way2self.in.ua Open in urlscan Pro
2a03:f480:1:26::70 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://way2self.in.ua/
Submission: On March 15 via api (March 15th 2022, 7:56:54 am UTC) from GB — Scanned from GB

Summary HTTP 249 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 43 IPs in 11 countries across 35 domains to perform 249 HTTP transactions. The main IP is 2a03:f480:1:26::70, located in Estonia and belongs to PAGM-AS, EE. The main domain is way2self.in.ua.

This is the only time way2self.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
20	2a03:f480:1:2... 2a03:f480:1:26::70	198068 (PAGM-AS) (PAGM-AS)
7	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4 9	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
7	62.76.25.27 62.76.25.27	61400 (NETRACK-AS) (NETRACK-AS)
12 24	142.132.202.70 142.132.202.70	24940 (HETZNER-AS) (HETZNER-AS)
1	92.223.84.84 92.223.84.84	199524 (GCORE) (GCORE)
1	185.233.39.242 185.233.39.242	200000 (UKRAINE-AS) (UKRAINE-AS)
1 1	2606:4700:303... 2606:4700:3035::6815:3460	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:303... 2606:4700:3030::ac43:c5d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	116.202.113.101 116.202.113.101	24940 (HETZNER-AS) (HETZNER-AS)
1	178.172.137.201 178.172.137.201	12406 (BN-AS Bel...) (BN-AS Belarussian data communication service provider.)
1	2606:4700:303... 2606:4700:3033::ac43:9890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	62.109.27.135 62.109.27.135	29182 (THEFIRST-AS) (THEFIRST-AS)
1	95.216.99.229 95.216.99.229	24940 (HETZNER-AS) (HETZNER-AS)
1	81.90.181.184 81.90.181.184	50340 (SELECTEL-MSK) (SELECTEL-MSK)
1	185.68.16.18 185.68.16.18	200000 (UKRAINE-AS) (UKRAINE-AS)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	79.171.117.17 79.171.117.17	64494 (VARITI-AS) (VARITI-AS)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	109.248.237.51 109.248.237.51	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
27	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 3	193.176.1.9 193.176.1.9	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
40	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
22	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	80.239.201.77 80.239.201.77	1299 (TWELVE99 ...) (TWELVE99 Arelion)
4	109.248.237.37 109.248.237.37	201009 (SUPPORTIT-AS) (SUPPORTIT-AS)
1	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
249	43

20 2a03:f480:1:26::70 (Estonia)

ASN198068 (PAGM-AS, EE)

way2self.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.way2self.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 62.76.25.27 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

pxxifc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 142.132.202.70 (Germany) 12 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.70.202.132.142.clients.your-server.de

share.itraffic.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.223.84.84 (Luxembourg)

ASN199524 (GCORE, LU)

img-cdn.tinkoffjournal.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.233.39.242 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: vps-37976.vps-default-host.net

bituk.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:3460 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

podosinki.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3030::ac43:c5d9 (United States)

ASN13335 (CLOUDFLARENET, US)

www.podosinki.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.113.101 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.101.113.202.116.clients.your-server.de

coincryptobase.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.172.137.201 (Belarus)

ASN12406 (BN-AS Belarussian data communication service provider., BY)
PTR: 178-172-137-201.hosterby.com

sundays.by	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::ac43:9890 (United States)

ASN13335 (CLOUDFLARENET, US)

buki-repetitor.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.27.135 (Russian Federation)

ASN29182 (THEFIRST-AS, RU)
PTR: anndielm.fvds.ru

kliningovyj-raj.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.216.99.229 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.229.99.216.95.clients.your-server.de

fainaidea.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.90.181.184 (Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
PTR: host-11f4a573.hostiman.com

tekhnotop.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.68.16.18 (Ukraine)

ASN200000 (UKRAINE-AS, UA)
PTR: web676.default-host.net

shop.aton.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

informer.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.171.117.17 (Russian Federation)

ASN64494 (VARITI-AS, RU)

leokross.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 109.248.237.51 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

s.luxadv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.176.1.9 (Düsseldorf, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: ip.stat.zevshost.net

100widgets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.77 (Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-77.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 109.248.237.37 (Moscow, Russian Federation)

ASN201009 (SUPPORTIT-AS, RU)

luxadv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gmp.luxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.211.66.35 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

adlmerge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.74.194 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	619 KB
50	criteo.net static.criteo.net — Cisco Umbrella Rank: 600 csm.eu.criteo.net — Cisco Umbrella Rank: 7422 pix.eu.criteo.net — Cisco Umbrella Rank: 7328	727 KB
27	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176	224 KB
24	itraffic.su 12 redirects share.itraffic.su	11 KB
20	way2self.in.ua way2self.in.ua www.way2self.in.ua	576 KB
12	google.com 4 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 57	2 KB
11	gstatic.com www.gstatic.com fonts.gstatic.com	359 KB
9	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11348 ads.eu.criteo.com — Cisco Umbrella Rank: 7435 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12341 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9702	110 KB
8	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	285 KB
7	yandex.ru 3 redirects informer.yandex.ru — Cisco Umbrella Rank: 54951 mc.yandex.ru — Cisco Umbrella Rank: 2926	5 KB
7	pxxifc.com pxxifc.com	120 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	6 KB
4	luxadv.com s.luxadv.com — Cisco Umbrella Rank: 820599 luxadv.com — Cisco Umbrella Rank: 799015	35 KB
3	100widgets.com 1 redirects 100widgets.com — Cisco Umbrella Rank: 199810	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 8832	1 KB
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 19319	714 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	83 KB
2	podosinki.su 1 redirects podosinki.su www.podosinki.su	39 KB
1	luxcdn.com gmp.luxcdn.com — Cisco Umbrella Rank: 764690
1	adlmerge.com adlmerge.com — Cisco Umbrella Rank: 161831	411 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 403	58 KB
1	leokross.com leokross.com — Cisco Umbrella Rank: 394444
1	aton.ua shop.aton.ua	83 KB
1	tekhnotop.ru tekhnotