4jnLDlZXhKRkCZ4WR4danAXPy-YTiCV5GixxzwOn4GwYTtTv-ae2fkCdcflZoHYE3lI7mlv7LbuYWcxIrJjJrTBo2VBp_WfG-qJPM-0-rKRywGzV-ir1PWXENJaGQxYNJr3IfHipqwVyAfr1CJCktyXX7zg8i3FfmA2p7qDcUwNnUE8m3hjhwwIEaY56t8P3hjxmayDSKkNKuJsluBaPB2SIhjkjxhDl13FXQxi0HBV2rP2IdHneawiqz3xQspgeqPhVDBSD22dPGjQNmH9FfXIwdYuTB_GXINQU5PpD0fEy9QbJmTmzHwpAjHj3SjuAkfajWvuqqWgipVwR9KU-vE4IGeqdbBVmvUkQaLAGKpbhVO_EWYFG4kasCGEUKWYKGOLekKBm5QiyRH8_SaRPKTgBF6wIAlsUKYlOi7WQuEU72yZbulpQpSBAi_QlmhdIwelCefdXbsVyr53YviGzZnvKN2AbcIw5uddiqVllLb9JI3i2B0v908KxeWYN-QIomQXAs8Ub1-K8MxjzdIc0KK9dvihZ5QaQof1c0LYg9C76WYhBHk4TJWoNNx-P-1I86AlRlwrPN2bmtBclmSUV3VjDLi1iCg8CATlI1JfJkrhKNm3C4yr_N5Ip22hGIqqiZlc63XfHDILrKV80eCUYz2X2ZWRsGKv25fnlF3V_vjj7nsBdwYnT1hBjt8Rxo99ZYdGT53pkUTL8rhVmsxczoAIMXc92iPIvGAFdpQpYHj0L_G9CxYNMofYr9OFiDntnLt6NDcpc9HuPs9iSOW3QZGONomcCIHwW9iKQaQcz5Iwcl5ggMxZMtpsHKDTsyomJe81uZG0e6P7CA71MjoU5LNsljc9tZiux4KnWU_ICcxgIluRGKoem-yWXZ5m625r5gYoRy2SNmWOsoqmThR5quEaazRRPOvfbdqpczKAuA1D5_-bSBtc-P-TOW1YzBkJ2tetQt-i4yIFtxJ65jD1SH7lkimUMiOmUwqwOlqQVyk3mSOz911Rg8SuApgp8XfnBdXoZVi7oWRnyNh-jyi-h4X3VuFjLjw2nmoG8bOPsliSUhG8AXDbPKtBSRfEI0YDhPyU6YB10UgKkTzjSuXWPkq9OePnPdC4ke73a5n32T0VVLZbf5gVJ13Fa2_vTUoNeKFem8XUs6EMWy-ssjjTatEWk9yFYQV-jKgA8pfihBOB8RFxcsvo2IvK2oHemrmYB8T2f4ptRRHvyzWe3HpOnGrfLH39YI0CLEZRxeW_xo60ftUaytfL6RqPl1q7xdb0JcfZD4PdahpSRkQL5dHWraePFfALGsA_CnWMB0hCwt0m52GrY-fjQsyMh50fuPIWaiy0XCRNx0XPovBYN7wcZn8hDXfBAl6gTfrO85eEcECtLS4&cid=CAASJORoW56dbH9CKmw_W7Y0xFYsWTtyxAvRqkVM1Kh1ZlMi172tHg&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 1530 25 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:09:48 GMT

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 6308 1 KB
899 B 166ms
48ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_30208707451&jsTagObjCallback=__tagObject_callback_30208707451&num=6&ctx=24745814&cmp=27428741&plc=331181895&sid=4007930&advid=&adsrv=&unit=300x250&isdvvid=&uid=30208707451&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.20&dvpx_strhd=0.20&brid=3&brver=99&bridua=3&dup=null&ppid=103&auevent=ABAjH0g03n_TCDQOWvUQ1FtKzgNJ&aucmp=16571935564&aucrtv=413140130&auorder=27335844&ausite=266259341223&auxch=1&pltfrm=1&aufilter1=1819931&autt=1&c1=1819931&turl=https://kolobok.ua/&srcurlD=1&ssl=1&refD=2&htmlmsging=1&prr=1&aUrlD=0&m1=13&noc=4&fcifrms=30&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6EU2%26C%3Dl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tau&dvp_exetime=4.60&aubndl=&callbackName=__verify_callback_30208707451
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: f91f44f311f0df06bbb32e4dd21a014c313dc2ffe886fd4a444b5b4b211b5e76

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 0
Connection: keep-alive
Expires: 03/26/2022 08:10:13

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1C92 106 KB
37 KB 175ms
119ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
Origin: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 14:41:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 1C92 8 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Blr9wa-VJC_8nBLVF8R_kbMAMGoWZBMCtSs0odPJzaEHa784UfV3F-6fczL8Z1Hgj2pWHJk-iHqryIhYv5v3x8m0SWkg&cry=1&dbm_d=AKAmf-BI2edbLQTyqba34Ul_C1mqs07BBwNDLE2g7euqBjK7QQRHelq9z--8plkPvpQe59H8x0nVOvrYT8Z_Nflw-kw88ne7_QdpA9ZmY5or2p7_Wd9RSigwSLd8Me8E43aZux4owAEpXS3S4n9v3w3kUy7alZGWvhhN0vVrYXTdsfyV2qSYsn49O8tuz8AZ5B7htbCD136kMg_yd-kFwYEQcqnjj8_unPgt8s33BwgLAdOO2nrcfrnInCk879yqOwgvgNVmqx_AFCHPaFiEv3zGWzmg1EuO_shDLneqQgycvAFMtfz-hRIFf2xM2ckrqR3SdfBAg07xP1HaPA6R5MWXDtKngnuBzQJ4w0ErAqbsKvrbwtFcXl2qaIY6RtXaVIvj4xXVtBy-hebhqLpncZBLfkRX5OLvKiL1rEiDt_MBSbYNqZxoJ2J7rqs_B0qf66yNnefeX_l5lekMnsMkwupZi12dC1n5KpCkbO9skCZfQr9UUYbshAHKRzuoc8gvOHOo_jCgUI_1xHZwOEDJ233naWQaxESvK-MKLRmISIOdHJwsKUZD_kkFugsTZ1X0PHk0j3_35eMpGxYAH5Al7v51alSQV_SQzMbYdkLBciHSlTjGU5jmqXP45lSTO1wEF9Q4o5yV2dVP3bNHp-EOUCAEfz2VsxTTegW8G3NcddvLBQX62bIRE4U_bSgOqn48Wmo2iV5VqakgbyE5OpGvzrPgrPy2YRK6RW1nL5uFe06SCw3DXgA_UtYsrRCOyz8Isywsm7zpl7qdg4nBuTZaDaz1eukA6LR8QDgXgnNxmF3_gZJmV_f0S3wrLUKKRtD0_NKVk7ln1u0evg309FOm24QxqcmYL8z1m-1W-2P3nCC_hvYXO586SBwK5j5c3u_ywsVvwMXaEAyyzZ8a42RuqyDGnNko1C34qLomGAeJshtSbTwrUCav0Gw-Fsq5pSsGxejDxB-KBOznE0m8OJUxQ6Zv5bPD17k0PwNOEb0yYRmYFwGkvH_voO4UfXMVP3QsEExrDZbp2wkBxvYoflDo9c42luztZMmd6FAMwKnnblMJnVwSVBvLqe-GdydxAlltzcswz8Y5FgsM7efNakRHYXt0re-FtneNt8Kb0BFPvd6Jeak1jba6mnn6UkT1voo72vXR11Ze3LYA4gLNKh3_YXrD1OL7FiMvkjFx1hmNAqSHPad3RyFrGEG-P43pEy0HhmT0QKYwSvGd7OO_Gza4XyqTcupS0wJXD5gZhlHNjarTduyc1e0b8s5SdpnYSa-5wYzTMLEwECeh0Z6tOKgnUSkmo_hCE-jI4IosXWSfkB3wz9qwUdYm3vtaogmWQZmd9MzgHLE9oGawxEiKr0-QHbUwkEMJacjURHYCysw3hGz1hOZOd7dgGhzpt6rQBbhsX3yxx0Oi3gzwgd0w-zbodAlgkq9kclJvYfVnnYosBtPebI2h0QSI6OsYeRkYoN7chDby_I0TNTN2a9MzHzgUuJjAdl7W-vvfdZdUUXIVHe7EoO3TOlvn3Dz-Wm678My3mHMKIBV1iMr42XlmMtjA42rc1Cof8JeBztjLRUjTv7BLWmFT4NiHtsB6OfriJ8j4XPLNuWnKTXxMXRoSdN4VF1jdXWvU7Ra1Suf9geM-tALYCxJescdFTMMSvj6Fm443Eu1HucQbel7nFiyI4Dc-nNxo1JB5Rck38_xwvk9r0Sramdis_nX6If_scdCZYSpR44ToryT_ssciScoDx3zw9Ar8nZKzkZaaLJpI6_SOaAWbJRHEmyxsqx2--OfXfDv3Rs9T4zrgw1VPIoDaT5qgW-ixCzQlhP879nBr3gx1jH2Q-1qSsTfgrwIf_qsvumoEKSKDlreY5zyRClcQ7EYav7C1sgeLV3dDcRY4R5dXeLG_w_O7-sPx21nKHqlZAPvd8iyZY9UE3bdqAZUkYVvm8VXYrsPH6KcJC9Ifd8TSSXPrHHygM1KBn-7f8I0MArPfXARZViw7Ni4U0UXAyql64KdLz3KAjCoxT_Qw5oPnrvcGfOUWHTWBiSELcbFIXx1hrSI9BKLCyvArI8j1dnkzLseC0Zmc_FjheUsHVH1EPk78kpFJ48LyCLrnuxObQQyJu8ywGpcrGh3FJEB_fhKJD0rCcWre6q-jXL1lnVSwTscXRsvbbZizdZGu-N3nVgb5zhfuAhHAMHcjte6pKzmDRLTCaVaZIybvGzEaUoD65kDic2tU5fd9-z3jkRq1L1GMvBKFCditLRR--giabCK7M_OTMswNhOfWXRvkoyFM7qzPrLtja3MzqbVjnVNj6rn7x3phxeQzo_f3mIbF8eILwjtjoczHyRM1qFo4g3eyY5X-avJsZv8F12_sl6BVfixY4qQQf8paToGRBRzfmqCOqRhfL7dewStUDsz0t5DMwryxGHI_2XjRZ3W7YuBS1h5F8647_BFVNuJ7pq6gH6lIT16MZ4MedVkv_51XbXxQbmxhr7Ms95iBh5xaCf5VtTWDlxxtsYdg4yB1j1JQQDYqfsvnqCvN37gWcvbeUURcstJHwM8TTURDwshlXjtnOJZFHNIrKQ_jszvZWgyIH7JQFp5YwUt6RWO08V6niWVWjLDgz_O_xTI21ljY6YX2aKjhBMx6mJxiKrHdMUEGgUDxyvdE7Mgcw81dUlq4bm4-NhCJ06O1P9BggPpU0Kw8QPuBQ4XmxNfiEey-wLyEDIfjEAgnYXGI5WTLIP3454_f4XkmEjD7UKMmydL2BFxB_BIC_R_9XPynVDDEXIT-b3kMBawzQlNGnagoRSvN-vNxJ2DXPep44X5-QkEa607Er9_z-kUt_mCcUj_yFLYN8eZ14v0wpB1e0FPjok7I63thus5yk2YXdH_G9oPlftRpH1_i5jY96tVqd3eVXPsvYM6w9G4fAk0k6XrKqwcRPu1zVeUkSzHFLWTQWR6vgDH8_VxA-vEPujzl1XvCepqOXssX6DDok8T9vxli74hzCspttW1kY3A3UHS9RPS8oTClBM5xiDiWIcRGszvomEaUjGTeij2WKSNHexdzQjoqvdoG7D6MWMLTEPHTiAEDS72rOp28uak2ZeVFBI_mO8s5DjnKGgXk51nwFXSN_a6bZmxHhJEyiyWP6f2bkOX0N_JZbwyPvFNOrWzBK8HzopxBiYkpkCb8kHdh4L9-YMpYSueTOTqp70ANdmqXupE&cid=CAASJORopfwWyx5g9N-pBRxtP1s307GsA9H13nVKzwOY9vXhfY8rkQ&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 1C92 25 KB
9 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:09:48 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5077 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVqMh5BtAYvjVK4j3gQeigJm4BgAAAAA4AeAEAg&bg=!JiWlJWHNAAbzJazn0yU7ACkAdvg8WhxNPVQOSPDkMIf0LMdU0I2XDQdkw7koY_osorc2M_TVo1zPtwIAAACaUgAAAAJoAQeZAw9dO6IxjTOqAv6vivyfaC0cAZ7WocFvFvprUFg2QpMwg9hz0ivQBzS_yOFdG66yOFSbqn4xd9jOI851xqcVaU04rPKn05xlTCswrvD3V94WpFUvhgHDAcuSWeYfSIM8lz_An1bYmMBcMje9tyNiuh-pOdRe8nqRphzQvE7stnvTcWyZQpgjIGywFqU7otQzn-K-M1PSTxB0MF1VR5wTRlHdxv6RZmYkoE4ItBXTAPtJl2mG2N8Lo6ze_IzIFGrM8ToCyfYARZKTE8Rnsv4bHJB5tDbZGNtixHLY8yiQ_LnpnaPnxofK21h6UeF_Q8kqOHbavry-DwweZGY36XMo4shSF0qmDP2zdn0WUIbnIZ5L86ShnOeEq9wJpr_kIRvkMHSTcAHkzPZQO5OIMYo30x9VWs9HToTNbGZ-65CwanK8tI8Og_RM1KF9-0sZc0Z-4k927_76Els95r2G30a8JJLaFa7xkHYL1GpHUDzviFUVrRBpkBFsLzMZWbFUIHwxHfSvcltE8UyVR98EOVSov4EMBp4vQBXf3l_U5pWctOcgFVRBXDjPqYn0_twJYNDORimhjX9RgfjW-bEkrgF2LWb_sA1Fpn5A9Egfi40GPUriIR-Nt4uwWCVSVcbVgm0ReUYW8rpqC6J8rzZII3pZlrjXDaY0Bx6NXZErSMdkCMCHoGGiVNEQJeR1VrcsGrA6m_mdOwdNgsxsHNE7yUkQKa_xYPGHAE-oqoeEMdY_7AciUvtQuOkfgtzcA6DdlzpNQf7t_qeglVqmEmajOUoBF3FNlMA2pVlHAa9OpOgSJ7nwx9B7P5TLxeTAzbnkPBGNJoAmvaUGgre_7eghYMmRpGToZjtwg0YBDOsCQZQqphx-nCrQYYQ_ZPhLLPbTJ3Q7-vqT4eG9v5Q8APkzvlPK0EVhGRLkCHkXUUcjRh9yJx2_atYpJ6uclfPup63FWaNVtYRO2--Fu2OIiS6H9ZZYkKv002fOjIighPO8ZhB4qD4KefeapxqbkA3FiGnC3Eu3euhxBxXYT_2fdyrXG2xxtqE

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8852 106 KB
37 KB 127ms
91ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
Origin: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 14:41:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 8852 8 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BPrCvHCrPMpffzrnPPcK8pLgH9R9TC7eGWSnXD6PiTf6CKMu3jPZK3HSVUGkpyQgMzRyifti4JSeO_AFAduICdIhkVjQ&cry=1&dbm_d=AKAmf-AlNkKEEzKHDcVvK0U4ovkAGJ0w8PwYl4gTvSQcoCaKo-1AMd0yqMyP2y0fUsBonMcCfX_MSbTYZARxI__f1w6z-c4TMe76hSZN3tsTptf7oYvwLeABlj-n9PRofdWmOrb1lBzMC4etKbHcUhe4LVEnDyPePfdWEgA7GRX8hYGc9TnuBUd6iD2eL4W0Qtbm-etHJFdF1frRDzbUFg2HiIXcrcJLAm1188T5w-X8jwE50wiQil2e_D5S-JSVFfvN9HpzUQzWDMQJfTtQguw5uInWMLcBd8kz3p9W4szidl_g85-_SH2tE8ZTctAYJIZXwoC7pUn-NuVcbL8pHH5dIEnPR44u58f5fIicZLHFtIpZpPeY58AKidOguIxyuYhEu4NFrEWujHNRNg9gs7_8IPXlUFoEt7Bgt4gB46tNbC8l5f2guKuY_fXv-SKvGDYWhsIJfItLKUiq_Cfu5V2LmyScQqoBjbjI-9yb8ba-FTXThXEct434Bp9rJMdCv6ugwm-sNnrG_jlpF7C3qLDW7ug0pInCdZmpI-1sMMkSS8wLxI9i_lR1HPbCHSkwobxqVxynfIqUhI2sZT_fBbQb7D3CCYImMgRL3MlN4J9-PWjDwuBSVt6wyjkdZ8cbAY58-9xFT0gjZNUHMcG9vGqamfYJvDlgeQfHJa6n7PECmy2rSdrbdTbtqersclRYWPxJlayES9CHYtXwNfnvZX7ZQbiJ5LDlaTNki6nJCtLrL-6JVUaXrT_ZbLb4uWxwmodWlqLeyJ9wRBUzO68D4IgA51ZImMKjlsD3d06RdpbhyH3hYf1Qwc7n3B10CAle8d5uL7ZJVX70wU8mRiCSNwGl0ma1UX8Pnj7XvAhArKfn2-NvkcshO2eGxuGfNZyM9VJOl5T1a8DzOvLnq5qEp_sfJz4mHM4icBEe12MADBRw2hREeTANEmWIY07KnFdXNBxVvCluESZsroE92aTOtlEeh6GocZJ_yvssXe1GE6J7b8WRPHjS7yNuH-dWWEDEJ0YkM4broI2j6kswXZUzvyLTGJVh1jvUI9zrtZDRAGutqjRQ1gnF8_PxGfHu1OapsxS67dTak214NwGLeSr6-uyZcypaV_-7jJQCQ6RBfQaf8zmR0TBpCMnlT8BWgph7H9do2hp-tm2Oy7soA8bsB_IKSXAX91qUBWY9r7cnEt2hzelmKtFeddHXZyv4LGRLz_8Fb98eZHBFY0TbuiIsvMxRTHr7EING49BvQCjc3JWD3E5E2aegkhM-MeVySLEMIRSZpG_SOdMG36AwDv_ZKK3bNWBe_EmdJ6zbmgSKWZyzSqLfWePcXVX694-sRNURi8FYhwKkGiVribI2lmhdlLxyGLpl4QvTnRikuDlF_Oa5fnof5DieMGE0-XHosIBpYD310XRB_Nx-PrOE5_I3CHbuqdr5LRSlAm3l0A-f5CrZyH0oJ817p6dJMzj4tDz0HxX1QsUkT0B4zx2WrsI4uDH6otG8hwMYuTIv5rsv4_dVjKIZsww5LGLx5zqYhsstVWdi5RKq8Dk-GxWYGngz03BtBC1S5p1glhNGNkNyIgMiO7u5RrytiJyIKCuGCxXZNwgL7KzG1b87Msu5GoT-W15Ku4O6bCIET1mb7DEEf8NzWh7hQiR21Ra1Y6cd-QPh1M9VfoXVxD921olG6qMFarrcYjwGGvpDfwuI9aGYT14oZlA0CTITRYfad3f1U1yqcVRnj0GPqY6gX00UZYQEF-IzZZ8W-8Fhbra8fsV5sdMH8GZKaseKP2l5FKc_u0EBGMdzfU0S82Ab4jc1PGqRXXCX1PIZ6UIeZPtLCux3Op-Ui9TpPPDK3WFeBiTTKWfeN3BklM6faMBT_s-tFdtA6u5uUEeXZWSHmFQyYB-cRzD5fSstY6VYLXBwoo3DDeO1otnzHgiBjwh7FySfLt5lcFxGdT-zPnPXnaQK32yQ7nDs2TX0fP_IqNff3iEKnHsvAce5aCIegF98awwapp3PRosvb5Ykg0nQYeDry-yHfCv11QlQVIFukaMJyTIV1T-3no3YULQ_Y7otgYMu4EFCuDuRTMLyuDjgCeawoLdBDfBs4558mauOQKcEfHwtc-rUT_UwbJxY0I2XKVZySIOvAkzrs7LOGT4xYp-_3ugZgK9rKnLsQ5hg-2RmgtZaWfMvcl8rbsIiNj4YCWbMx6TILdmZm57kMjQgVIABwXQ9v37ITEMyiO7YApDZsFCneGKJGSDOWx6BGtml2AKCXj7ncbKXpzTE6kqYRdY5qFUdmd1rlOCBY6H4sPl7JBZudqpHYQEpcPD9ii4D-3UwFc6ZGkhngoE7bnLds2ADEzvGbgEVMphzJmujqRhsS2nZCs425AJBjVSzM2wnSiU8GHh95vm9eNmiLEiZsuWyzWL5SRJ5EbGBo6qTNGSFs3BJu84SnxW6RofKIEdWO0CHsNH15Ur12NWrINeXjBK5RqkY1VVY4PvZ8REpLvEKelkRXzQzC08aESyVH_Nq5DeBQmgXAYXSACCwwOsYz5Pg09njlPjZVmehNvDO7aUu06zp-p3QfK81zV-d1_lWaOposy6q900yDqPiqVMxUjbEvAVWKJgMl12MgpDRo671U3GgRmTLPALP0E2MyFsqizg9mm4XcIDuEnXUctR58xqYOCCGNRAV4rNT6osSSHvEC_WFg0NYwTUhIZQKqddxhCuq3DLDzeFN9HJBiXm0lyrOcNAoIxi7P4PYTjK_uHnDQqOLQ2X1r7SgKHOrSihqVFZHlZ55mAQJTOyM_f7KWWJ_Argt9UUyddp0GBsEf5aiNSpTLXmsRU1lzRGLuJ-lZnqJ4HQpNiN89Tq1fKbuRPiDD7OpAKn6lSFhLKVhTVBp-uhDy4IKyK4WrLsgVbLEgks8_3JBINLlhJ1EmuKBC3I3r-XPkvzOhw48NlaIHu7KofYLm7RhO4Siz9LVIv0t8A4wS71qtuTqXAZQ5B-2kzkLHqpMOwkGnsSRcMgHS3X8ghu6H6_c9jVJkbgSU3hanJCD7ry_WvaM7YbAl0Pdy7HR3mppjZRUOmj5wGUcDnhmId3kUeO6LEltFYPlzsOMYNydgA5GK6trR60AufBIZJA-qcuh9LfzDuWrbXN5UjzjEjf4NlsEZIu6EJ0ywTuDt_1V0C7CizBLojPPJ-efJl9xpNkuwiMWag95uUdAn1o&cid=CAASJORo3NDQlLw_c4QRBhjz8DWfc3dQDj7urPC5c-mgiMif4Mt05A&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 8852 25 KB
9 KB 49ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:09:48 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1530 41 KB
15 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:34:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 4B5F 1 KB
749 B 43ms
43ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 27 Mar 2022 05:53:44 GMT
expires: Mon, 28 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 8189
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1530 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 941d21b6ccf928a989894c123411135c280e8210814b2c39f360230df35e579d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C92 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:34:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 77DC 1 KB
749 B 42ms
42ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 27 Mar 2022 05:53:44 GMT
expires: Mon, 28 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 8189
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 1C92 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1fd6a60f60db7dc56313a73032b3dbd202cae9d42d438f607a17f254d30dc22

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK index.html Show response
cdn.flashtalking.com/142462/3451578/ Frame 0587 11 KB
4 KB 54ms
54ms Document
text/html 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142462/3451578/index.html
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/633/6331247/3451578/js/j-6331247-3451578.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 3af0dcf4f6579a3cae027db5f5e63ab5510cb021cbe53d866733b4dde6671d65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Access-Control-Max-Age: 3000
Last-Modified: Thu, 13 May 2021 15:41:37 GMT
Content-Type: text/html
ETag: W/"0144cd8d794da4865e1608f6fcbe7057"
X-Varnish: 6558909
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 27 Mar 2022 08:30:13 GMT
Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Length: 3499
Connection: keep-alive
Server: Flashtalking (AKA)

GET
H2 200 moatad.js Show response
z.moatads.com/allresponsemediaglobalftdisplay739160694092/ Frame 7010 299 KB
102 KB 44ms
44ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/allresponsemediaglobalftdisplay739160694092/moatad.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/xre/633/6331247/3451578/js/j-6331247-3451578.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 99469201e9dbf15a407c751143dd1bf1b6fdc491b0dc8539cabb69b0034bd48b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
last-modified: Thu, 24 Mar 2022 16:00:56 GMT
server: AmazonS3
x-amz-request-id: Y9D614X6BRH3Q8Z5
etag: "d5387431e231129a58e6af4cac5b94f9"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=51567
accept-ranges: bytes
content-length: 103540
x-amz-id-2: tpsT3UzOQJgIKjp3gabNX1NobhpaxtPbUxeR96RaW66ov/08tMtX5G3m6qgwwulx3pu4VO5Yi48=

GET
DATA 200
OK truncated
/ Frame 7010 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D3D4 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 27 Mar 2022 05:53:44 GMT
expires: Mon, 28 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 8189
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8852 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:34:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C510 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 27 Mar 2022 05:53:44 GMT
expires: Mon, 28 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 8189
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6DCB 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 254145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7010 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f8ecaeb112fec914a7fbeb6222491558d8451b16b8ef9332b319814dbe44a6d2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 8852 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec45517194f802d898d0fa5f40abe8013b32188d22a3f232b65fbfd6280989f1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B5F
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHTHSedJGSXLCjtP_1r5JTs&google_push=AYg5qPKRvTA2seV0ojHMelBF3TRk1Ypfl9OaFmlfdolXui75OZQdFUY4p7...

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHTHSedJGSXLCjtP_1r5JTs&google_push=AYg5qPKRvTA2seV0ojHMelBF3TRk1Ypfl9OaFmlfdolXui75OZQdFUY4p7OcvNNUiEbTZf5dTv0GE8U3dtwJp2b5OnhlLw30mLg

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1648368614.531724,VS0,VE82
x-served-by: cache-lcy19269-LCY
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHTHSedJGSXLCjtP_1r5JTs&google_push=AYg5qPKRvTA2seV0ojHMelBF3TRk1Ypfl9OaFmlfdolXui75OZQdFUY4p7OcvNNUiEbTZf5dTv0GE8U3dtwJp2b5OnhlLw30mLg
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B5F
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEG8uvl3iA47WOUSK7jsknuU&google_cver=1&google_push=AYg5qPKWggh2VtYqvbcGkyH4Zja-LyfLhGm3eCtpQ9dIlUyxwq9IDK-1u3uM2IQsjVFD22SngZMvVdsIlEaa2ePGqQMFNHTS6w
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9867A749D0A94E6AB9778E8613BE5D75&google_push=AYg5qPKWggh2VtYqvbcGkyH4Zja-LyfLhGm3eCtpQ9dIlUyxwq9IDK-1u3uM2IQsjVFD22SngZMvVdsIlEaa2eP...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9867A749D0A94E6AB9778E8613BE5D75&google_push=AYg5qPKWggh2VtYqvbcGkyH4Zja-LyfLhGm3eCtpQ9dIlUyxwq9IDK-1u3uM2IQsjVFD22SngZMvVdsIlEaa2ePGqQMFNHTS6w

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9867A749D0A94E6AB9778E8613BE5D75&google_push=AYg5qPKWggh2VtYqvbcGkyH4Zja-LyfLhGm3eCtpQ9dIlUyxwq9IDK-1u3uM2IQsjVFD22SngZMvVdsIlEaa2ePGqQMFNHTS6w
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 26 Mar 2022 08:10:13 GMT

GET

pixel
cm.g.doubleclick.net/ Frame 4B5F
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEKB9dGVY9yJaLnLT4k__D4Y&google_cver=1&google_push=AYg5qPL_WeMPqSFSbxn1Bx-P3UcHlhhIwU535...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 4B5F
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESEE9fV-PDqgjV4XV_ADJSGxw&google_cver=1&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPInZwk5Zjcss2pW5Pu81KsCgpOOlpbPTzS2ade4UL4tkrU51NmqyVJzgxBUQHw34QxWHO-9VqG8Ktm9k4te9Tox_4f9SVw

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4B5F
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPJ9JfMiUWY-1NoNnyha0BeNIrOhlEIK1kJMBgeLsfcc90JzxWzcLpBL2zqEyWJidMNY0jcMZ7AGH0l3LebUmjffx8jSBuo&redir=https%3A%2F%2Fcm.g.double...
https://sync.targeting.unrulymedia.com/csync/RX-faeb276e-5851-4e25-bd80-12c1492102c6-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPJ9JfMiUWY-1NoNnyha0...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ9JfMiUWY-1NoNnyha0BeNIrOhlEIK1kJMBgeLsfcc90JzxWzcLpBL2zqEyWJidMNY0jcMZ7AGH0l3LebUmjffx8jSBuo&google_hm=A_rrJ25YUU4lvYASwUkhAsY

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ9JfMiUWY-1NoNnyha0BeNIrOhlEIK1kJMBgeLsfcc90JzxWzcLpBL2zqEyWJidMNY0jcMZ7AGH0l3LebUmjffx8jSBuo&google_hm=A_rrJ25YUU4lvYASwUkhAsY

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPJ9JfMiUWY-1NoNnyha0BeNIrOhlEIK1kJMBgeLsfcc90JzxWzcLpBL2zqEyWJidMNY0jcMZ7AGH0l3LebUmjffx8jSBuo&google_hm=A_rrJ25YUU4lvYASwUkhAsY
date: Sun, 27 Mar 2022 08:10:14 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RXfaeb276e58514e25bd8012c1492102c6003
content-type: text/html

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 4B5F 43 B
65 B 172ms
122ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEHUIm0Ne3EB4_xFMRm1DWp4&google_cver=1&google_push=AYg5qPJoI-OMU1T7Vh9zlfgMGjLX_vGQGNkt-hzfgHKELfEKptPd7PiKPcYFUvrddLlSOQwwj0jSLJHaEeQDqY57snvOyzfM1X_V

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 28 Mar 2022 08:10:13 GMT

GET
H2

204

/
onetag-sys.com/sync/i,19/ Frame 4B5F
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEE9fV-PDqgjV4XV_ADJSGxw&google_cver=1&google_push=AYg5qPLJDe2ShPrULWwB_zP5Ghdp-VcCZEjM2VIJD1nZf30ftsfJpeOIx9HW9AcIz2vtjxRlB5nu8_j6tfg...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AYg5qPLJDe2ShPrULWwB_zP5Ghdp-VcCZEjM2VIJD1nZf30ftsfJpeOIx9HW9AcIz2vtjxRlB5nu8_j6tfgUCoBkhT6NDSaXaho
https://onetag-sys.com/sync/i,19/?google_error=5

0
148 B

45ms
41ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/sync/i,19/?google_error=5

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-cache, no-transform
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/sync/i,19/?google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 245
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 4B5F 0
12 B 51ms
49ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I4RBfGKqEePOZ524fD5du6OiVJYQoiZlp-XG-A5YRVONxangOXKMcI_VNyOXgfEdL1DqMPlbo

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adj Show response
bid.g.doubleclick.net/xbbe/creative/ Frame 6308 70 KB
23 KB 172ms
77ms Script
text/javascript 74.125.133.156
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU0DIRlykIN7FvAh5himTVldiaqat_nBeaj56aCk7o2ctfp-A4&d=CnkAoCZ_4BNaEzPVAOgslk8FIWIsv6tVMc8tuaVH1sfyvdWiVORmzZiOc-ehMNjfgGAFp5o5OQpb2qhMH47D-WEfS1oc_uN0pby0TC6yWtP5f0qrTyeWZYfiWofHCEgQnnVHUmS6Czj3wlyPPluq30GU9j8KTLm69DjTEvkUAKAmf-BdylvOaUAVUH0qbqAgc3oIgyFa0nS360qdAQZPNb7-kqC1EQ4Br0dezyyRNHdX5VL8XN0JmaZDArWRWlbm5FjgCylwCpOL6RlWLYU_U-DxIJnPECI3N7eh9l5c4VFoItsXPxKN-V6QUNvlXa6hDgirBvxZOxBmCnHjqzF97o4a0mZPKnq99IVVKE_UHwlSqBDTjs9tIed3yDRKhgouXTbb_ArIufi7DGNrVNhJt_rbP2n6THAhd62HsiPow5PdL8Hx8KKWFgokpqHmo4oBfVjPGf-V0eITpepTnQUox2UsnggGLWFHvyIOLuEFpuw-NwJ2v2XSczJW4XSCDoyhw73ltjXaf3sa5hh5v9toilaAzPCk6fmsn8opp0cl-lZoC6Jexd7rbfQCcitJgmkgTZYG-p9d--ShiSoH2tssU00bO4rq71fqmz7ywxOoXdeQhV7R2864T64IbcQx9zDW8zYMfrfgW3qrUZktfRn9Xkx_vfSEITQK5tfLljKWTw0eOc8nt-Wu9Z3f-dWhRisVdkqkyqGomkqzHf8N1WiwJr1qLnIU0ifOG1Hr6RgPgq_nahPgOP_C0fDiWktlTHwxMaT3fDRhG7hVIfqyZbC7YBWAkywGpNjIYhQw6-sC23bWTHnnUxrnW1Xx1Cw0hNNdjIJ_aXCBv5lpJbk9V0fE0QciX-of-ZKEcD1lpXl5-jD1S53mtohUXdTt_WGAaUXi0aegBsgxA1A0_Z7eiqgTHalDeilTLdfd57zLFFXiR_dxEvPaCS8J29YsQoPGnoLsdqyfFsQI0KM3ueLbJuCenCLwmaK0AiFGeh-hAnFT2Xn6zhns4XaH0_a0Aaqe6unUgMu6ggsl_ZChqVBZzU59Ta0jh2734-o9sjxMifKFtNrIoFStRRnFtUraGn6ELa1OnmvVUzSBzgM2WtVBF7SBXNTPHvAmbCrSLnktrgJrMKcahx0cW0zQy7-sOnA9He3ik57PThrN5Q9NWWh5dZg9qAYwrykdhfVq1W0X0GNHU1Cr1oYem00JFQp_SIy5cYRwdh4F-MGf65cbyco6z2tQVuu924OBacnb5h-V_VdEJUdgXTNKqKU-RJ2qxlGmv5JrLvfXaAL4znSnqX9wENVeGj4-PGLDXKatZZ1NFiXGQQaqmfHT1ry6JyLg5Gvw28kJydbNf3O1OX1OLqlCTOjklFWqxrDZCg7gvJpKydMIhNC9PVLU7gGQM99n1cqv6TXY3GtjL9aU2ARyFvBnn__QQgcB03T4lQ5cGaOXxkjXAHWf56ZPx0SVzp-KodcXbXCwE1OGDsOkKEuaypjg9VBilDHKIOOeEFEMbjhjcMIirtqjewEUHZlOmq68zhOibJy53mJTYUmdWanfQOr_8WzV4hmHkFIlqYOhr5fMJLvigJtTxkejvUKCgMqxkqo7GmVym8tQpPe0YcNNcb7SKDdLsKtIO1S8jJnA1TXJKAc5n5UXQVQk_Z1FNzouWf_VACEPCl4Zpfwg_SsUVwelvx1M6qJzdhE7D1svPsEGGB-N6O1_0Ni1svpFqfBm9iLQc94-4FpwdppUlECxdgr17jAW-fvhNGw2QYn_VMgbYy5hsO8xfuX69QIwPdxeNhDS0uTJ3lJfZjSGvXb4qWSkaoi8v487vSI89WbWyy6oXgKmVdUtzLpb3mDoDQfK4bfYqfnOMoV1TavGkR59ENmWTXNJ-KUAAg2OsFxbKP-hmI-dV7GwYZPZzbISJMcrJUoNS4qEA8m2CwqFWtjttAm7QBEPCCwT3b8gREAhlbD8hEUJCXihdsVyyLROlAa65lcaJQqpQm44ebcPz-ru7CyE-6Dph-YhSs4YvFTsn7XoQhOC2Sa-3u8M59s6hFJN25IzSKMC1YOvpYzOoqNgRTn0p_S9n8KW7SvLqVgh6siMtUROUt6c6Mo62Woo-5l7va4LR9NYIDp2r1PeK_kK1me7foprUdAwePeNrx4JeAlzu9KcNMVszy_DiuduwyrSH5oe9JAZtJvYMlSwbPAAU8pjzr5BSlmrUnUAu6hKUtpYZpQaEmG1SaAcjrF00G69Fm1PiVUqQuWNSHd80ctmq1iFcnMsS9uRcqF_habsxHNNaQbBviO81tkzust0VCpEhO8grsC4CCz-oaiDwe90qsJ94f5dfi0ak0x6IlWK3ND8cuH1fiQ87yN3prrGE1lMVCcMVqYUa0ora5Jaq120Yl1X2Fhe5X-EcX_K6uj1LaSQTKo7ggCB3AbmTRSbpErAS8jh9If9AyEnLgYEQG3m74zkmmKZSKDs01zLIR6fbKw_cKJKeVpvhzhcjDOW59ePLonG6APs5cUOBrT4s097Odffp39jshFMrHFGiLW0pN886nu1_q-jBNtvVst4hyaInQNxzx787zU1hZlAb3pom-tUCodVEJAFEekWz_8yHPNHtt8IkQ0sAAEQVMWXpo0-htiuq35UUCAhmBxC24NxyfvOfQAGSMlpQjnWbTZ-6fq1__ucxifrusQd5AUc_MIZHkhoLR3u5uzWsKepcBjqT4yzjFp7sBYPyJuO0Zw23H0_W_K8y6Xk0FNUxwzIdq1YFlO4LBj7c13nW0hYNpoJcAqqXPXjXdrrrJGBbR7poI8PdOk6RipQPVyTk04WJbEJgTQJY-D4daM0e07G_9Btx2dcO-B69hEPrK8TjaGYjTgIQe24GJE5e49oA5NQkQXObnm2oUPAIyGoGbEBFgRCMeVw3sHWy02XlQ21raNhHxSHjZARVT3N6nW9mnK3Fk6h6XnT6TW31d1jOr3P_2HLYRBAcwilDbSrxNWKHasZ1plMUDUQLJEz5Tnu2sbQHEUJ8FHT2apcaKwwmXnHNHVoRAhvg3z09jvRindHTB0-XwgwUJuZKNYt8msYBohjribVL1AQ76vANC_3sas0M5evDrfUdGj1vcVNZL6A7_56Z6HTsw2KSrpTOWmrUVrfqaCAWmN4esplAc3w7TNr2XAHS2mdwPeYq8pDMDwIrE7XZducZBeq5c0A9KSXSihwCJNAkeeBDLX2Pq4L_hdprCknwKUnsSCjyMJdP-M348hvKnM4YMDvVp2iDFF56CwMKzl_iotQNuh-mdRcf6RM6L_hnuwl-hVeff17aXhyj3Ykq-9of3N8PwQmBP71WlyMi6ixAVEXc8wcZF_GlqLQduWo7LdSZ1nsGc6MJdIQYne64E0SlRhRyaHXIUaQluFVryCuGrsXNY8_l08RNOvK563Lm05rShxMFIvXSncNZ2tHsf_cvXS9eYXdn28yKISk-oZ6O3_GMmHNJKwg37QMAhh0U3VIMS_Elx3K_yO-qseHWU-6oqgV1YDq5zDtr7bKARcYViSk9CHCmKi4cOzAR6Lv4Yzq0E-eZyTmtF3sGWKq5EThGPLDiEpZOfkMbcVTNwid7jQqcAit_CyaERwOocnYe4SsW6dl3opJbn33IL6CFxq4lv6OLFqXVgnB0hPLfnyhbmhf2SVrgImTiyQmuzI7sPg0EnqZJ8o2B8dQDOoNmIqRMbTVRcxJYMdSHz78X8hyby8Xb3u5aNEyxi6fkPdld2te13b9rigTjADDbNIaKAgAEiTkaGaG8Pu79N0r4qVr6r_aWoxuKX779SETd_Etc_xMFzXfLqZgAQ

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.156 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f156.1e100.net

Software

cafe /

Resource Hash

9c5caf6cac0fa7947900cc5d0b613a7d4d6b8a439f18c1092ff1b714c877c1aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23113
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3B17 22 KB
8 KB 42ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 254145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK createjs-2015.11.26.min.js Show response
cdn.flashtalking.com/frameworks/js/createjs/ Frame 0587 186 KB
49 KB 69ms
69ms Script
text/javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/frameworks/js/createjs/createjs-2015.11.26.min.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142462/3451578/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142462/3451578/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Encoding: gzip
Last-Modified: Fri, 26 Feb 2016 19:43:04 GMT
Server: Flashtalking (AKA)
ETag: W/"54e1c3722102182bb133912ad4442e19"
Vary: Accept-Encoding
X-Varnish: 399127846 393952857
Cache-Control: max-age=83597
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 28 Mar 2022 07:23:30 GMT

GET
H/1.1 200
OK index.js Show response
cdn.flashtalking.com/142462/3451578/ Frame 0587 41 KB
11 KB 151ms
61ms Script
application/x-javascript 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.flashtalking.com/142462/3451578/index.js
Requested by: Host: cdn.flashtalking.com
URL: https://cdn.flashtalking.com/142462/3451578/index.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 356391da29e1b000abb2ea0f15899858224f2e00af15b33b1d48bf019963b446

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142462/3451578/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Length: 10286
Last-Modified: Thu, 13 May 2021 15:41:37 GMT
Server: Flashtalking (AKA)
ETag: W/"15363a037c41e70e190a968435945bf6"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 94200948
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Accept-Ranges: bytes
Content-Type: application/x-javascript
Expires: Sun, 27 Mar 2022 08:30:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BA1C 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220323&jk=3914727801430701&bg=!uLulu__NAAbzJazn0yU7ACkAdvg8WmvFCmCyb0aNi-SQMKH7wjuiE2pdOOoesy2hIxiuoyDMvBmcFQIAAADWUgAAAAFoAQcKAF5TD4VU-C_kLuN9PC3mvP7L4CocmWj3K6HfAId-ixbBSOR5Cs2loEtfTb41NwAsMmNx29leUeaQhtV94gxOOSymKAtFGbXjGNxAJ1heeHJu1fyCOx7pJ_Tu85Wsm2LsmQLtFEqS6k4b0gKM8DHWRe08uNsCc0mJCsHiAoOG5CVNo9jbOPiqQZbVEpwXNUEUiZ6xqCWSUG46TOVT0CiVWmXv85q2qFZ9P8ZlZreyPFqZWpad6K6ta4JtuZJc1nPtTqVcE_h-Ff_iyERrI-4ywx0H3zoC34xLVNF2neegwdnyp1JXjM5tQAckYDLKAws-924GKVoObmlnjaVaGPNx-IZDuSEg3PB1ntdD0FCokFVrzbELRl41aDNb8QBCp45sj91PmKleWtmtvvarBgGvFMhy8g2I9JiIJ3mtiMCt3Z9BICwaKl6lFEcHLw3nqsDTNeJLaYeFdUtUjdY6PzAYM-nnva9MRjeAr6gNk1L5KrhgvxwrBciaFvY7FGhbQp4O5VVVcC3mLv_tifJHTl6kUXNpUQczY8J34bdBwOmwxp5ZsGZSl9b-i9XJnJ7se58dQ2dSWyqreBgENCJ0wzOLN_q9rLhmwcA8F-bijujdqo7iGDiD1KOJX8eCv3r85UoMpTzHD0Rgn2YHxy5LQWMXi6kOmRZHNePd2ca8kK235ul6MjhFNy_4BEwBc0qxMBxRnsKzGpE7B6z-Wl0LzkzRJHMyrUMnTJioWieEOnBJdrFKWa58SpojG5C38qQisf58WETQtQVAWqtScJxnUfzp1bOQ2bqWsVdeTqYaFqpbGvU1rtJOHs3IQ5-6MrE22mme77gB8nxLJunzmrONj1tp5kkkpOHerhWEE_vtMHWz0dBDUdLy5p8KkbWRPvKm7bW8MzO3iGqkLt2tBaB4ZM4RgJorH2c7dOi6J5qKNdM-6WnKIbCQlCNPRUYV-InAzj2bGXDTiqdqf8hkXYygj8HT74wYGxu6ojTQngcN_OueakTjT6ap6Mr8nTUx_MCoWASdTEq7rvfVNX0a9tNAChfue5W2LZg5eVIKoNhamIAH9V7w4nOp9qWBR3suuOebSKx66XwPVvHRLLxGR6fv94134-dpMAwxT5vHQeqWsMe4jwg

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 85AD 0
20 B 78ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220323&jk=3894914922604689&bg=!_P-l_7vNAAbzJazn0yU7ACkAdvg8Wj-NFgUoHKI8QvcD9fYVcV1irNFceZC577kyeWdbax3E73B2mgIAAADVUgAAAAVoAQeZAuE-bzNJqT10foq0Dlc-1Pzqr3q0C2yFzijqiaWMsBav1OdGRm0paVjz2NC5fdN2O24GvcYlG8YUi_hb6daWqGYaoRmtC1nR5aO2GyqIL3_8DlsbngwtYVfgJfQ2KX-DtZ1mguq7aIPjQ3Jog-ucBt6E-12AT1vuFVzBinIaQVOFhaj_kEMLmk5lQaHQMYY1ZT-CVGME7OiLv9Ufg7S75xtYyxlkxxIFwxssfIUTVPTrzZsezGGIxWEh_FsKmrPnm-Va6GMukFkzjXZjsueFxfjD2gJs_7BzEVOnFCrh00OZ9hJux1E0Tl6I07e70m-GbEMU3X2NqggYSuvlUrMP1DDk-8P5_WH6n10nQ8UL_bfoB70h1eNljMf_hoCrwUGjw_QjesAjpi-ygq0q3Gr11nOJrTor7uFRB8WcVXEd3vm2y4I2ZBCHc730GiWBQA_nG5lfSoXU3y8SV0Z0bZbVUp_ffZxuoA_qwvKeS7kAAcbaBTsDdIaLEMukcC2aj8kCBacFKJGNgbumwKTPsowldC6HeL7U8mk7okUiooFTi94VJbUX7xFmxpMEOGZy_sLkimT9NjeGlEA_zL9BkFSiGimid39nsZsKFOu8rysWt26AhcGl7tsD3-YNYyJSob4DBsGjMkI2Z_d4keKNTPWFys7PV9cmc321t-HDrfzVXhW-OOT-9pmG0tVC0jes5RKV4gulmJZZ2aapEgJ45H8tUjyaBNiGjeof9v-X2pO9oGCle6W4enKS8LqXMgBhSCpLdyhp6IqXHN-SsYtTKp88fxp7rovIIwEPJquwfEly7XPQdj5zN5paErebL_xVtMavfhZZzq4Fa9i8oQbEDHYU8TPZAQlJ1UYG6WDRFogmlDutykKQO-GphvNluZs61GhdPy-odR0FWRRYWjVOCMiVFOpmHm8jz6VVdfuYInbOpRO8-qvaamm5kbanlnoqYuiQw-VLqbVznCjTWJw_Lj0ZGQdOLw

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17137914016371007003/ Frame E484 124 KB
30 KB 42ms
42ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14e3682452826a69718b0db8dd9ab40bdd34792151733fc2339a62f44d3254f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 30971
date: Tue, 22 Mar 2022 10:25:35 GMT
expires: Wed, 22 Mar 2023 10:25:35 GMT
cache-control: public, max-age=31536000
age: 423878
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1530 0
571 B 188ms
84ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuO14Dk80jLJI_vAtzL7XL7lH7qDDwpU0ghPdNLpT073bQxx3oCXezNBepARa--cdQ5XDngaHCklhmbBbjIfQHsUZvj83RsxvQtXkHBnrXSU6rN58AG_-9oMOezXScSTvqSk5UE3Mr3V7MTanBJZug1WXUCU7bMFSKohxO1nm9LD3KzI6FpQEgj1OdC46qIjibuJQLq3BcUEIdGLBJOArIoNKd72MW_dhGM5xBmDeSwMmTGWg5JIxYmxIdbTVavdwy2hmWsub6n4NYWI8M29rjqNlHJB86h1BRBWUXeTwLuw70ppVw1nGuYadhg6v-uvroqAsKAWD8vbYMZq_cwcrwuN8zl1g1LrMwmEO9neNRm8NyhtlVY7UgKfhsdJnGK9gK41ldbF7ULKTaAcZYw0peJI3GpMt-uLgw3_sHHnzgsFu88k0uLBpp3XisFKLHCbfUyw_i-3q4tBX61prnSTQNjiTcks9heHCTRUDbEyrB38vCyB_RMrcQGoBn3jWaGN-Ihhhi1td_WgEhk_XzezwWuYVqXhwNeymUifL60uyI56cHhtA9yvwwcXxoPwpW9YCfFxRXOWCd5kDiHkflXjPRXz93YIEfecsmGE2qoVtfN70lEN6OsKSXcq6lawjlEbRDsN8Vb4Ag85xvSDmARvChakAyZS6q0Vm7qvBXaCfkL8KD79QjnRBuugaQjQB7GKcLu6aGMXCsuX8dUO2gfJ22DJYjb6xXzvwblm5OjzkeAFP7K2RdfBnq_q_fueHNPbLoOOONE_PDAZcWFVNPcdWbg_tOSeuRR7w3PXrNI2ZUh0pohOrbJtm3ZxRlrYrTq-D35Av1U3mgxDGaNBHa1jrMXT4PhAxLTIG45-n_4Qj69B_OmWY23kbqAqq-w7-kuwahxqj-ElQeMLvNivnnmw9EEqfvMc9EvLKQy_W7TAPGt11TLCnMDJiRdEIFo1yPRi3UP8TqXmKgklRSGfxW0QXJAiz15qYx_4Zv-5wiaXsVjCj1yBDJDiwzFiO4jDm4ray4t1_JODDg27Z4t8xWZYOBHHqbn6_5A22HMaxcVSeATmdZCB9Rm7OiqCzbtNNk-RZYsNCiq6ZbeEjdGfBzo0lTxeN0xJYMfPvp8-sN7qX0ysrp5TIq7XphSBelNyNCcHfsM2dCxWZN5RhVhzsLYOysJH9sq5yLLWPKjGIvnykG16u1jljzfGuVjwXcdbN3FqJELFA&sai=AMfl-YT0RJBs60EHqhkCQCkx_m-0Mq6xSTGnLR2gFVp2KbcpUL32EwvE3nt0FCnInmIBSsS8pYhiolcuQpEgGZH5ABJv4WRDd0SE0AcNjYrBZTOHHZfYmILNbO5xCCsvlcnwDpU4oWISsR92krEU9GvPZDEQIHJHRi4tS7b9tgp3hXt62LVSvzOBx9ZUwqnvYBjZlJUbaB0eowRMvbNKFzanJQ&sig=Cg0ArKJSzCJ3-f-gFPeEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=280&cbvp=1&cstd=277&cisv=r20220323.52746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 27 Mar 2022 08:10:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 1F5F 124 KB
30 KB 57ms
57ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14e3682452826a69718b0db8dd9ab40bdd34792151733fc2339a62f44d3254f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 30971
date: Tue, 22 Mar 2022 10:25:35 GMT
expires: Wed, 22 Mar 2023 10:25:35 GMT
cache-control: public, max-age=31536000
age: 423878
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8852 0
61 B 183ms
85ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuI0F4wYk9bMiGV9m3KzZXA94Vc9Xkx0LVXwVJjQHBochilGOLJHK8TNOTgvYoUQuyHHYpHLCyYM2gKgHgcbMiYGD_QBbllwUOu0tNkQZLr0am4kZDLpxFQvwo5wh0OXnlLWZNmr8rd0Q2ojRYFsN0Nro29ShQOqNwRODrpucoW9VM27EcyZfDXqq6yOlzxaVofiuf1rkKG4AtHLDiObozKzj6tIuHtIRdR3au3gynF0lHnPsT9kzPY2ryeDdlr0JWqgLI9_XhXA-b5D0kWFVe5ZnvliTy9yPOxtSw7TYmx2BzEOODTysx29-PAchBXfJegkcvSehbT3NVlJwLJVNhvPkVchwPlolhMLXoDX8t_v_OUFKJyRqpcHwFxFv1nWdj3C0SiWhVTj68KXMYMDqLQLYveidNFHMUE0CKulDjA2qkgzhCHosx6sVhwA_3lGRl2TPuV4p4t0vcFw_2shLXUfiLH44Xq-GjWt1JlWs8Tra5j4OTvcMCpipn6Eq4cYMJ6VF_Z39t7wKmVVFMWmXmNLIGwMJBJCwZC669kiOqeEH45ylRQVIAjb_Wdh19Q5tYlEb5MLE2bwz-tJdYIf72YM6a-7gVWDPxzm0XcCKUOOxvrbMm28nyy7o8uLSdp176EjJy8m8Ra_XGkuxtFBsDq1BzBzuDQ146N0ckQ56KfcLPWUQnNQlfevkZ-bca2PLtuz2BovuRMJwFsbTtcrfygbe_uVg6_wLAqW_xCr69O2JjDB2mjgcwRun9v1m_ZaQYRbB_dBeXMBiYSfOxZ2Q2_E7CGxaf8H2Q1gjVvoUCX4KqITF8dUo01--Sz9iKqCH3OM3cEBL2s8i3olB4fMVjr5xqQrOgOOLV2dw9k7WOqlv2NIzz7HRjYhyLQ66UlXQh91RQjBZhXxLtjnSLpe8VgRWwrx-KG25M7L1XPcK7rqrPidM3osAsHvQ8wjoOctyZVmBzR9U2odpp8MWkSks_1n0bjjCHE73TMhXaTM8146VCy79M2cnflw3g3djPOeR145ZmvZVsXjQlNpu4YUHOioLMr72gCBvMZrXEoYCNqCC0P2pEFYseOoYIOzuN8gX5TTKhc-sYlb3TrQk9YCDqggjDeXKEdSyjb5FsyXt9-ZzAXExosFd5C4HQuhHjc0uNTrUrYRTRf065HHph7q2Y8qXESAhk93zGWGAn-S9MJb02ZmdAOzfcPLUgXRbQny1a7tw&sai=AMfl-YRxVWDMOxq9rGjPizJQ87S5V7QOVfIgRzNcRt4TMDhtWWBAtpCBxU-X8IZ3FiRCX-pM7yrUsJXyaASWL7Aeq1gmUs66gr4Ra0-EyxfW9pg631SQinuHrjHFIJqm1l2giiDXy9qv5q5duOBsFRfCqJMvVIVN8MLXjtxqJqfs0s8BXwmLbRjAGlzrJAeSJ1LtwIwM3LKMNJlI6-cIN4srOg&sig=Cg0ArKJSzJJjE4uqnRSEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=230&cbvp=1&cstd=228&cisv=r20220323.06979&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 27 Mar 2022 08:10:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 77DC 0
191 B 136ms
41ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIewAf2qyBz1Lq2kngqmwn4&google_cver=1&google_push=AYg5qPIWuIoMmYsCt99WwwXcniHFLUwVwL7zgJ6HeNSPBsTqCyEQggde8MfVV_hF9qLNs6AXi2iUzmge5abywWcEr_9GS6QPcRsq
Requested by: Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 77DC 0
173 B 114ms
41ms Image
text/plain 34.96.105.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEPePSxZy-Yju5aYZXL01Bsc&google_cver=1&google_push=AYg5qPKqAyqu07vTlcrTT4F0w9iIpfrKUlDvT-w2LkB_W8qUdSpha6b3Vxl8pPcwtacsS7qY6MKXNFjDzLFIu6bcnVV2gDXup9oK
Requested by: Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 77DC
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEE2R9e-pN477s4jwW8BF934&google_cver=1&google_push=AYg5qPIy-sDVpPMhbLFW2t65lZDWGsEde6ZWy_3ksCtWy-DVllJ9pPsYaINSFobGvHZvHhvRkxuXuiT3...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEE2R9e-pN477s4jwW8BF934&google_cver=1&google_push=AYg5qPIy-sDVpPMhbLFW2t65lZDWGsEde6ZWy_3ksCtWy-DVllJ9pPsYaINSFobGvHZvHhvRkxu...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgzNzQwNDQ4NjY5NTQzNDg2MQ&google_push=AYg5qPIy-sDVpPMhbLFW2t65lZDWGsEde6ZWy_3ksCtWy-DVllJ9pPsYaINSFobGvHZvHhvRkxuXui...

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgzNzQwNDQ4NjY5NTQzNDg2MQ&google_push=AYg5qPIy-sDVpPMhbLFW2t65lZDWGsEde6ZWy_3ksCtWy-DVllJ9pPsYaINSFobGvHZvHhvRkxuXuiT3I7DyXHUE2fpCKwsxBVIc

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=ODgzNzQwNDQ4NjY5NTQzNDg2MQ&google_push=AYg5qPIy-sDVpPMhbLFW2t65lZDWGsEde6ZWy_3ksCtWy-DVllJ9pPsYaINSFobGvHZvHhvRkxuXuiT3I7DyXHUE2fpCKwsxBVIc
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET

pixel
cm.g.doubleclick.net/ Frame 77DC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGAKtwUv8xzFbpVs-tb3CzQ&google_cver=1&google_push=AYg5qPJqv5hZAxyuBhuEWNu3wde6R1PEhGaxE...

0
0

GET

pixel
cm.g.doubleclick.net/ Frame 77DC
Redirect Chain

https://onetag-sys.com/sync/i,19/?google_gid=CAESECA30BtLuwmuh9JqcMK3aBI&google_cver=1&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_push=AYg5qPJSrvXIyKa1FqzQw66PvbUe3CPFDKjcNtYFY_yFtMtgkCFt2-UdImzcZg0dEbbN-vXOfW1OBVcBzGluDOBlIhTRdUE22tU

0
0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame 77DC 0
75 B 144ms
37ms Image
text/plain 185.86.137.107
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEBfgKEbwaEc9zi0xJJhuhqU&google_cver=1&google_push=AYg5qPLVuK93vZAX-SLiMsPnV6HtNUmQmBzobzyoFbGzlIgOxGwMjZSjXkCXiSCoTylrjtkGxboPA2Zz-t1aRRbOAmdi1LhrAto
Requested by: Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 77DC 0
12 B 50ms
49ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lsr2EMhdFnpC--ZEuwpDfjMENgdn4uCmGGDCyiGxgWywDOuB_Y25mQt5i3920cVQ

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 3510 124 KB
30 KB 66ms
66ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14e3682452826a69718b0db8dd9ab40bdd34792151733fc2339a62f44d3254f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 30971
date: Tue, 22 Mar 2022 10:25:35 GMT
expires: Wed, 22 Mar 2023 10:25:35 GMT
cache-control: public, max-age=31536000
age: 423878
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C92 0
61 B 179ms
88ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNyln1xrDDdOrXac9WdGN-cGCYtS8dAyp406oHXv4pIq_6EOubh-UPA2k3O26oSZLP98AOzKip_DGq_THKDHpeDuzrDEoiTcx4FhkW3USQNxDQqBva4BCwg_3jDkrX7V3mPFrKFzItwqyAhqQBZw4Nn83WzjOc4KuQ9HMaeR3xG-8S6s2F1vx9Ycp8FL3ofR7PaWjWrKx_DYkBR_twPJxRQHLDiT5wY9D9LEt5Kw4cyaqWkJZVdm0CMlW4_jpWmAHt6ZT7V3hxDK3O0DG6Uap-nCUihTQZotNrjSuM7YzIu960jUl1-_alJdfF4oJM3w_4GSGkv5Z7oTxKm-03YF-hNSJUYdrF3N1JW23dhD65cfhAiWHwY_oQfSPoIH67d8l3ICw33NY3ShqjLvTQN7kBiH0GBoJ0sEKH3RO_AOEWEYNJAC_8E0dhe7fhX3DdZBLPmoYGK6BSk5JBFy570bF-I865gWB5uPcPHExtjs20L4inVmGXPwMi2VFxBmi3WADTAoeg38jZchG2zyJSbgbokMkfvSd6DUxQXPHFMEqgfSiDjODGAUVmNXHztt4hxmdJRmUQ1Fh2m1-wWtONe4TOGHukUcek3xhrOXoF34VzQ_QSUU4WxEgcNJWrcPBbbhT_1lYR9-qVj6gOGaA2wky_gUlrh2gIEmUk-5geco_kvAg_Yu3zT9zWKseVwN7jLUKqXM_stubCjLz1xLqZMCZTYTd5alDyN2iCm4uVpC-FsAx5wxXhBsCMYUqyXqbrZUaYap30LtqI-suXM3aPa0Q-g6QgRiM2LNn7T6zPffd_jx14iiND2VFU3_UI3TK_1wwQm9ZDq_2LweRIGEptu70g0yHoYDhmvZkxPFnEyHirtdB9mCNSADmsHTAs32Efv9Gu_V7u01yGPIQD9kDqTlSWq06o8-asvlpJPCySYpGLbtsEB2SJueYOxpuQR3mgc4-zNMyUlar0Db0D7ufZq8MUVwO5tMj_eqov7FKTGsSRc1IS0Nxdz6IsbWCfPvqKYLRM6jFHM1xpWdJ5OUXbtQOhne6OP1uhcpVFQIxFk2Qx6oa8M5pHAK88q9QjlsooKo5gsiIJKWdCnulx0Y9KMUIiU04tnJbdnY-H6oCFNYxr-xyM-PVRMDnfDy7BZrfgk_s0EHVWx0EKiBjtgQ4cLg4IPd-Xn-pII7LCEgAHs6U2FIwNZX-NsMhDpxgbfDgwM-IsFQ&sai=AMfl-YTBaxWpE1nJTSwjgwJKk9ZsZz3SikOB8KGqP2jQNlnCsRK8lMqlvicP-0Y12ic3XMgOpJmy85YosdFZruSwuqeqB46rWwD_PmS1119Spsf_2Xk6jEJCQBPe-Khy16NKgWRLs42z1hTbOMOLd8uvSQnNdajEP5CwDqts_EhHSrlkquJFlqqV7U7J9M2wKioZGjCNuWfTp2iyLLx43O1dTg&sig=Cg0ArKJSzLNuKV9sNjKfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=257&cbvp=1&cstd=256&cisv=r20220323.56924&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 27 Mar 2022 08:10:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 89F3 22 KB
8 KB 43ms
43ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 254145
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B308 0
20 B 76ms
76ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bf-in5BtAYtKMOMuLlQeZvIKQAgAAAAA4AeAEAg&bg=!Z2SlZCDNAAbzJazn0yU7ACkAdvg8WnXS10mTGzu1LfV6oMh4W8xXIkhfuBjdVNXh5Ga6v-DVRO85wwIAAAENUgAAAAJoAQeZAxTXe-F3Ks9npSWvIoUCEZSVczCqU7LRAA1UBkAhml7Z-T-g3FkQea4LETCfhYv5ckB1u-nmexq2rU5sth9GJZ79dDyELVKwwx8p6VA-UuWx5az0S2ksSW51dn_KmHlmktOQJ_DdN3HHRczKd_kO-KF7ztAUpe1VmWUYJTNo0OxiohVOwA2pN2dYgboyjGyT4hDOKqmIQKXYUyK3qXwWTsON5SvdXiW_s1OEEULnDzW73z-bNNRiT-PNtFxnzUvDxecqpNyNDhhuh3VXkH8btBvhqyXpjMKAxkYnU2i4WN8rH6IFUpaauh-JzbJri4eByZv7hv8e8dSar6QiN-WfQkDanT21C20e-P6m8cQ1IHAcAufGuMj9gKok-l7q_dCWBOPQ2lWmPxsI2JtuVgE87SDar9F5hOr7AAaRjcTHWgewwZoaSYrYLE959i1vZl8Nc2FwyGl2J6B1LCRlOKqfoI5KavgbYLwXujw6K7vle4Qo0YGG8tUfgMnyPnZfL5GlGwcegv7Om_8UcQkRnoztnGIAL05dfOEUUOy4yz1mj7l1Itgd7cjpMRHJ70HjvpOh2Sxucxo2MxtImqsIfgwc5rinTIfodXyn4uT2BA2jnXbAvHl3AyYVz5ApurHM5O0j64fSD39fjdYUGPqPnJ8gAgGlkrc9sElhOPUruhyzLEsfUC6HS8TWvYUSu_yHTmqjtcZAAarimK0HLgmW355Up99dk0ovuN94aUECBh0wq8DexI8-QlGqdLtY__pVcHcXZGk5TBFq850wLveI_gcTD-k3ANKvExEXYViKNBByFwSODWIjPN-tEk07Q_pXqUtwgJMKNPJtOz2MG6ViF9njZqq7MOEdl0688o7Lg9Dj-0Yb9TRmQpc-Khfq0iNSnjDLqVfCphaLNz8xMZ_jRkWGHMWLongF2Q_32zK6H3vFdU17je3rqfOOMnqihwD1mveQ6FSiy4-kDp_lBDlu1ro6_ns-77h5F0piDSBwRd2ggBLOMeB27M7LV4DwHapVWOgbzl464lPfdPqU-n894TfympxCRTbrSQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D3D4 35 B
362 B 45ms
42ms Image
image/gif 2620:116:800d:21:8c6e:cf2c:8d6:9fb5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMIgZapKZyE2VDGyN6MYuqc&google_cver=1&google_push=AYg5qPKQJeYeNRFXf9cgm74BTeSU3pamYDLDxKev-LlRatdqGMExtzQhG4ZqLYSFQPnbfTgEjVuLai-y16cH66cvZb3XCO9HrFZf

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:8c6e:cf2c:8d6:9fb5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3D4
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPLHGXdy6ytdHzgCIyUf9gZ0Q5koReu6r6KabVj...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtBYjVRQUFBUFFvUnhIcQ&google_push=AYg5qPLHGXdy6ytdHzgCIyUf9gZ0Q5koReu6r6KabVjlTUsH1uMT9_npzsmtb2Mdefh7ro-aa2GUWkF9J2fUZxU8RRlkEf_a_InK

170 B
188 B

54ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtBYjVRQUFBUFFvUnhIcQ&google_push=AYg5qPLHGXdy6ytdHzgCIyUf9gZ0Q5koReu6r6KabVjlTUsH1uMT9_npzsmtb2Mdefh7ro-aa2GUWkF9J2fUZxU8RRlkEf_a_InK

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtBYjVRQUFBUFFvUnhIcQ&google_push=AYg5qPLHGXdy6ytdHzgCIyUf9gZ0Q5koReu6r6KabVjlTUsH1uMT9_npzsmtb2Mdefh7ro-aa2GUWkF9J2fUZxU8RRlkEf_a_InK
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3D4
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKDwt9U...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKDwt9U...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjcwODEwMTQwMDA2ODc3NTY5MTc3Mw%3D%3D&google_push=AYg5qPKDwt9UzfBjwpmXiZ8xYsCtBOQhFNjo7Kp0JBFW20RIN5vmg5Y1gmGMjIvDeZYFdZ...

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjcwODEwMTQwMDA2ODc3NTY5MTc3Mw%3D%3D&google_push=AYg5qPKDwt9UzfBjwpmXiZ8xYsCtBOQhFNjo7Kp0JBFW20RIN5vmg5Y1gmGMjIvDeZYFdZW57fRhZrOp2INgsVKt2lbkudVNazC4

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjcwODEwMTQwMDA2ODc3NTY5MTc3Mw%3D%3D&google_push=AYg5qPKDwt9UzfBjwpmXiZ8xYsCtBOQhFNjo7Kp0JBFW20RIN5vmg5Y1gmGMjIvDeZYFdZW57fRhZrOp2INgsVKt2lbkudVNazC4
pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 27 Mar 2022 08:10:14 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D3D4 43 B
350 B 108ms
39ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELwqYFv0ohTQkj9p-PIcY2c&google_cver=1&google_push=AYg5qPLdMUnZE3sL79zohpU4GBokGNMs0inYszPdMfOpEZdYWoM7jzxWLNEIAamBIpQCCHE4mblNf02tZLgkMjC4xFjsRRV7qCgl
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kv7i922g20dr003ft1s89l5pu8cqj4ec

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D3D4
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHAWFs3s9PDPviFMyIBDzB4&google_cver=1&google_push=AYg5qPLcYLtssgCzOy2luHTOk5sUqL4Wf35X7wXKLu5FukajzGkyIHk7-e1sHsyzotpkR5jEOl_...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyRVItWS0zR080&google_push=AYg5qPLcYLtssgCzOy2luHTOk5sUqL4Wf35X7wXKLu5FukajzGkyIHk7-e1sHsyzotpkR5jEOl_Q6B8LElXKHqBmeA5z2tToTXdS

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyRVItWS0zR080&google_push=AYg5qPLcYLtssgCzOy2luHTOk5sUqL4Wf35X7wXKLu5FukajzGkyIHk7-e1sHsyzotpkR5jEOl_Q6B8LElXKHqBmeA5z2tToTXdS

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyRVItWS0zR080&google_push=AYg5qPLcYLtssgCzOy2luHTOk5sUqL4Wf35X7wXKLu5FukajzGkyIHk7-e1sHsyzotpkR5jEOl_Q6B8LElXKHqBmeA5z2tToTXdS
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame D3D4
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFQZoxE04gh0T0iWz1Vl4wU&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPK9Cyix6205uMA4vMSdigKun10HhJCikygmndj2qIAHV65XBfkPpojN3nL1tlvIH1DP0Mi1...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame D3D4 43 B
296 B 184ms
36ms Image
image/gif 2a05:d01c:1d8:8100:8701:aae2:1118:ca9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEI2iBojiSIlClzixyqPate8&google_cver=1&google_push=AYg5qPKX-QSWecLCZa4TT9uHGySt3qJ1XngmljvapiMu-zINBR-ceS7VnhB2HMrnwEMtRwEHkR32bTl7jElrrVPCZZUh3TWuOZI
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:8701:aae2:1118:ca9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D3D4 0
12 B 50ms
49ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IMe0bNob9wXhkz8A4FV_5bCNHWObBT-V8-LVe4KnMTsXk_wqxx1k4z_t4TREtg6UaUZsEP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C510
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIJfQpFaI8LS6mSeY6cw2LFlz4xdp08jgZ7RO6...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtBYjVRQUFCVU5XdGp4Rw&google_push=AYg5qPIJfQpFaI8LS6mSeY6cw2LFlz4xdp08jgZ7RO6Qz25qjlS0je7RW8_3FZIAjljIHzCgwc7HfC-vriM_yAeyxLDX50hM6Wc8

170 B
188 B

55ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtBYjVRQUFCVU5XdGp4Rw&google_push=AYg5qPIJfQpFaI8LS6mSeY6cw2LFlz4xdp08jgZ7RO6Qz25qjlS0je7RW8_3FZIAjljIHzCgwc7HfC-vriM_yAeyxLDX50hM6Wc8

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWtBYjVRQUFCVU5XdGp4Rw&google_push=AYg5qPIJfQpFaI8LS6mSeY6cw2LFlz4xdp08jgZ7RO6Qz25qjlS0je7RW8_3FZIAjljIHzCgwc7HfC-vriM_yAeyxLDX50hM6Wc8
Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame C510
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEIcdm-UFFIuXr-OzSm_w9hA&google_cver=1&google_push=AYg5qPIy4s9fccNZ2OC2vR7-o2pXwCHhpbMVQhMwfS-PlyyfeiHNyKSM4KwZvSPWY4tMKtNe8AKmCVFRs0CrJfmh-vEj4Jg...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPIy4s9fccNZ2OC2vR7-o2pXwCHhpbMVQhMwfS-PlyyfeiHNyKSM4KwZvSPWY4tMKtNe8AKmCVFRs0CrJfmh-vEj4JgB7I-I&google_hm=NTgxNjAwMjM...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
811 B

151ms
38ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C510
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEGvBXHuRISXioBH4ZgsC7sY&google_cver=1&google_push=AYg5qPLctz1yBuE0Op52SVjkQBgs7xcfJvY1Hh-QcmJhe6_yubMwxA3xW70DZiEd2_GAsLSpBa9P1n7kNk30Df5Wbilwj_4zqzjs
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F1C2ABDA63DF4BD286AEABCD9B624C8A&google_push=AYg5qPLctz1yBuE0Op52SVjkQBgs7xcfJvY1Hh-QcmJhe6_yubMwxA3xW70DZiEd2_GAsLSpBa9P1n7kNk30Df5...

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F1C2ABDA63DF4BD286AEABCD9B624C8A&google_push=AYg5qPLctz1yBuE0Op52SVjkQBgs7xcfJvY1Hh-QcmJhe6_yubMwxA3xW70DZiEd2_GAsLSpBa9P1n7kNk30Df5Wbilwj_4zqzjs

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F1C2ABDA63DF4BD286AEABCD9B624C8A&google_push=AYg5qPLctz1yBuE0Op52SVjkQBgs7xcfJvY1Hh-QcmJhe6_yubMwxA3xW70DZiEd2_GAsLSpBa9P1n7kNk30Df5Wbilwj_4zqzjs
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sat, 26 Mar 2022 08:10:13 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C510
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESENJevbwJDHHhLoCPg9lHylQ&google_cver=1&google_push=AYg5qPJkdWsns63f1RcwEr_iyjKObRlysLbw4OQslBXJ5eqBuN0WcQcn2f31WEG3SrjRmaM-ecALkiJJY_D...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJkdWsns63f1RcwEr_iyjKObRlysLbw4OQslBXJ5eqBuN0WcQcn2f31WEG3SrjRmaM-ecALkiJJY_DnxjbiVABknPgqFXwm&google_hm=zyn6eMjRRpC3__x5mUBlEmQ

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJkdWsns63f1RcwEr_iyjKObRlysLbw4OQslBXJ5eqBuN0WcQcn2f31WEG3SrjRmaM-ecALkiJJY_DnxjbiVABknPgqFXwm&google_hm=zyn6eMjRRpC3__x5mUBlEmQ

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AYg5qPJkdWsns63f1RcwEr_iyjKObRlysLbw4OQslBXJ5eqBuN0WcQcn2f31WEG3SrjRmaM-ecALkiJJY_DnxjbiVABknPgqFXwm&google_hm=zyn6eMjRRpC3__x5mUBlEmQ
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET

pixel
cm.g.doubleclick.net/ Frame C510
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_gid=CAESEGGtzg053u3bikP8ETNqSpE&google_push=AYg5qPJlOcTakh9qIF-oytaxAxokNdsWM3tatVCEtrQTV-EXHsQ...

0
0

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame C510 0
75 B 126ms
37ms Image
text/plain 185.86.137.107
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEExfNRxawhCnsXdylGVEL7E&google_cver=1&google_push=AYg5qPJARaPHzVkxNr-OU2t1gbbsdZGDzz1T3Zx-D5iDxre6jdoxivmf0VD5CULMx-MY_tvGuZRodPCcPUxumjEBwTPgKlgygfEs
Requested by: Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C510 0
12 B 50ms
49ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JnxcY1h1JH3TFn4GW0df4q2E8sAv39oyWHaxE1pVpZHRyJu0vUEmFPzH2v87tdSw

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6DCB 35 KB
14 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 16:25:45 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7010 43 B
260 B 54ms
46ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648368613533&de=986263132296&m=0&ar=9f397fe3151-clean&iw=5b1803a&q=2&cb=0&ym=0&cu=1648368613533&ll=2&lm=2&ln=1&em=0&en=0&d=18966%3A170420%3A6331247%3A3451578&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=0&ii=6&bo=18330&bd=kolobok.ua&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&gw=allresponsemediaglobalftdisplay739160694092&fd=1&ac=1&it=500&ti=0&ih=1&pe=0%3A612%3A612%3A0%3A1249&fs=197724&na=1163561805&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 container.html Show response
5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 81E0 6 KB
3 KB 41ms
40ms Document
text/html 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022031601.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Mar 2022 08:10:12 GMT
expires: Mon, 27 Mar 2023 08:10:12 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 54ms
54ms Image
text/html 185.180.220.208
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=TU0rWFkzVllCTmdQWkM3VE93QTh3MHU4cTh2K1dXNS92SVFVcURZUUR6a0JOTXI0RVZxOXNCcmg3WlhYa0VCdVZXbE41aWNGNUIrVGFRc3AxM3hSS21QWlVHRlV6ZnJIcmRBM1FjckxqNWJBWEQ4a3pBdWZCTjIvbHNpNlNXZ2pnbDd3a2g2MHcrQW82TDFjVVljRDdveVhTMjJGMUFSMTV0aGhNenpmSFd5eFdpNlRqbEhCMW5wVmJlZUsxSnFxa3IrdklVWExncGNBenR0Y2R6K0c0b0s2czZkak5lQVJDK0xnb29yZnBFQzA3MWpjY3N5RkJZVTMrSUdFMUJLeA%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.180.220.208 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: customer.worldstream.nl
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK consumer-privacy-logo.png
secure.flashtalking.com/oba/icon/ Frame 7010 6 KB
6 KB 198ms
46ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.flashtalking.com/oba/icon/consumer-privacy-logo.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 49b19f7f2d3d0fc9d2270cd1ebd79d468ca86cf308f33b063595863e3f392e98

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Last-Modified: Thu, 11 Feb 2021 15:39:51 GMT
Server: Flashtalking (AKA)
ETag: W/"d675694ab4d4d2eb56cca854c25d9c36"
X-Varnish: 124288944
Cache-Control: max-age=639
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 5953
Expires: Sun, 27 Mar 2022 08:20:52 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E484 63 KB
25 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 customease_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame E484 7 KB
4 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/customease_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1F5F 63 KB
25 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 customease_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 1F5F 7 KB
4 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/customease_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3510 63 KB
25 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 customease_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 3510 7 KB
4 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/customease_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3B17 35 KB
14 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 16:25:45 GMT

GET
H3 200 pic1.jpg
s0.2mdn.net/sadbundle/17137914016371007003/ Frame E484 14 KB
14 KB 48ms
48ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/pic1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:35 GMT
x-content-type-options: nosniff
age: 423878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14547
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:35 GMT

GET
H3 200 dialog_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame E484 2 KB
2 KB 52ms
52ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/dialog_shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffb4befbeb3e1d3cc390c2811565db360f23653f08849c72d0df12d0e346b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:27:58 GMT
x-content-type-options: nosniff
age: 196935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1895
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Mar 2023 01:27:58 GMT

GET
H3 200 cursor_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame E484 3 KB
3 KB 51ms
51ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/cursor_shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

479ab423a43aecf5d5e8a5b1de4235c848f17e321c38663f21f18cc8cfe23fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:57 GMT
x-content-type-options: nosniff
age: 423856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2678
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:57 GMT

GET
H3 200 pic1.jpg
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 1F5F 14 KB
14 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/pic1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:35 GMT
x-content-type-options: nosniff
age: 423878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14547
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:35 GMT

GET
H3 200 dialog_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 1F5F 2 KB
2 KB 62ms
61ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/dialog_shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffb4befbeb3e1d3cc390c2811565db360f23653f08849c72d0df12d0e346b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:27:58 GMT
x-content-type-options: nosniff
age: 196935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1895
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Mar 2023 01:27:58 GMT

GET
H3 200 cursor_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 1F5F 3 KB
3 KB 61ms
61ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/cursor_shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

479ab423a43aecf5d5e8a5b1de4235c848f17e321c38663f21f18cc8cfe23fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:57 GMT
x-content-type-options: nosniff
age: 423856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2678
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:57 GMT

GET
H3 200 pic1.jpg
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 3510 14 KB
14 KB 53ms
53ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/pic1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:35 GMT
x-content-type-options: nosniff
age: 423878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14547
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:35 GMT

GET
H3 200 dialog_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 3510 2 KB
2 KB 59ms
59ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/dialog_shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffb4befbeb3e1d3cc390c2811565db360f23653f08849c72d0df12d0e346b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:27:58 GMT
x-content-type-options: nosniff
age: 196935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1895
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Mar 2023 01:27:58 GMT

GET
H3 200 cursor_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 3510 3 KB
3 KB 59ms
59ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/cursor_shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

479ab423a43aecf5d5e8a5b1de4235c848f17e321c38663f21f18cc8cfe23fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:57 GMT
x-content-type-options: nosniff
age: 423856
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2678
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:57 GMT

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 6308 169 KB
59 KB 92ms
42ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 19:19:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46267
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 19:19:06 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 6308 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js

Requested by

Host: bid.g.doubleclick.net
URL: https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNU0DIRlykIN7FvAh5himTVldiaqat_nBeaj56aCk7o2ctfp-A4&d=CnkAoCZ_4BNaEzPVAOgslk8FIWIsv6tVMc8tuaVH1sfyvdWiVORmzZiOc-ehMNjfgGAFp5o5OQpb2qhMH47D-WEfS1oc_uN0pby0TC6yWtP5f0qrTyeWZYfiWofHCEgQnnVHUmS6Czj3wlyPPluq30GU9j8KTLm69DjTEvkUAKAmf-BdylvOaUAVUH0qbqAgc3oIgyFa0nS360qdAQZPNb7-kqC1EQ4Br0dezyyRNHdX5VL8XN0JmaZDArWRWlbm5FjgCylwCpOL6RlWLYU_U-DxIJnPECI3N7eh9l5c4VFoItsXPxKN-V6QUNvlXa6hDgirBvxZOxBmCnHjqzF97o4a0mZPKnq99IVVKE_UHwlSqBDTjs9tIed3yDRKhgouXTbb_ArIufi7DGNrVNhJt_rbP2n6THAhd62HsiPow5PdL8Hx8KKWFgokpqHmo4oBfVjPGf-V0eITpepTnQUox2UsnggGLWFHvyIOLuEFpuw-NwJ2v2XSczJW4XSCDoyhw73ltjXaf3sa5hh5v9toilaAzPCk6fmsn8opp0cl-lZoC6Jexd7rbfQCcitJgmkgTZYG-p9d--ShiSoH2tssU00bO4rq71fqmz7ywxOoXdeQhV7R2864T64IbcQx9zDW8zYMfrfgW3qrUZktfRn9Xkx_vfSEITQK5tfLljKWTw0eOc8nt-Wu9Z3f-dWhRisVdkqkyqGomkqzHf8N1WiwJr1qLnIU0ifOG1Hr6RgPgq_nahPgOP_C0fDiWktlTHwxMaT3fDRhG7hVIfqyZbC7YBWAkywGpNjIYhQw6-sC23bWTHnnUxrnW1Xx1Cw0hNNdjIJ_aXCBv5lpJbk9V0fE0QciX-of-ZKEcD1lpXl5-jD1S53mtohUXdTt_WGAaUXi0aegBsgxA1A0_Z7eiqgTHalDeilTLdfd57zLFFXiR_dxEvPaCS8J29YsQoPGnoLsdqyfFsQI0KM3ueLbJuCenCLwmaK0AiFGeh-hAnFT2Xn6zhns4XaH0_a0Aaqe6unUgMu6ggsl_ZChqVBZzU59Ta0jh2734-o9sjxMifKFtNrIoFStRRnFtUraGn6ELa1OnmvVUzSBzgM2WtVBF7SBXNTPHvAmbCrSLnktrgJrMKcahx0cW0zQy7-sOnA9He3ik57PThrN5Q9NWWh5dZg9qAYwrykdhfVq1W0X0GNHU1Cr1oYem00JFQp_SIy5cYRwdh4F-MGf65cbyco6z2tQVuu924OBacnb5h-V_VdEJUdgXTNKqKU-RJ2qxlGmv5JrLvfXaAL4znSnqX9wENVeGj4-PGLDXKatZZ1NFiXGQQaqmfHT1ry6JyLg5Gvw28kJydbNf3O1OX1OLqlCTOjklFWqxrDZCg7gvJpKydMIhNC9PVLU7gGQM99n1cqv6TXY3GtjL9aU2ARyFvBnn__QQgcB03T4lQ5cGaOXxkjXAHWf56ZPx0SVzp-KodcXbXCwE1OGDsOkKEuaypjg9VBilDHKIOOeEFEMbjhjcMIirtqjewEUHZlOmq68zhOibJy53mJTYUmdWanfQOr_8WzV4hmHkFIlqYOhr5fMJLvigJtTxkejvUKCgMqxkqo7GmVym8tQpPe0YcNNcb7SKDdLsKtIO1S8jJnA1TXJKAc5n5UXQVQk_Z1FNzouWf_VACEPCl4Zpfwg_SsUVwelvx1M6qJzdhE7D1svPsEGGB-N6O1_0Ni1svpFqfBm9iLQc94-4FpwdppUlECxdgr17jAW-fvhNGw2QYn_VMgbYy5hsO8xfuX69QIwPdxeNhDS0uTJ3lJfZjSGvXb4qWSkaoi8v487vSI89WbWyy6oXgKmVdUtzLpb3mDoDQfK4bfYqfnOMoV1TavGkR59ENmWTXNJ-KUAAg2OsFxbKP-hmI-dV7GwYZPZzbISJMcrJUoNS4qEA8m2CwqFWtjttAm7QBEPCCwT3b8gREAhlbD8hEUJCXihdsVyyLROlAa65lcaJQqpQm44ebcPz-ru7CyE-6Dph-YhSs4YvFTsn7XoQhOC2Sa-3u8M59s6hFJN25IzSKMC1YOvpYzOoqNgRTn0p_S9n8KW7SvLqVgh6siMtUROUt6c6Mo62Woo-5l7va4LR9NYIDp2r1PeK_kK1me7foprUdAwePeNrx4JeAlzu9KcNMVszy_DiuduwyrSH5oe9JAZtJvYMlSwbPAAU8pjzr5BSlmrUnUAu6hKUtpYZpQaEmG1SaAcjrF00G69Fm1PiVUqQuWNSHd80ctmq1iFcnMsS9uRcqF_habsxHNNaQbBviO81tkzust0VCpEhO8grsC4CCz-oaiDwe90qsJ94f5dfi0ak0x6IlWK3ND8cuH1fiQ87yN3prrGE1lMVCcMVqYUa0ora5Jaq120Yl1X2Fhe5X-EcX_K6uj1LaSQTKo7ggCB3AbmTRSbpErAS8jh9If9AyEnLgYEQG3m74zkmmKZSKDs01zLIR6fbKw_cKJKeVpvhzhcjDOW59ePLonG6APs5cUOBrT4s097Odffp39jshFMrHFGiLW0pN886nu1_q-jBNtvVst4hyaInQNxzx787zU1hZlAb3pom-tUCodVEJAFEekWz_8yHPNHtt8IkQ0sAAEQVMWXpo0-htiuq35UUCAhmBxC24NxyfvOfQAGSMlpQjnWbTZ-6fq1__ucxifrusQd5AUc_MIZHkhoLR3u5uzWsKepcBjqT4yzjFp7sBYPyJuO0Zw23H0_W_K8y6Xk0FNUxwzIdq1YFlO4LBj7c13nW0hYNpoJcAqqXPXjXdrrrJGBbR7poI8PdOk6RipQPVyTk04WJbEJgTQJY-D4daM0e07G_9Btx2dcO-B69hEPrK8TjaGYjTgIQe24GJE5e49oA5NQkQXObnm2oUPAIyGoGbEBFgRCMeVw3sHWy02XlQ21raNhHxSHjZARVT3N6nW9mnK3Fk6h6XnT6TW31d1jOr3P_2HLYRBAcwilDbSrxNWKHasZ1plMUDUQLJEz5Tnu2sbQHEUJ8FHT2apcaKwwmXnHNHVoRAhvg3z09jvRindHTB0-XwgwUJuZKNYt8msYBohjribVL1AQ76vANC_3sas0M5evDrfUdGj1vcVNZL6A7_56Z6HTsw2KSrpTOWmrUVrfqaCAWmN4esplAc3w7TNr2XAHS2mdwPeYq8pDMDwIrE7XZducZBeq5c0A9KSXSihwCJNAkeeBDLX2Pq4L_hdprCknwKUnsSCjyMJdP-M348hvKnM4YMDvVp2iDFF56CwMKzl_iotQNuh-mdRcf6RM6L_hnuwl-hVeff17aXhyj3Ykq-9of3N8PwQmBP71WlyMi6ixAVEXc8wcZF_GlqLQduWo7LdSZ1nsGc6MJdIQYne64E0SlRhRyaHXIUaQluFVryCuGrsXNY8_l08RNOvK563Lm05rShxMFIvXSncNZ2tHsf_cvXS9eYXdn28yKISk-oZ6O3_GMmHNJKwg37QMAhh0U3VIMS_Elx3K_yO-qseHWU-6oqgV1YDq5zDtr7bKARcYViSk9CHCmKi4cOzAR6Lv4Yzq0E-eZyTmtF3sGWKq5EThGPLDiEpZOfkMbcVTNwid7jQqcAit_CyaERwOocnYe4SsW6dl3opJbn33IL6CFxq4lv6OLFqXVgnB0hPLfnyhbmhf2SVrgImTiyQmuzI7sPg0EnqZJ8o2B8dQDOoNmIqRMbTVRcxJYMdSHz78X8hyby8Xb3u5aNEyxi6fkPdld2te13b9rigTjADDbNIaKAgAEiTkaGaG8Pu79N0r4qVr6r_aWoxuKX779SETd_Etc_xMFzXfLqZgAQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 213
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 6308 25 KB
9 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:09:48 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7010 43 B
260 B 46ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fcdn.flashtalking.com%2F142462%2F3451578%2Findex.html&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zb8ar1teFl9Se52VHlqRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-KsQP5B%2FVw4Nlqg%3D%3D&sc=1&os=1-Yg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=0&ii=6&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648368613533&de=986263132296&cu=1648368613533&m=72&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A612%3A612%3A0%3A1249&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=51&cd=0&ah=51&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331247%3A3451578&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=208902869&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H3 200 CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js Show response
pagead2.googlesyndication.com/bg/ Frame 89F3 35 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CGHVXjYJRnLTYRF6fgor0GmLhTjmHb-GVf8novFL6vc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0861d55e36094672d361117a7e0a2bd0698b8538e61dbf8655ff27a2f14beaf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 16:25:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56668
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13806
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 26 Mar 2023 16:25:45 GMT

GET
H3 200 pic1.jpg
s0.2mdn.net/sadbundle/17137914016371007003/ Frame E484 14 KB
14 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/pic1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:35 GMT
x-content-type-options: nosniff
age: 423878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14547
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:35 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9A04 624 B
297 B 51ms
51ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNVf9mnKskxV7REH3C-XfN2q501cg6kYwODzbrVsv9_EXKDbPeg1K4t6_tDvuD-cEDaqXAxqJV42IJ1DexIGo-UAqUK01ijSG4rkIkv8knfJjqa_zu875el_Nb3a1tI8n4a1mUVV45-a9G7pcIMwvTW1oZaQla16pAQa4BjD7o5XeAtnLQY

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 27 Mar 2022 08:10:13 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 355D 76 KB
32 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaJDMYUHoVMhfnE6EfPDjh-ppUlnjPlaSngg_wdp4pv4I1GYUXL_StZHPGcUJMJdHeTDcDJasiV7t_om7SjOXDiL2vlQ&cry=1&dbm_d=AKAmf-BRIDlk56MyhahjWhVIZwpmVE8udlP8iLdGleJZQza8nhp5pPcfV_eP1eVk4jr8nEWrq2g2vL9_2RdEu91s51946vtBjJUqlJUNBb6hvsc9exVIgvOftLr3jxWRprDNBMUb0V32cIEmpos8GKahCyyL092BWyPD_byAjOTZIXoprvnZnDpG-4O0vxNFaowj8bPo1e3xEvwlRdeoKJrl2utqKve8EFFed9S3vlq_q7cdpfErWb3IMmgYSO__DihAY3hgU7PZo_xnNDAk9B0qXG8Z4QzINXDG9uhCe8UQ1gMzWpaIxfmeIFfQlUC8p_di84Y8TudfvfGktCTesnZiYuD7VmPJ-fK70PiAoyYiUHfFlGUn-UVUi4T_cNHWv8jMPe26BBTdpskjbdZvSlD-0tiJ_Sz2R01zLTPJqsS1963gk7RQmfA7Kiq6RJxWY_CfTTNFY6pAmfCxCyqFNgS7IF3Ku2Xu-JalNep-WmCUpYVyUtLapMoxWdQKeJlcuWrj2Af2FV6QtAMe86UcKvehCoFZwPIsWz1ECbGkGnAvkEapNZ50fHcTSf01MZkAmMPEo85NSRwFPJYG_KCJWn7U5xSlQxRcjsqrlqbp6Ax5BexuAtNeIGYXQU8SOnxAfLC4flUL_zYRB_2yru8v0MoGY8IruROBlqo4qCjeELnR1WhuGqsvSyimuP50doT7k5P_lGutHNAWDK9WoNF7Qu8bEm9gJcm03Q0XaAE1kPwFqHOuqTvIom2c2Whq3hXBTPOuEor9NO5SYgtf9azIiU0eNWbM2ZZwAftyUB7Ljj2IXmzADFa8C7OhyAe7Gld0wf66-ejkRFfTi_ilwekWVLdR4fl_q_8cv-HJ_hJkpdfbHOlP1ye4j11DZjfa3PhWB8kUp8nK6NueYa1f7XjdEEP1H0kymY0f3Igd2pWkf-ZCWEOVkh6JL867Ddj95Uvb8UL1yKB5Gqpjrq8tgixaVFy3EempqByFUlpE80UazdXVNxlaobHgMGrHaOklteIg7g-o2RSJVwIZpKNgF16UzyxX-HdRYnNTjG_fiVOLqETIv5Bn7FflINEzedVI3hhX5wD9FMThhvNv5NMBq4MxHMoK5oFrSlwKeR6BEnTmLKS707zjLAPJTcmZ6HwEMp-ILQ_vWOnAgMDnznyIHoucNfAy-IS33Wp0TNrsNEgn_YVrMwlPoN2PCne6ZyMwHhtN1r8P6bffigeNDWRSjbNExjlK22lh2TmtKpxJQL-Y6UX0treXNZsdVa0xJUaBgAphwD-jOGnWmsPjCd282rXqb5jQnQdwN-4FbwuFtX1mfFnTiw7F_7ZBMkLZp-oiZyc18K600c9nZUfaRWNSJm9FDI47RnJqzcLGiD_IEe12fWiIl2Y9c6mAio1DhjA3k1h-GKNzGMR3ZKGy35d9yUdO42Zj94etVdU03DHbS9jq_H86XapAi-CAtI_4GeYhgzMjb0KnmT0NP2wwIeSjEVvq2XrmpmACAET-shkoURLVRlkv6WKvO-UDTgzfKO1qTfgOVSgrasYH259USWBAMKXKAVQ5Tp_oU_xxBrK00d1_aCwBtjWlv6_aApHrwXt43iUDGz-KQTT2Gxx-eW4ifoDQiMD0FG3wptcZGkPxA4Xi_nN8F77vkPmaKCmO5ktfIyRTho8PUd8Sc_JQ5r0uxFkIyUsKLQIGY34zYhDBCvbGBifqxYEFpkMUthNbhuVQXm32Z_hPCeRNahI-sFMdCgFg8md_hRhjk-FguAC4AEcWUdldItdX-_-WE1mFG8uuORMd-Rh-_PdccZmFSorgf3UzUJXRWORchUvfgtKGVpOax6AqWQZRBaAF6IRC808amGpUgqtJphbWevekAi5tRupiT6xk3cHH5t1747JOOnW6e7FqJ96CRvh7BzEMS3kwbWkfNBKNL-eVacUn389-hAVzPwup3VKO7__kVR5hIIXBqGN3HoWtJsbTuFOemIAijfmCqDEzTlrYxHkosGwFzrUIbqSoWA3mFPrxNSp-TDKaJWKubZm22h1b7_SjCmhDyWzYoHU3lwT_WBBp0iXl4RUc0qch3YB6HAlf4eV90tTjKh0ZD1A58J6DNeRI4hO3GJPFZViDe9lyo3SYs0U0LUdVwhqrklXw9r1JThoOC1Q6i918hoLuprJsK22i2Hb0Irc5LWT4C7PLs7Y348fpJ2jl6lFb-X6f9j2cyrgUxD1_RP_fRHmA0_YTCewLTiqlTwStxcoQbT0rzI1FP-kSpraxqZrjiqkCW0g05QmNtCEhYv-U0rYZqnSV_4aA4Bekjg5F8wwRO-SYXsXC1Pkf1FzhM-nxqZ1Lu49v5ELhiOChOiiaFFsje1jOIduVneGM_3fpZNGESDhiojMFvbLfsugqMvDGx76_K7UTmd_YeTWczcLgrmA-v6aw3zAkWlqxC1eEbVjlsiYZecWhAsqcF7c1k5Zs2X_My5efdW-OMorLbUHlklTpNZIgsmdf3w_EUVidWJVMphyqB3T-NGr0eG8X53JlAqEHvb64WhnTBsqjWGaIyPQoz3sD7Qj_qMgGH-MbuHWkjJB35BwlTOd9g84-i93X2WW5AxDBAJSbLgGs40Tn1_qTyHlSGwZGJx0GcfQhNJJcxVaWGZq7Bo3nriFHflHWNHoqsplW5xkhk55qP7B4kllNG-Y1fiT_1CHQq8dVynx1PIo5E7W2XncdhH2nxt7vQSnIrjTv32fAgJXlNo9GxIIDrda0Z3gk2umHDE9bI6pv1CyEtNdPLElrixXdW2dfzzkW3aL8zxoJUJbnuRhUuvhg7eKsz47ZrGbyzFFJXnZWxCE3VB3BjSNTddIV2y4rTltCcmy4YZxWMVobjZ2-d_Ro2pknjVw75r0Geh2Cid0bTTgXUch_esjICq8X-qg74cOlXGrzx6Rr9tzppkAHkoN45e9qKReShFXZA2T4qE1T6Yn7pQNIacJpmwnlxN-T6PoLn6q-OV9X5qX3A-iUwt4ou15L514s5E8tIjLbWXoaX46DVrOn90ruWnQeQeSwCLF2Le1cNokbXQY5UgUbnxcGMKWRo6M&cid=CAASJORoprYNx4eXV94ezEu7DhKh0pz4woECUfB8ZCdSqUR0sTZd1w&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee4b765fea79a7fafef82d577b68cfac30da7cd5104e311cdb9fc087b1726b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32963
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 355D 2 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/window_focus_fy2019.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:07:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:07:14 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 355D 119 KB
36 KB 905ms
905ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 08:10:14 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/ Frame 355D 15 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220323/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 07:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1015
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 07:53:18 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 355D 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DL7SHh4cdejSmp2M_nyzFUTtE14iDi0w06ut8jekoz1boD47LKn32J14p6rqpmTv5qoExaQwywtsnDveDLDh1QX_zyXaK8swnmucHjGtMdYPfCKn0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pic1.jpg
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 1F5F 14 KB
14 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/pic1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:35 GMT
x-content-type-options: nosniff
age: 423878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14547
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:35 GMT

GET
H/1.1 200
OK assets_728x90_1.png
cdn.flashtalking.com/142462/3451578/images/ Frame 0587 85 KB
85 KB 93ms
93ms Image
image/png 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142462/3451578/images/assets_728x90_1.png?1618592593801
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: 0ea156b1781ac04198c56459d448345aa7bdd682270a23094acb6292da879cd1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142462/3451578/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Last-Modified: Thu, 13 May 2021 15:41:37 GMT
Server: Flashtalking (AKA)
ETag: W/"d003ae868b3a2001caed8e234cfb7bff"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 94347870
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 86957
Expires: Sun, 27 Mar 2022 08:30:13 GMT

GET
H3 200 pic1.jpg
s0.2mdn.net/sadbundle/17137914016371007003/ Frame 3510 14 KB
14 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/pic1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:35 GMT
x-content-type-options: nosniff
age: 423878
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14547
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:35 GMT

GET
H2 200 pixel.gif
px.moatads.com/ Frame 7010 43 B
260 B 44ms
44ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=37&q=0&dMoatBDS=0&hp=1&ra=1&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=ALLRESPONSEMEDIA_GLOBAL_FT_DISPLAY1&ol=4111836140&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2FG)lKr%23l9jmUdTfN%5Bqir1fcSC%3AU%3FWOvTh%7CzFK%3F%5B%22l!j%3F%5DV%22%3BU!%2FBwj%5DUG0U20!9%3Am%5EG..%2C*%5D%407%25rxaxcpaO%2BZ%5EhG%22%3ExZq%224%7CQjw%60.%7Bi%3F%5DQZ%2CA2%2BNhloI%40s1%7CZ5*%3FVl%3Fe3%7CqL5%40J%3D%5B%2BxkrG%3DGfv)C%24%7CQJ%3BatASYUby%3D(tN%23V.x%3Bm_Qrw5.W%2F84VKp%40i6AKx!f%3EUYoo813_xB%2CN22Ib%40aFB&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-zb8ar1teFl9Se52VHlqRTWME4Q6dwotBXKPgx%2FCwrOl2tvmQftrLjI5jaRxplbfkuwe%2B&rs=1-KsQP5B%2FVw4Nlqg%3D%3D&sc=1&os=1-Yg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=728&qe=90&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=1&h=90&w=728&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zGSRC=1&gu=https%3A%2F%2Fkolobok.ua%2F&id=1&ii=5&f=1&j=https%3A%2F%2Fkolobok.ua&lp=https%3A%2F%2Fkolobok.ua&t=1648368613533&de=986263132296&cu=1648368613533&m=237&ar=9f397fe3151-clean&iw=5b1803a&cb=0&ym=0&ll=2&lm=2&ln=1&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=90&le=1&gm=1&io=1&ch=1&vv=3&vw=0%3A3%3A0&vp=100&vx=-%3A100%3A-&pe=0%3A612%3A612%3A0%3A1249&aa=0&ad=86&cn=0&gk=86&gl=0&ik=86&ic=86&ez=1&cq=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=51&cd=51&ah=51&am=51&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=18966%3A170420%3A6331247%3A3451578&bo=18330&bd=kolobok.ua&gw=allresponsemediaglobalftdisplay739160694092&zMoatOrigSlicer1=18330&zMoatOrigSlicer2=N%2FA&hv=findIframeAds&ab=2&ac=1&fd=1&kt=sframe&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&ti=0&ih=1&tc=0&fs=197724&na=1270779811&cs=0
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1731436455&adk=2257904722&adf=2751418291&pi=t.ma~as.1731436455&w=728&psa=0&format=728x90&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612040&bpp=3&bdt=124&idt=125&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1161053410&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=85&biw=1600&bih=1200&isw=728&ish=90&ifk=151704486&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065741%2C31065550&oid=2&pvsid=3914727801430701&pem=632&tmod=1813438468&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pyyixdrqdmz8&fsb=1&dtd=136
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Sun, 27 Mar 2022 08:10:13 GMT

GET
H/1.1 200
OK dv-measurements2414.js Show response
cdn.doubleverify.com/ Frame EF03 513 KB
95 KB 58ms
58ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2414.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 32d15dfaf6546e67aff1305ce932b8fdee9083f0ccafc9c998bedd62b42f5484

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 09:01:01 GMT
Server: Microsoft-IIS/10.0
ETag: "8084b584943ed81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96955

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FC12 1 KB
749 B 41ms
40ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 27 Mar 2022 05:53:44 GMT
expires: Mon, 28 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 8189
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1530 0
23 B 129ms
77ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuO14Dk80jLJI_vAtzL7XL7lH7qDDwpU0ghPdNLpT073bQxx3oCXezNBepARa--cdQ5XDngaHCklhmbBbjIfQHsUZvj83RsxvQtXkHBnrXSU6rN58AG_-9oMOezXScSTvqSk5UE3Mr3V7MTanBJZug1WXUCU7bMFSKohxO1nm9LD3KzI6FpQEgj1OdC46qIjibuJQLq3BcUEIdGLBJOArIoNKd72MW_dhGM5xBmDeSwMmTGWg5JIxYmxIdbTVavdwy2hmWsub6n4NYWI8M29rjqNlHJB86h1BRBWUXeTwLuw70ppVw1nGuYadhg6v-uvroqAsKAWD8vbYMZq_cwcrwuN8zl1g1LrMwmEO9neNRm8NyhtlVY7UgKfhsdJnGK9gK41ldbF7ULKTaAcZYw0peJI3GpMt-uLgw3_sHHnzgsFu88k0uLBpp3XisFKLHCbfUyw_i-3q4tBX61prnSTQNjiTcks9heHCTRUDbEyrB38vCyB_RMrcQGoBn3jWaGN-Ihhhi1td_WgEhk_XzezwWuYVqXhwNeymUifL60uyI56cHhtA9yvwwcXxoPwpW9YCfFxRXOWCd5kDiHkflXjPRXz93YIEfecsmGE2qoVtfN70lEN6OsKSXcq6lawjlEbRDsN8Vb4Ag85xvSDmARvChakAyZS6q0Vm7qvBXaCfkL8KD79QjnRBuugaQjQB7GKcLu6aGMXCsuX8dUO2gfJ22DJYjb6xXzvwblm5OjzkeAFP7K2RdfBnq_q_fueHNPbLoOOONE_PDAZcWFVNPcdWbg_tOSeuRR7w3PXrNI2ZUh0pohOrbJtm3ZxRlrYrTq-D35Av1U3mgxDGaNBHa1jrMXT4PhAxLTIG45-n_4Qj69B_OmWY23kbqAqq-w7-kuwahxqj-ElQeMLvNivnnmw9EEqfvMc9EvLKQy_W7TAPGt11TLCnMDJiRdEIFo1yPRi3UP8TqXmKgklRSGfxW0QXJAiz15qYx_4Zv-5wiaXsVjCj1yBDJDiwzFiO4jDm4ray4t1_JODDg27Z4t8xWZYOBHHqbn6_5A22HMaxcVSeATmdZCB9Rm7OiqCzbtNNk-RZYsNCiq6ZbeEjdGfBzo0lTxeN0xJYMfPvp8-sN7qX0ysrp5TIq7XphSBelNyNCcHfsM2dCxWZN5RhVhzsLYOysJH9sq5yLLWPKjGIvnykG16u1jljzfGuVjwXcdbN3FqJELFA&sai=AMfl-YT0RJBs60EHqhkCQCkx_m-0Mq6xSTGnLR2gFVp2KbcpUL32EwvE3nt0FCnInmIBSsS8pYhiolcuQpEgGZH5ABJv4WRDd0SE0AcNjYrBZTOHHZfYmILNbO5xCCsvlcnwDpU4oWISsR92krEU9GvPZDEQIHJHRi4tS7b9tgp3hXt62LVSvzOBx9ZUwqnvYBjZlJUbaB0eowRMvbNKFzanJQ&sig=Cg0ArKJSzCJ3-f-gFPeEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=718&vt=11&dtpt=438&dett=3&cstd=277&cisv=r20220323.52746&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 42ms
42ms Image
image/gif 146.0.227.110
GODADDY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

146.0.227.110 , Ascension Island, ASN20773 (GODADDY, DE),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:13 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
DATA 200
OK truncated
/ Frame 6308 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 47f237eb5e012ced5c54b33892e8dde889807469837ce4406fb8c1395740b738

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8681648890807385575/ Frame ED6B 10 KB
2 KB 50ms
50ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8681648890807385575/index.html?e=69&leftOffset=0&topOffset=0&c=y405QyUHrF&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

553c21ee4070cf487bbad414462d047e3567def5bcf68050fe9cb5b0cf61fb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2256
date: Sun, 27 Mar 2022 08:10:14 GMT
expires: Mon, 27 Mar 2023 08:10:14 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Mar 2022 15:58:12 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6308 0
23 B 79ms
79ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyy6hY4PktbeQ0U1mkQ29C0dydcv96l3U8P3Uw55fsk6VgNIwi1RA6CY0q6UgHbYTuEJMeY2HeU5Cb6YaoEy6e-oTRy2mZCHUeKPFy70ZLSOH4djhBrrtc93Cf9Q3O6NVqkjEPFMqYt1HAVt6D&sai=AMfl-YTp-1XIJEQuCojzuo4oOci4tnsHWed9u5ANf3vhRJjoLtM3dRpzl28Z0e3aWsIx61Mr0t5w95TL_mTW_ii8MhE2RA2JuMlfM7d7wMxBwn7KVVetXxhTrnkMrWo&sig=Cg0ArKJSzJIJbeBS3XT7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=278&cbvp=1&cstd=272&cisv=r20220323.07947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8852 0
23 B 82ms
82ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuI0F4wYk9bMiGV9m3KzZXA94Vc9Xkx0LVXwVJjQHBochilGOLJHK8TNOTgvYoUQuyHHYpHLCyYM2gKgHgcbMiYGD_QBbllwUOu0tNkQZLr0am4kZDLpxFQvwo5wh0OXnlLWZNmr8rd0Q2ojRYFsN0Nro29ShQOqNwRODrpucoW9VM27EcyZfDXqq6yOlzxaVofiuf1rkKG4AtHLDiObozKzj6tIuHtIRdR3au3gynF0lHnPsT9kzPY2ryeDdlr0JWqgLI9_XhXA-b5D0kWFVe5ZnvliTy9yPOxtSw7TYmx2BzEOODTysx29-PAchBXfJegkcvSehbT3NVlJwLJVNhvPkVchwPlolhMLXoDX8t_v_OUFKJyRqpcHwFxFv1nWdj3C0SiWhVTj68KXMYMDqLQLYveidNFHMUE0CKulDjA2qkgzhCHosx6sVhwA_3lGRl2TPuV4p4t0vcFw_2shLXUfiLH44Xq-GjWt1JlWs8Tra5j4OTvcMCpipn6Eq4cYMJ6VF_Z39t7wKmVVFMWmXmNLIGwMJBJCwZC669kiOqeEH45ylRQVIAjb_Wdh19Q5tYlEb5MLE2bwz-tJdYIf72YM6a-7gVWDPxzm0XcCKUOOxvrbMm28nyy7o8uLSdp176EjJy8m8Ra_XGkuxtFBsDq1BzBzuDQ146N0ckQ56KfcLPWUQnNQlfevkZ-bca2PLtuz2BovuRMJwFsbTtcrfygbe_uVg6_wLAqW_xCr69O2JjDB2mjgcwRun9v1m_ZaQYRbB_dBeXMBiYSfOxZ2Q2_E7CGxaf8H2Q1gjVvoUCX4KqITF8dUo01--Sz9iKqCH3OM3cEBL2s8i3olB4fMVjr5xqQrOgOOLV2dw9k7WOqlv2NIzz7HRjYhyLQ66UlXQh91RQjBZhXxLtjnSLpe8VgRWwrx-KG25M7L1XPcK7rqrPidM3osAsHvQ8wjoOctyZVmBzR9U2odpp8MWkSks_1n0bjjCHE73TMhXaTM8146VCy79M2cnflw3g3djPOeR145ZmvZVsXjQlNpu4YUHOioLMr72gCBvMZrXEoYCNqCC0P2pEFYseOoYIOzuN8gX5TTKhc-sYlb3TrQk9YCDqggjDeXKEdSyjb5FsyXt9-ZzAXExosFd5C4HQuhHjc0uNTrUrYRTRf065HHph7q2Y8qXESAhk93zGWGAn-S9MJb02ZmdAOzfcPLUgXRbQny1a7tw&sai=AMfl-YRxVWDMOxq9rGjPizJQ87S5V7QOVfIgRzNcRt4TMDhtWWBAtpCBxU-X8IZ3FiRCX-pM7yrUsJXyaASWL7Aeq1gmUs66gr4Ra0-EyxfW9pg631SQinuHrjHFIJqm1l2giiDXy9qv5q5duOBsFRfCqJMvVIVN8MLXjtxqJqfs0s8BXwmLbRjAGlzrJAeSJ1LtwIwM3LKMNJlI6-cIN4srOg&sig=Cg0ArKJSzJJjE4uqnRSEEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=727&vt=11&dtpt=497&dett=3&cstd=228&cisv=r20220323.06979&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9A04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgIBXSuqCdTRUl2XGsvqbA&google_cver=1

43 B
892 B

60ms
59ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgIBXSuqCdTRUl2XGsvqbA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNVf9mnKskxV7REH3C-XfN2q501cg6kYwODzbrVsv9_EXKDbPeg1K4t6_tDvuD-cEDaqXAxqJV42IJ1DexIGo-UAqUK01ijSG4rkIkv8knfJjqa_zu875el_Nb3a1tI8n4a1mUVV45-a9G7pcIMwvTW1oZaQla16pAQa4BjD7o5XeAtnLQY
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgIBXSuqCdTRUl2XGsvqbA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 9A04
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YkAb5eUgGbJu2pwUtXIAggAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgIBXSuqCdTRUl2XGsvqbA&google_cver=1

43 B
892 B

62ms
61ms

Image
image/gif

2.21.141.232
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgIBXSuqCdTRUl2XGsvqbA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNVf9mnKskxV7REH3C-XfN2q501cg6kYwODzbrVsv9_EXKDbPeg1K4t6_tDvuD-cEDaqXAxqJV42IJ1DexIGo-UAqUK01ijSG4rkIkv8knfJjqa_zu875el_Nb3a1tI8n4a1mUVV45-a9G7pcIMwvTW1oZaQla16pAQa4BjD7o5XeAtnLQY
Protocol: HTTP/1.1
Server: 2.21.141.232 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-141-232.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:14 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 27 Mar 2022 08:10:14 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKgIBXSuqCdTRUl2XGsvqbA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 9A04
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEL7gUN6wXh0Hk5twIphsJiQ&google_cver=1

43 B
1020 B

75ms
74ms

Image
image/gif

185.33.220.145
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEL7gUN6wXh0Hk5twIphsJiQ&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-mmwIQs5ueAhj169zEATAB&v=APEucNVf9mnKskxV7REH3C-XfN2q501cg6kYwODzbrVsv9_EXKDbPeg1K4t6_tDvuD-cEDaqXAxqJV42IJ1DexIGo-UAqUK01ijSG4rkIkv8knfJjqa_zu875el_Nb3a1tI8n4a1mUVV45-a9G7pcIMwvTW1oZaQla16pAQa4BjD7o5XeAtnLQY

Protocol

HTTP/1.1

Server

185.33.220.145 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:14 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f4452604-13e6-47f5-a12d-5cc6787d0935
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEL7gUN6wXh0Hk5twIphsJiQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9A04
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:14 GMT
X-Proxy-Origin: 217.138.196.100; 217.138.196.100; 623.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 14f58028-2e6c-4bdb-b490-28b26ca115f3
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDEzNjA1MDIwNDE3NjkxOTU3OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C92 0
23 B 80ms
80ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuNyln1xrDDdOrXac9WdGN-cGCYtS8dAyp406oHXv4pIq_6EOubh-UPA2k3O26oSZLP98AOzKip_DGq_THKDHpeDuzrDEoiTcx4FhkW3USQNxDQqBva4BCwg_3jDkrX7V3mPFrKFzItwqyAhqQBZw4Nn83WzjOc4KuQ9HMaeR3xG-8S6s2F1vx9Ycp8FL3ofR7PaWjWrKx_DYkBR_twPJxRQHLDiT5wY9D9LEt5Kw4cyaqWkJZVdm0CMlW4_jpWmAHt6ZT7V3hxDK3O0DG6Uap-nCUihTQZotNrjSuM7YzIu960jUl1-_alJdfF4oJM3w_4GSGkv5Z7oTxKm-03YF-hNSJUYdrF3N1JW23dhD65cfhAiWHwY_oQfSPoIH67d8l3ICw33NY3ShqjLvTQN7kBiH0GBoJ0sEKH3RO_AOEWEYNJAC_8E0dhe7fhX3DdZBLPmoYGK6BSk5JBFy570bF-I865gWB5uPcPHExtjs20L4inVmGXPwMi2VFxBmi3WADTAoeg38jZchG2zyJSbgbokMkfvSd6DUxQXPHFMEqgfSiDjODGAUVmNXHztt4hxmdJRmUQ1Fh2m1-wWtONe4TOGHukUcek3xhrOXoF34VzQ_QSUU4WxEgcNJWrcPBbbhT_1lYR9-qVj6gOGaA2wky_gUlrh2gIEmUk-5geco_kvAg_Yu3zT9zWKseVwN7jLUKqXM_stubCjLz1xLqZMCZTYTd5alDyN2iCm4uVpC-FsAx5wxXhBsCMYUqyXqbrZUaYap30LtqI-suXM3aPa0Q-g6QgRiM2LNn7T6zPffd_jx14iiND2VFU3_UI3TK_1wwQm9ZDq_2LweRIGEptu70g0yHoYDhmvZkxPFnEyHirtdB9mCNSADmsHTAs32Efv9Gu_V7u01yGPIQD9kDqTlSWq06o8-asvlpJPCySYpGLbtsEB2SJueYOxpuQR3mgc4-zNMyUlar0Db0D7ufZq8MUVwO5tMj_eqov7FKTGsSRc1IS0Nxdz6IsbWCfPvqKYLRM6jFHM1xpWdJ5OUXbtQOhne6OP1uhcpVFQIxFk2Qx6oa8M5pHAK88q9QjlsooKo5gsiIJKWdCnulx0Y9KMUIiU04tnJbdnY-H6oCFNYxr-xyM-PVRMDnfDy7BZrfgk_s0EHVWx0EKiBjtgQ4cLg4IPd-Xn-pII7LCEgAHs6U2FIwNZX-NsMhDpxgbfDgwM-IsFQ&sai=AMfl-YTBaxWpE1nJTSwjgwJKk9ZsZz3SikOB8KGqP2jQNlnCsRK8lMqlvicP-0Y12ic3XMgOpJmy85YosdFZruSwuqeqB46rWwD_PmS1119Spsf_2Xk6jEJCQBPe-Khy16NKgWRLs42z1hTbOMOLd8uvSQnNdajEP5CwDqts_EhHSrlkquJFlqqV7U7J9M2wKioZGjCNuWfTp2iyLLx43O1dTg&sig=Cg0ArKJSzLNuKV9sNjKfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=761&vt=11&dtpt=504&dett=3&cstd=256&cisv=r20220323.56924&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 355D 106 KB
37 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
Origin: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 14:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62911
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 14:41:43 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/ Frame 355D 8 KB
3 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DaJDMYUHoVMhfnE6EfPDjh-ppUlnjPlaSngg_wdp4pv4I1GYUXL_StZHPGcUJMJdHeTDcDJasiV7t_om7SjOXDiL2vlQ&cry=1&dbm_d=AKAmf-BRIDlk56MyhahjWhVIZwpmVE8udlP8iLdGleJZQza8nhp5pPcfV_eP1eVk4jr8nEWrq2g2vL9_2RdEu91s51946vtBjJUqlJUNBb6hvsc9exVIgvOftLr3jxWRprDNBMUb0V32cIEmpos8GKahCyyL092BWyPD_byAjOTZIXoprvnZnDpG-4O0vxNFaowj8bPo1e3xEvwlRdeoKJrl2utqKve8EFFed9S3vlq_q7cdpfErWb3IMmgYSO__DihAY3hgU7PZo_xnNDAk9B0qXG8Z4QzINXDG9uhCe8UQ1gMzWpaIxfmeIFfQlUC8p_di84Y8TudfvfGktCTesnZiYuD7VmPJ-fK70PiAoyYiUHfFlGUn-UVUi4T_cNHWv8jMPe26BBTdpskjbdZvSlD-0tiJ_Sz2R01zLTPJqsS1963gk7RQmfA7Kiq6RJxWY_CfTTNFY6pAmfCxCyqFNgS7IF3Ku2Xu-JalNep-WmCUpYVyUtLapMoxWdQKeJlcuWrj2Af2FV6QtAMe86UcKvehCoFZwPIsWz1ECbGkGnAvkEapNZ50fHcTSf01MZkAmMPEo85NSRwFPJYG_KCJWn7U5xSlQxRcjsqrlqbp6Ax5BexuAtNeIGYXQU8SOnxAfLC4flUL_zYRB_2yru8v0MoGY8IruROBlqo4qCjeELnR1WhuGqsvSyimuP50doT7k5P_lGutHNAWDK9WoNF7Qu8bEm9gJcm03Q0XaAE1kPwFqHOuqTvIom2c2Whq3hXBTPOuEor9NO5SYgtf9azIiU0eNWbM2ZZwAftyUB7Ljj2IXmzADFa8C7OhyAe7Gld0wf66-ejkRFfTi_ilwekWVLdR4fl_q_8cv-HJ_hJkpdfbHOlP1ye4j11DZjfa3PhWB8kUp8nK6NueYa1f7XjdEEP1H0kymY0f3Igd2pWkf-ZCWEOVkh6JL867Ddj95Uvb8UL1yKB5Gqpjrq8tgixaVFy3EempqByFUlpE80UazdXVNxlaobHgMGrHaOklteIg7g-o2RSJVwIZpKNgF16UzyxX-HdRYnNTjG_fiVOLqETIv5Bn7FflINEzedVI3hhX5wD9FMThhvNv5NMBq4MxHMoK5oFrSlwKeR6BEnTmLKS707zjLAPJTcmZ6HwEMp-ILQ_vWOnAgMDnznyIHoucNfAy-IS33Wp0TNrsNEgn_YVrMwlPoN2PCne6ZyMwHhtN1r8P6bffigeNDWRSjbNExjlK22lh2TmtKpxJQL-Y6UX0treXNZsdVa0xJUaBgAphwD-jOGnWmsPjCd282rXqb5jQnQdwN-4FbwuFtX1mfFnTiw7F_7ZBMkLZp-oiZyc18K600c9nZUfaRWNSJm9FDI47RnJqzcLGiD_IEe12fWiIl2Y9c6mAio1DhjA3k1h-GKNzGMR3ZKGy35d9yUdO42Zj94etVdU03DHbS9jq_H86XapAi-CAtI_4GeYhgzMjb0KnmT0NP2wwIeSjEVvq2XrmpmACAET-shkoURLVRlkv6WKvO-UDTgzfKO1qTfgOVSgrasYH259USWBAMKXKAVQ5Tp_oU_xxBrK00d1_aCwBtjWlv6_aApHrwXt43iUDGz-KQTT2Gxx-eW4ifoDQiMD0FG3wptcZGkPxA4Xi_nN8F77vkPmaKCmO5ktfIyRTho8PUd8Sc_JQ5r0uxFkIyUsKLQIGY34zYhDBCvbGBifqxYEFpkMUthNbhuVQXm32Z_hPCeRNahI-sFMdCgFg8md_hRhjk-FguAC4AEcWUdldItdX-_-WE1mFG8uuORMd-Rh-_PdccZmFSorgf3UzUJXRWORchUvfgtKGVpOax6AqWQZRBaAF6IRC808amGpUgqtJphbWevekAi5tRupiT6xk3cHH5t1747JOOnW6e7FqJ96CRvh7BzEMS3kwbWkfNBKNL-eVacUn389-hAVzPwup3VKO7__kVR5hIIXBqGN3HoWtJsbTuFOemIAijfmCqDEzTlrYxHkosGwFzrUIbqSoWA3mFPrxNSp-TDKaJWKubZm22h1b7_SjCmhDyWzYoHU3lwT_WBBp0iXl4RUc0qch3YB6HAlf4eV90tTjKh0ZD1A58J6DNeRI4hO3GJPFZViDe9lyo3SYs0U0LUdVwhqrklXw9r1JThoOC1Q6i918hoLuprJsK22i2Hb0Irc5LWT4C7PLs7Y348fpJ2jl6lFb-X6f9j2cyrgUxD1_RP_fRHmA0_YTCewLTiqlTwStxcoQbT0rzI1FP-kSpraxqZrjiqkCW0g05QmNtCEhYv-U0rYZqnSV_4aA4Bekjg5F8wwRO-SYXsXC1Pkf1FzhM-nxqZ1Lu49v5ELhiOChOiiaFFsje1jOIduVneGM_3fpZNGESDhiojMFvbLfsugqMvDGx76_K7UTmd_YeTWczcLgrmA-v6aw3zAkWlqxC1eEbVjlsiYZecWhAsqcF7c1k5Zs2X_My5efdW-OMorLbUHlklTpNZIgsmdf3w_EUVidWJVMphyqB3T-NGr0eG8X53JlAqEHvb64WhnTBsqjWGaIyPQoz3sD7Qj_qMgGH-MbuHWkjJB35BwlTOd9g84-i93X2WW5AxDBAJSbLgGs40Tn1_qTyHlSGwZGJx0GcfQhNJJcxVaWGZq7Bo3nriFHflHWNHoqsplW5xkhk55qP7B4kllNG-Y1fiT_1CHQq8dVynx1PIo5E7W2XncdhH2nxt7vQSnIrjTv32fAgJXlNo9GxIIDrda0Z3gk2umHDE9bI6pv1CyEtNdPLElrixXdW2dfzzkW3aL8zxoJUJbnuRhUuvhg7eKsz47ZrGbyzFFJXnZWxCE3VB3BjSNTddIV2y4rTltCcmy4YZxWMVobjZ2-d_Ro2pknjVw75r0Geh2Cid0bTTgXUch_esjICq8X-qg74cOlXGrzx6Rr9tzppkAHkoN45e9qKReShFXZA2T4qE1T6Yn7pQNIacJpmwnlxN-T6PoLn6q-OV9X5qX3A-iUwt4ou15L514s5E8tIjLbWXoaX46DVrOn90ruWnQeQeSwCLF2Le1cNokbXQY5UgUbnxcGMKWRo6M&cid=CAASJORoprYNx4eXV94ezEu7DhKh0pz4woECUfB8ZCdSqUR0sTZd1w&rfl=2%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:06:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:06:40 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/ Frame 355D 25 KB
9 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220323/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:09:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 10 Apr 2022 08:09:48 GMT

GET
H/1.1 200
OK dv-measurements2414.js Show response
cdn.doubleverify.com/ Frame 47C9 513 KB
95 KB 113ms
113ms Script
application/javascript 2a02:26f0:6c00:2b2::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2414.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b2::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 32d15dfaf6546e67aff1305ce932b8fdee9083f0ccafc9c998bedd62b42f5484

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 23 Mar 2022 09:01:01 GMT
Server: Microsoft-IIS/10.0
ETag: "8084b584943ed81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 96955

GET
H/1.1 200
OK bg_728x90_1.jpg
cdn.flashtalking.com/142462/3451578/images/ Frame 0587 25 KB
26 KB 120ms
120ms Image
image/jpeg 2.21.140.103
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.flashtalking.com/142462/3451578/images/bg_728x90_1.jpg?1618592593801
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.21.140.103 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-140-103.deploy.static.akamaitechnologies.com
Software: Flashtalking (AKA) /
Resource Hash: eefe35026ee357b88523191da9cf1e9f889533bf16a6dbb748ba5e50ad0d9948

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://cdn.flashtalking.com/142462/3451578/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 27 Mar 2022 08:10:14 GMT
Last-Modified: Thu, 13 May 2021 15:41:37 GMT
Server: Flashtalking (AKA)
ETag: W/"8f7285177d5fff4ddf9f5e4aa625c15c"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
X-Varnish: 11595010
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
Cache-Control: max-age=1200
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 26036
Expires: Sun, 27 Mar 2022 08:30:14 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame ED6B 118 KB
40 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8681648890807385575/index.html?e=69&leftOffset=0&topOffset=0&c=y405QyUHrF&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8681648890807385575/index.html?e=69&leftOffset=0&topOffset=0&c=y405QyUHrF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 26 Mar 2022 08:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 83480
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:58:54 GMT

GET
H3 200 loading.gif
s0.2mdn.net/sadbundle/8681648890807385575/images/ Frame ED6B 4 KB
4 KB 46ms
45ms Image
image/gif 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8681648890807385575/images/loading.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8681648890807385575/index.html?e=69&leftOffset=0&topOffset=0&c=y405QyUHrF&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1960c94e1c5ee83bb9f6385667ce93dd64c2917b65a517daf5485de3fdee801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8681648890807385575/index.html?e=69&leftOffset=0&topOffset=0&c=y405QyUHrF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 19:54:40 GMT
x-content-type-options: nosniff
age: 216934
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4531
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 15:58:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 24 Mar 2023 19:54:40 GMT

GET
H3 200 noImage.png
s0.2mdn.net/sadbundle/8681648890807385575/images/ Frame ED6B 95 B
122 B 42ms
41ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8681648890807385575/images/noImage.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8681648890807385575/index.html?e=69&leftOffset=0&topOffset=0&c=y405QyUHrF&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8681648890807385575/index.html?e=69&leftOffset=0&topOffset=0&c=y405QyUHrF&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 15:18:36 GMT
x-content-type-options: nosniff
age: 147098
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 15:58:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Mar 2023 15:18:36 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame EF03 1 KB
1 KB 232ms
47ms Script
text/javascript 213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=205&ttfrms=21&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1648368614125661&jsCallback=dvCallback_1648368614125556&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2414&tgjsver=2414&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D250%26slotname%3D4383251613%26adk%3D555675689%26adf%3D2751418290%26pi%3Dt.ma~as.4383251613%26w%3D300%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkolobok.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1648368612088%26bpp%3D2%26bdt%3D107%26idt%3D117%26shv%3Dr20220323%26mjsv%3Dm202203210101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D3d07a9250a98805c-22724b7666cd00e2%253AT%253D1648368611%253ART%253D1648368611%253AS%253DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ%26correlator%3D7973018591820%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1969614288.1648368611%26ga_sid%3D1648368612%26ga_hid%3D1291338576%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D970%26ady%3D356%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1902019436%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C31065550%26oid%3D2%26pvsid%3D3894914922604689%26pem%3D632%26tmod%3D878340925%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.n4ei02e8mz28%26fsb%3D1%26dtd%3D122&fcifrms=31&brh=2&sdf=2&dvp_epl=213&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://kolobok.ua/&c1=1819931&prr=1&errorURL=https://tps.doubleverify.com/visit.jpg&ppid=103&auevent=ABAjH0g03n_TCDQOWvUQ1FtKzgNJ&aucmp=16571935564&aucrtv=413140130&auorder=27335844&ausite=266259341223&auxch=1&pltfrm=1&aufilter1=1819931&autt=1&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=31598194.207536403&dvp_tukv=56984192690.51999&dvp_uuid=95172613.26589403&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=1454167564278
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2414.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: d77e39da751ba4e0de4f6504306fd4c68f80671b96b611bf792d95b02e6c4db7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:09:18 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 03/26/2022 08:10:14

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC12
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMEKUVFfaZVdRxbDqwVXeKc&google_cver=1&google_push=AYg5qPJAWYtnm6PG95WyfZ4xklbsKwKimZXIziixcWJYL15KXcgEeoc3d4...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJAWYtnm6PG95WyfZ4xklbsKwKimZXIziixcWJYL15KXcgEeoc3d4hVcC---1mnIZUoRtI9LsxMG1ozOfUgc9rlGWy-0Vk&google_hm=vB84tbr0WfSe2...

170 B
188 B

52ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJAWYtnm6PG95WyfZ4xklbsKwKimZXIziixcWJYL15KXcgEeoc3d4hVcC---1mnIZUoRtI9LsxMG1ozOfUgc9rlGWy-0Vk&google_hm=vB84tbr0WfSe2ChtPa9Y1A

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJAWYtnm6PG95WyfZ4xklbsKwKimZXIziixcWJYL15KXcgEeoc3d4hVcC---1mnIZUoRtI9LsxMG1ozOfUgc9rlGWy-0Vk&google_hm=vB84tbr0WfSe2ChtPa9Y1A
pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC12
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPLHXeeVbgckMmZMcQEIm7BnInNxYb4W4Fba-eE4cTTocToMU_TVLv8Ksp4r564DfxyC1jRLgSik7I-8jdJ2tv0SD8a7vQ&google_gid=CAESECIrRmHwOQy3hdOrnGpg70E&googl...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCOa3gJIGEgUI6AcQAEIASm5nb29nbGVfcHVzaD1BWWc1cVBMSFhlZVZiZ2NrTW1aTWNRRUltN0JuSW5OeFliNFc0RmJhLWVFNGNUVG9jVG9NVV9UVkx2OEtzcDRyNTY0RGZ4eUMxalJMZ1NpazdJLThqZE...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcGJ1SmNzS2FucGNjYzRHLVhIdDgxRGxod2laQ3d3d2FzTDJzb21uakpWNA==&google_push

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcGJ1SmNzS2FucGNjYzRHLVhIdDgxRGxod2laQ3d3d2FzTDJzb21uakpWNA==&google_push

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 27 Mar 2022 08:10:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwcGJ1SmNzS2FucGNjYzRHLVhIdDgxRGxod2laQ3d3d2FzTDJzb21uakpWNA==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC12
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKDvSbJ...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjcwODEwMTQwMDA1MjY0NTk1MzExMA%3D%3D&google_push=AYg5qPKDvSbJAQh0S3kuSmwr-9F8-sLgrz5kXbz8JECbrzPBj9FRn_mtelMtAe-ovdoKHi...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjcwODEwMTQwMDA1MjY0NTk1MzExMA%3D%3D&google_push=AYg5qPKDvSbJAQh0S3kuSmwr-9F8-sLgrz5kXbz8JECbrzPBj9FRn_mtelMtAe-ovdoKHim31f3vt0QiDrHy4lUj4y2zA2WZfA

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjAzMjcwODEwMTQwMDA1MjY0NTk1MzExMA%3D%3D&google_push=AYg5qPKDvSbJAQh0S3kuSmwr-9F8-sLgrz5kXbz8JECbrzPBj9FRn_mtelMtAe-ovdoKHim31f3vt0QiDrHy4lUj4y2zA2WZfA
pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sun, 27 Mar 2022 08:10:14 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame FC12 43 B
324 B 108ms
41ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEHlw9CmVcVV1nh_MRPQcYFw&google_push=AYg5qPIa3fVrAgeBVC8wvu0xWUtGYqwoFavfqVE1YlXpaPaHtTP9X7efYeUc1O5WYom8Wrjo6-8rIYqL9EmZ1VXs8d6dZt2r8w&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame FC12 43 B
64 B 69ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEF9bE5RnMi9ENtfGgvJjINE&google_cver=1&google_push=AYg5qPKwuQm8lMSALsyomcRqkRSFfx0nq2CN_OeFCTP_zoTeCLQvg74AnwaTECHRUkP6hmGuf2oruod-VojA1ujfpGdZD7iCgRA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=250&slotname=4383251613&adk=555675689&adf=2751418290&pi=t.ma~as.4383251613&w=300&psa=0&format=300x250&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648368612088&bpp=2&bdt=107&idt=117&shv=r20220323&mjsv=m202203210101&ptt=9&saldr=aa&cookie=ID%3D3d07a9250a98805c-22724b7666cd00e2%3AT%3D1648368611%3ART%3D1648368611%3AS%3DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ&correlator=7973018591820&frm=23&ife=5&pv=1&ga_vid=1969614288.1648368611&ga_sid=1648368612&ga_hid=1291338576&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=356&biw=1600&bih=1200&isw=300&ish=250&ifk=1902019436&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065550&oid=2&pvsid=3894914922604689&pem=632&tmod=878340925&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.n4ei02e8mz28&fsb=1&dtd=122
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kemapakiqc77qfjj2ltkvqm4s11p8o72

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FC12
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOGTYGtT1Fxf61bdKEjv0VQ&google_cver=1&google_push=AYg5qPKtDxX9Jnoq12iGvQCaG3u7zm8q0CTFNeXqV5noUgyaoMwqQfvrtr3HU7rYlgsNu_-eGa0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyUzMtMi00RjdN&google_push=AYg5qPKtDxX9Jnoq12iGvQCaG3u7zm8q0CTFNeXqV5noUgyaoMwqQfvrtr3HU7rYlgsNu_-eGa0ZLNjAeynhb9JwrINL93m9_wc

170 B
188 B

53ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyUzMtMi00RjdN&google_push=AYg5qPKtDxX9Jnoq12iGvQCaG3u7zm8q0CTFNeXqV5noUgyaoMwqQfvrtr3HU7rYlgsNu_-eGa0ZLNjAeynhb9JwrINL93m9_wc

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyUzMtMi00RjdN&google_push=AYg5qPKtDxX9Jnoq12iGvQCaG3u7zm8q0CTFNeXqV5noUgyaoMwqQfvrtr3HU7rYlgsNu_-eGa0ZLNjAeynhb9JwrINL93m9_wc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame FC12
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESECEUp-gOw3iaZdLsONcc9wY&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_push=AYg5qPLt6DIEbFGAzaR8Q9K-qF3toTWqiDYY2DW5MzS38qavwacz3im_vrOz1yNEhUxfGKgHIyh2WbfHl7ibgmrpKM...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FC12 0
12 B 51ms
50ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JOlPwj6baC8x-8-D_YPL2GPJy6nYg3gxXfWfE0yTra9eaRfYBJ8M4iku5JP4eI1plZg8iH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 355D 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 09:34:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254146
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Mar 2023 09:34:28 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame CC7D 1 KB
749 B 45ms
43ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Sun, 27 Mar 2022 05:53:44 GMT
expires: Mon, 28 Mar 2022 05:53:44 GMT
cache-control: public, max-age=86400
age: 8190
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/17137914016371007003/ Frame DCDF 124 KB
30 KB 46ms
46ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14e3682452826a69718b0db8dd9ab40bdd34792151733fc2339a62f44d3254f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 30971
date: Tue, 22 Mar 2022 10:25:35 GMT
expires: Wed, 22 Mar 2023 10:25:35 GMT
cache-control: public, max-age=31536000
age: 423879
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 355D 0
24 B 89ms
88ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_JB2wFSyzffltSoUSGGyvIg_xbq0XXGW-nAkyBzggzqNsxP5U7fJMvEIJYo0E3p6ocGVxlfYXgKH3q4py3olSJ3me2vjStVp7ien0JTaw1Z41vdX1KQyzOdEbYSqTALm0nu_rtHOfA9Mn1eJOgcKWbt3cAkFTS_JtmEcLNSTZ1ZEGNQHxCSY2L9QjhqkCD81-6CNwprT8c3KzZMSeN4wJWlRvsEceS_i4pfhFIgNIiwe7NqsX23Fa46Qz2e7rrxwFAAJn5S8uBKpVD1r6V2M7ZWzpIrU1XMod_pquSHAQ7avum31jRGehJoPlZYQmnjCus1qRlW6hEYCMB91OCdRqpzQJMQtziHeT-FFipfovRZEkjZ1cdP0vDAF_1IaHjWm0mrOcD3bH75fmvul0RUjNYQwTM1bsmD0XhWBf7lMob-1buSjRBr1Fy5f93-WAddkSwZIHS5Lijk9iExO42MPJbi08xNFz-VzxCe960Y5wKQSjHQX1BuseNbWowEyer2itC9X2yFS3XQL-fhrX2yqRGY-2xzF0qFU9JRWLmvw12gfzVM0hdd-VilsfYCHOZixrr-Dbmv9bf2sekO5VSAYft7HT29BcVzjEvO0HWoPRMwIJwPpRFmv6ozLNR-O9mnit_XdzjvyObj6Ss-aoEi89UHhM2LiWkFGa3R3yT-O82UdGOIbe036J_Pen7KG_N5z-dMtebV_lfXlgJS2u1OJodFAo_CwTJMkMDTE74F3kw1I9eqPVzK1DluAjQs4sEHKz8ycZnxnER0F5d_uKl_z61A4WigxHtl7ODhHgphIPMWHdHsbHjXQMd0-bY_c5gHQr776Y4RozMcjTZPUa4Q5ZLq0ffXQICO8TtT3Kz6olqNO7JV-nLiQDKh236mAe-abtr4kMtdkE1RxEWTUEOENiUVeSIDhjHlM-FWgdzyT-dMFmJxYc_B_gfVcVfGeAMKhvW1WrHqJN9ok8Lj1dyw1RUpwtNdXMtbZrcvI7ij1QDXxbEH5nK52C6jIquIxSYgUdezJMNcyHl5llREu3ajqZxqfWeuTfgoZAA-Ev0jURkEhVr35ufXA-5dDjEQp8i4JZbGn-Ju6LDFDKVvMDN5emaz-cNGWE0J0sTBWTfLVYdOkXMODf111Mi9o0g7U8EQ&sai=AMfl-YTydWvkZoji7w3ysoZtBMb0cp7HVpHKI4WrTc74TWEVTfXNVVUFaYiwRcPZr9wC_pc9O60CSKXZaXk6x24xOGYjk8cfT7ipNmo1KLCgRR8vIC8Zorv_k8wxVzxEnWq2h5xVowSwOTSeMLxaozqfjzENEvYgCGTABmV_DhX3xMJZvMPkwJof2NCaGQ-MZPr90P8v3bQUUt3KSfwm2EwGOw&sig=Cg0ArKJSzBZs_TjqKE3aEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&cbvp=1&cstd=157&cisv=r20220323.04805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sun, 27 Mar 2022 08:10:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DCB 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDcOM5RtAYq2tBuSOjuwP14WqoAUAAAAAOAHgBAI&bg=!XV6lXhrNAAbzJazn0yU7ACkAdvg8WvebROE3JWyDl8ivfu_zIJdwPlxvlINMpzZMqdvjtTdvSS6XuQIAAAHEUgAAAAJoAQeZAy1oOOhAAw259WsnXtVyDWeWb5k0GKjPfg8TkkIBO9ZgaIzI32IgoZci0Qp5L4Hnmf_VEczCsWz459dPCC7B50Mv_JSoactgFznPYr-rXamPQ9_xvXCkbVOpJVBZBdak0jLj3QmBs6lwnsCqQJxbswSNHPv5OSSAyIhST488xrnyxSSx1ha_lTU2PHunCCx9SZggecmZwXmNOc7xwqrgy9kMUh0rbFxM3kvlIDYvnw73KVkgA1EvvHOw5TO0OV8e7sZC8AoS_2mZ-pJQi4hQgooS_2x427D_MjlRtU-CM_Hg5_vl1UUjcv8u2fQ7eFuWl3ULF4asX6MEeoVKjvDTexn9nC_yfGS5allmjoCEMt5QCBj7fvvxNmy7vB_-WpBEdBxTwuud2R9t2TC991Zoi6ocwooiLzBRNW1GBmhbw1X9E7CZnWO0bjQ8RtNdiujgdA92HN6pBACiGd9JwRRo6AsqS0ghVEdIfpzm8sKchMiotmPwjUml-AzAS2InxmnVlauPyA_2ubcsOxrSuhiKRi2WLLZTpMVMcHvAX85U23hOZn62bA48AzCn_kPBzme_IopxiDpcyG7ypDWLLYK4AhRdMPRm0oHzH0fs74hYVPg81lE1kbioPH5fQEU8avrfrJj91m19cs5wadJAfqEQ5wNAsoQFA_nVO8RVaBdWMezUFkoI7fE5CO1PL6LnEopRF9Pd-i9r2OY5SxbfpDIJN4osGdXJgKgPVE2sOP-gtD8UOq_aNEd_agBBN7X7Xx_6-_G6Tom1bCb66w1zWyy4RbdtV9gIgnRpZRWvZaxIkavb5Ze-w3_vWKCpoAOAbzcazp___b1c5Vf_c0EwN7_iV3h2204d67I5tdkRDipY0bLX1gu5ho8r1TnP3KZQM91euoSz6OvR7N4Go0cFsnbsUtmS53iJxBpHw9Dujp0VYCFZvtgga9rABVFEISUDS7WyP-9Qp3rFsnrhitJa2_yrrOU6IO3-SX2szwmNh_UZFV9gmZsyJNA4dMb2cHvHJ74c4sKFrS8nFCXt3ynIUigJoi4g5TUqelr42-JdqedM117OuMDoy00dLLoxNjHqTE4

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 47C9 1 KB
1 KB 132ms
48ms Script
text/javascript 213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=219&ttfrms=6&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau%3C%40%3D%403%40%3C%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=1&aUrlD=0&ssl=https:&uid=1648368614266293&jsCallback=dvCallback_1648368614266729&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2414&tgjsver=2414&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-3755662197386269%26output%3Dhtml%26h%3D250%26slotname%3D4383251613%26adk%3D555675689%26adf%3D2751418290%26pi%3Dt.ma~as.4383251613%26w%3D300%26psa%3D0%26format%3D300x250%26url%3Dhttps%253A%252F%252Fkolobok.ua%252F%26ea%3D0%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1648368612088%26bpp%3D2%26bdt%3D107%26idt%3D117%26shv%3Dr20220323%26mjsv%3Dm202203210101%26ptt%3D9%26saldr%3Daa%26cookie%3DID%253D3d07a9250a98805c-22724b7666cd00e2%253AT%253D1648368611%253ART%253D1648368611%253AS%253DALNI_MY7dQi4d_0Xk_rTNI9rTM2cYUbWTQ%26correlator%3D7973018591820%26frm%3D23%26ife%3D5%26pv%3D1%26ga_vid%3D1969614288.1648368611%26ga_sid%3D1648368612%26ga_hid%3D1291338576%26ga_fc%3D1%26nhd%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D970%26ady%3D356%26biw%3D1600%26bih%3D1200%26isw%3D300%26ish%3D250%26ifk%3D1902019436%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C31065550%26oid%3D2%26pvsid%3D3894914922604689%26pem%3D632%26tmod%3D878340925%26uas%3D0%26nvt%3D1%26eae%3D2%26fc%3D896%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C300%252C250%26vis%3D1%26rsz%3D%257C%257CE%257C%26abl%3DCS%26pfx%3D0%26fu%3D4%26bc%3D31%26ifi%3D1%26uci%3D1.n4ei02e8mz28%26fsb%3D1%26dtd%3D122&fcifrms=31&brh=2&sdf=2&dvp_epl=213&noc=4&ctx=24745814&cmp=27428741&sid=4007930&plc=331181895&crt=168004634&btreg=523092290&btadsrv=doubleclick&adsrv=1&advid=4405895&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=1&dvp_seem=2&dvp_tuk=1&dvp_tcnt=2&dvp_sukv=31598194.207536403&dvp_tukv=145196011.70096445&dvp_uuid=1737022689.7981045&dvp_strhd=0.20000076293945312&dvpx_strhd=0.20000076293945312&dvp_tuid=1380540265194
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2414.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 84c176de4a8f16aabac7e5cfe7d2f5d4c719a42059c4727395507b3120aef450

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 27 Mar 2022 08:10:11 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 03/26/2022 08:10:14

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 70F5 22 KB
8 KB 43ms
42ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Mar 2022 09:34:28 GMT
expires: Fri, 24 Mar 2023 09:34:28 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 254146
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6308 0
23 B 78ms
78ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssyy6hY4PktbeQ0U1mkQ29C0dydcv96l3U8P3Uw55fsk6VgNIwi1RA6CY0q6UgHbYTuEJMeY2HeU5Cb6YaoEy6e-oTRy2mZCHUeKPFy70ZLSOH4djhBrrtc93Cf9Q3O6NVqkjEPFMqYt1HAVt6D&sai=AMfl-YTp-1XIJEQuCojzuo4oOci4tnsHWed9u5ANf3vhRJjoLtM3dRpzl28Z0e3aWsIx61Mr0t5w95TL_mTW_ii8MhE2RA2JuMlfM7d7wMxBwn7KVVetXxhTrnkMrWo&sig=Cg0ArKJSzJIJbeBS3XT7EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=603&vt=11&dtpt=325&dett=3&cstd=272&cisv=r20220323.07947&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 gsap_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DCDF 63 KB
25 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25329
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:10:14 GMT

GET
H3 200 customease_3.9.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame DCDF 7 KB
4 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/customease_3.9.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03f848430009dfc2116b88af857bb44ef073aca257eb71ff8575e8f0f1fc0f3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Wed, 29 Dec 2021 19:08:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 27 Mar 2022 08:10:14 GMT

GET
H3 200 pic1.jpg
s0.2mdn.net/sadbundle/17137914016371007003/ Frame DCDF 14 KB
14 KB 42ms
42ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/pic1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bbab8cef0b67d2668fd193f79ea7dbf44c7a11d1e9f2b3328c8ab9d188e89e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:35 GMT
x-content-type-options: nosniff
age: 423879
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14547
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:35 GMT

GET
H3 200 dialog_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame DCDF 2 KB
2 KB 44ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/dialog_shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cffb4befbeb3e1d3cc390c2811565db360f23653f08849c72d0df12d0e346b17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 25 Mar 2022 01:27:58 GMT
x-content-type-options: nosniff
age: 196936
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1895
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Mar 2023 01:27:58 GMT

GET
H3 200 cursor_shadow.png
s0.2mdn.net/sadbundle/17137914016371007003/ Frame DCDF 3 KB
3 KB 44ms
44ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/17137914016371007003/cursor_shadow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

479ab423a43aecf5d5e8a5b1de4235c848f17e321c38663f21f18cc8cfe23fa4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/17137914016371007003/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:25:57 GMT
x-content-type-options: nosniff
age: 423857
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2678
x-xss-protection: 0
last-modified: Thu, 10 Mar 2022 16:36:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 22 Mar 2023 10:25:57 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC7D
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHCbE5b4mvxr1oiQsGBozyw&google_cver=1&google_push=AYg5qPI-_bSJDkv9pw4PYMTj9iVwBaVtSSCyWwBGAZaE0cR8yvyX8Vb4K-...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI-_bSJDkv9pw4PYMTj9iVwBaVtSSCyWwBGAZaE0cR8yvyX8Vb4K-Rv3IIG2OjXTres4tKyp4KXdFP08CS9TVQS5hwXWg&google_hm=vB84tbr0WfSe2C...

170 B
188 B

55ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI-_bSJDkv9pw4PYMTj9iVwBaVtSSCyWwBGAZaE0cR8yvyX8Vb4K-Rv3IIG2OjXTres4tKyp4KXdFP08CS9TVQS5hwXWg&google_hm=vB84tbr0WfSe2ChtPa9Y1A

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPI-_bSJDkv9pw4PYMTj9iVwBaVtSSCyWwBGAZaE0cR8yvyX8Vb4K-Rv3IIG2OjXTres4tKyp4KXdFP08CS9TVQS5hwXWg&google_hm=vB84tbr0WfSe2ChtPa9Y1A
pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame CC7D 43 B
64 B 39ms
37ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAofZPGZ5Vf2M5cayWdp08k&google_cver=1&google_push=AYg5qPLOntYxC_mz4htuOt9ECcQsdqmtUbK9DrOT0jAo5CDW7wonQkFcMB0aVcYnxujqGSLhYPZGW4iFZgbFp-6ltbGY2WAruOo
Requested by: Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:13 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: t7d3ooldbbiqgdogfj0t7ko943vj1b73

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC7D
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DiPr8jyCRfG6q9RNkossMg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

54ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DiPr8jyCRfG6q9RNkossMg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ2pO1XbdPT_Z7CYSS5uEYwU3hGopEEzYKKDWjv2Rd5RdVEUbIr92GnXl3yZPuCypmb1AguzlpZUHrSdj4IJ8SHNsfOxg

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=DiPr8jyCRfG6q9RNkossMg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ2pO1XbdPT_Z7CYSS5uEYwU3hGopEEzYKKDWjv2Rd5RdVEUbIr92GnXl3yZPuCypmb1AguzlpZUHrSdj4IJ8SHNsfOxg
date: Sun, 27 Mar 2022 08:10:14 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC7D
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHbfR3RTDggLJ8GyzN7Tptk&google_cver=1&google_push=AYg5qPJmnWx_SR9f78l4IZvceDctcRoiG4ch39X239S70qeEGIxCvJAkAsTnYX00Dpd6OU5AkZl...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyWFktMUotSUk1Tw==&google_push=AYg5qPJmnWx_SR9f78l4IZvceDctcRoiG4ch39X239S70qeEGIxCvJAkAsTnYX00Dpd6OU5AkZlNcuJ2jqbaVDhVyUElHBmXELk

170 B
188 B

55ms
55ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyWFktMUotSUk1Tw==&google_push=AYg5qPJmnWx_SR9f78l4IZvceDctcRoiG4ch39X239S70qeEGIxCvJAkAsTnYX00Dpd6OU5AkZlNcuJ2jqbaVDhVyUElHBmXELk

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDE5MDQyWFktMUotSUk1Tw==&google_push=AYg5qPJmnWx_SR9f78l4IZvceDctcRoiG4ch39X239S70qeEGIxCvJAkAsTnYX00Dpd6OU5AkZlNcuJ2jqbaVDhVyUElHBmXELk
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame CC7D
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEDB-2qaZPCMkMUMjYcqJYhE&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YkAb5eUgGbJu2pwUtXIAggAAASYAAAAB&google_cver=1&google_push=AYg5qPKJgIbVwuMsNpZVVS6EFS42zD76TXSrhCIU9yXLKW04drJDxTv6yuPKTLfpslE0v1-N2SZ5...

0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC7D
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMqR_0pI3q4-YgiWZej-s3o&google_cver=1&google_push=AYg5qPLPb0xiK8a1O8456D0C7AWWH69mluF68ddVY3holt5BC_pZAiCGkH4kGVO8eq3a6sGYfbH1FoGDAcC3TCfyF15ZAh7...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLPb0xiK8a1O8456D0C7AWWH69mluF68ddVY3holt5BC_pZAiCGkH4kGVO8eq3a6sGYfbH1FoGDAcC3TCfyF15ZAh73CMA&google_hm=pqJFuM3ZR6OMpM4HC...

170 B
188 B

54ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLPb0xiK8a1O8456D0C7AWWH69mluF68ddVY3holt5BC_pZAiCGkH4kGVO8eq3a6sGYfbH1FoGDAcC3TCfyF15ZAh73CMA&google_hm=pqJFuM3ZR6OMpM4HCz9TDA

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=AYg5qPLPb0xiK8a1O8456D0C7AWWH69mluF68ddVY3holt5BC_pZAiCGkH4kGVO8eq3a6sGYfbH1FoGDAcC3TCfyF15ZAh73CMA&google_hm=pqJFuM3ZR6OMpM4HCz9TDA
pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CC7D
Redirect Chain

https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAc2-7Td-CwnmgdNBfwrImA&google_cver=1&google_push=AYg5qPL1i3S8CKZ6-SA6S4BX...
https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPL1i3S8CKZ6-SA6S4BXAoh_sb62E1vxSd3Z2pBuBJrR157mg-U-w1UeRDMvgxF78X3sC2cRcp43q--aCfIMy1MGXlJB9fYh&google_hm=hinkdowjwmyhodcdf...

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPL1i3S8CKZ6-SA6S4BXAoh_sb62E1vxSd3Z2pBuBJrR157mg-U-w1UeRDMvgxF78X3sC2cRcp43q--aCfIMy1MGXlJB9fYh&google_hm=hinkdowjwmyhodcdfgkogbgrpqkj

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: https://cm.g.doubleclick.net/pixel?google_nid=gemius_adh&google_push=AYg5qPL1i3S8CKZ6-SA6S4BXAoh_sb62E1vxSd3Z2pBuBJrR157mg-U-w1UeRDMvgxF78X3sC2cRcp43q--aCfIMy1MGXlJB9fYh&google_hm=hinkdowjwmyhodcdfgkogbgrpqkj
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 26 Mar 2022 08:10:14 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame CC7D 0
12 B 50ms
49ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KQtpu0QWF9Jk5crPeSjF_jOJp_7PkMVj-PGfn3lvVLObNvTMc7VlKoLWN4gA8oj742lVTWtA

Requested by

Host: 5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com
URL: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 27 Mar 2022 08:10:14 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B17 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bl1ha5RtAYreAB4GC3gOEhL_QAQAAAAA4AeAEAg&bg=!GxilGFzNAAbzJazn0yU7ACkAdvg8Wp3-rv-4huqC2vJCayfvxongFPHmZ5ioAbZYl3YmvFC3u0Ic9QIAAAGlUgAAAAFoAQeZAxib3LnqxeEYVRYbyZXQgEEgjvHnea4F7xIVb0tTur6X4Q8BA13O4hfCp_WHFQHpei1EdAxBtmRFgxUKiSFxVzcjYST6z62W2NcIOL2yJQpw7KpmPuT45TBJh8n3aySXaJaXFtmMMoj5Yhk3xZfKqsQhAfTgM6Vw3c_3dEXRDhfMfETC29lwlPaIAGj_eZgYTMw6TEIwNp53FYBS5b-iStpwYZQSuw2M1Vp69KxNjAP_iWvU-R-IdbF8XWAcWe-bpNmNVrLUyV-kFCzlIed04bCmuR-ADx2IuEK9C3uvgiMhBdj-QlSo-_7556KuI7TKlg_mU52ECGmMG7tR0Jc_rdN-f1AsD_6kIg30SloaE_5lZTcSn_YW4IE5u2WERWro2_MxJ7WfqokesXnPrv8YKqAAEZrbust27H1DSZ2GB0pF8Kcl568J_xsgNrFBRQd1J2ESFRTRFRplkd9GzhbBC8Hoo5RPTpg0z7D49zCti-oYm-YjMeMcca56s24WS1fyrimVwHJ59L7te-pCxtbbMT0nAwtIvVF2PDWY9VZcmk4GQ7QSPkHgTyX8j9mBSOhv9Dyfg_m5hI_RlmdRPrQhBx3bSOU5PTyn4JsEueitn95T7OCFsS2YRqAPj7Q--DiK2zVr2Kw2i1EgQ8kJDRM_XEXH5kkqfdutfBzjKXO1P3tGB6b5Gkl1RfMD5vy6a9zpKz9Dr96MA17l8yw1Eur2iA1yCjeDUxCsbgfZcWmKXjVcpH9Si07thXFK0nzXjhwRwIql7kE7k7IJi-bi3Em5XdwmVPlpb0xsdIianzjZkFormYK_nXTOQJ_9o7BXBiZfpLDCv_9m9sGcKbtidrNlIsHqEvBtUN39yVyI0uKl0DNkvr2D9NCfB-fQqyX9U8f27aG24x6hkkEudMYmRR-xW20l4GFhcmWDv9vbrWLNuu6krmvPtKppbCCY1cHR8sp1q9Pl4r5VV-hyR63I2WviDVOJ6ssvf0Rt8TnWF0KnJyaK1p0SB7XeAzPbOQj29zZY4o5dr2OnMeelybh9S-qTqWxDKyiYqnbLE3c

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C92 42 B
64 B 80ms
79ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfBEiqFhv48IEFUFn_bbJSILhpsAZNzjP9QigHfduBBKdte6BnubLXB3p55fDPkeUSdJTam1zpOBX_SHo-SkbpC5j1MBg0xKY7YbvDz5UkbWVTQnwAKQ&sai=AMfl-YR8AqSewGuiYXX-hYqxz6orEzCvZGhVqyhTB1KJKuoNG41kTYL0vM2qoZcNh1QQoiekpAXMFFJO6kOSlz8GNSq60MhGUUvg4Mi66mdw7DqyRzYEwKaR0JH1N9g&sig=Cg0ArKJSzEbL9S87qNZQEAE&cid=CAASJORopfwWyx5g9N-pBRxtP1s307GsA9H13nVKzwOY9vXhfY8rkQ&id=lidar2&mcvt=1007&p=1110,436,1200,1164&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2882017350&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1648368612989&rpt=347&isd=0&lsd=0&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://5c550cd99be098039d1ec14bec79f293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame ED6B 7 KB
6 KB 53ms
53ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff0e78150c3911f55cd593bb50df7a59e6c22baa2013954503305fc8b1e383b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 27 Mar 2022 08:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5716
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 89F3 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B85vI5RtAYt7dBpit3gOmz4UoAAAAADgB4AQC&bg=!ycqlyo7NAAbzJazn0yU7ACkAdvg8WsNHdlOBT2Fw_UHuLgQX660BHESERLZxSBtACy-P2pMzoNcHdwIAAAF2UgAAAAFoAQeZAyfU2wIhVCUZWaR8PYC64Pzzipo4iLH965ncdIBfX-6XloF6FlK2IMQJ3dBszGOdnlEAYNl45w1HUi5VMh9Ost-tpbTwb-dbYtJJHTRJTfl8FGLWjCboJ1ycEU1EbdUB1mprhDHeUpwVU9jevcL0AvN0FunzGxH6cnzmx6HRFCGLDMkeAyIV_-Ln-GeKNn3p7o-LkeQb9562Em6yuUQbigF78-4vP80JYxOJQTb7eAnHmhosmA-LjZI91MV-ClYc7xIeZGLfXIx6Oxljgt5w4uMPsyq3vo6_68X1z2t3x1lQqTimg8eRBmU0qXuwyE9heNTmYVhjK4ETTZZDnllufA0RyKcAuskvAInkb4432x0zy_pok-rR7PLwIc3iLnmxw9Tt6TV5U8FX9ER-KKLvtlzaDKICOjQ9etV5xeGotPJGSRi-w5eGujHt3r4TYRGmSSCF6QbHC8xkqYa7fqE_XaZw-i1T8ghiHhZRYhZWwOP2gE76y4JS9vLnFR9rvS1EyIrwRDZeTMbOgW5xr4FVSFWa79HZ7SuazeNxrAvcYDl6TqN27g08sYuFDlnUDlTyTwNqOwS3qhgS8tbYLlzYL7Lwdaq0BhcIH8ta-g5vdCcSg1c7jAUGBd-VJg_c4uy6DDX5EqwHx4MhnZyB1TVDOg4Div4wIT16rCETeOuAyf99P76AvriJBMmcyp-mBnGIjCA29Ai5tOYnK3VM6adb3Fxt5Ngud3N5skCxFeQw-zQ699_avncoyXypeKPaqu9gAsExsbYzp6pMl917nd6b2OSeOaa13wVA0vNqbwOWs9dVu-_1gnoGh_x1kjV7MxcDAWQTFhQXjyA5eDlPbpP3LzxQqlHqtobM9jCpMrEc93mr4WrAdlxyzDKtyVxWnZWLa5xrzLsT3FGz9FUyMhX8o3vq_43srQZlZ2k-lg4TavGeARhuouzxzq08YocaXn4P98GvtjKba-r2_Yuuz1J4WYPMWotxQC-jc77_riLT32U0FQIbhvHyEhlVcxuNKHwH41HgvUoqST9ZxPSY402iv5ipR1vdAata3AX65oHUfV3pL99_AYREIZo

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 27 Mar 2022 08:10:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 355D 0
23 B 79ms
79ms Ping
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_JB2wFSyzffltSoUSGGyvIg_xbq0XXGW-nAkyBzggzqNsxP5U7fJMvEIJYo0E3p6ocGVxlfYXgKH3q4py3olSJ3me2vjStVp7ien0JTaw1Z41vdX1KQyzOdEbYSqTALm0nu_rtHOfA9Mn1eJOgcKWbt3cAkFTS_JtmEcLNSTZ1ZEGNQHxCSY2L9QjhqkCD81-6CNwprT8c3KzZMSeN4wJWlRvsEceS_i4pfhFIgNIiwe7NqsX23Fa46Qz2e7rrxwFAAJn5S8uBKpVD1r6V2M7ZWzpIrU1XMod_pquSHAQ7avum31jRGehJoPlZYQmnjCus1qRlW6hEYCMB91OCdRqpzQJMQtziHeT-FFipfovRZEkjZ1cdP0vDAF_1IaHjWm0mrOcD3bH75fmvul0RUjNYQwTM1bsmD0XhWBf7lMob-1buSjRBr1Fy5f93-WAddkSwZIHS5Lijk9iExO42MPJbi08xNFz-VzxCe960Y5wKQSjHQX1BuseNbWowEyer2itC9X2yFS3XQL-fhrX2yqRGY-2xzF0qFU9JRWLmvw12gfzVM0hdd-VilsfYCHOZixrr-Dbmv9bf2sekO5VSAYft7HT29BcVzjEvO0HWoPRMwIJwPpRFmv6ozLNR-O9mnit_XdzjvyObj6Ss-aoEi89UHhM2LiWkFGa3R3yT-O82UdGOIbe036J_Pen7KG_N5z-dMtebV_lfXlgJS2u1OJodFAo_CwTJMkMDTE74F3kw1I9eqPVzK1DluAjQs4sEHKz8ycZnxnER0F5d_uKl_z61A4WigxHtl7ODhHgphIPMWHdHsbHjXQMd0-bY_c5gHQr776Y4RozMcjTZPUa4Q5ZLq0ffXQICO8TtT3Kz6olqNO7JV-nLiQDKh236mAe-abtr4kMtdkE1RxEWTUEOENiUVeSIDhjHlM-FWgdzyT-dMFmJxYc_B_gfVcVfGeAMKhvW1WrHqJN9ok8Lj1dyw1RUpwtNdXMtbZrcvI7ij1QDXxbEH5nK52C6jIquIxSYgUdezJMNcyHl5llREu3ajqZxqfWeuTfgoZAA-Ev0jURkEhVr35ufXA-5dDjEQp8i4JZbGn-Ju6LDFDKVvMDN5emaz-cNGWE0J0sTBWTfLVYdOkXMODf111Mi9o0g7U8EQ&sai=AMfl-YTydWvkZoji7w3ysoZtBMb0cp7HVpHKI4WrTc74TWEVTfXNVVUFaYiwRcPZr9wC_pc9O60CSKXZaXk6x24xOGYjk8cfT7ipNmo1KLCgRR8vIC8Zorv_k8wxVzxEnWq2h5xVowSwOTSeMLxaozqfjzENEvYgCGTABmV_DhX3xMJZvMPkwJof2NCaGQ-MZPr90P8v3bQUUt3KSfwm2EwGOw&sig=Cg0ArKJSzBZs_TjqKE3aEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=396&vt=11&dtpt=238&dett=3&cstd=157&cisv=r20220323.04805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS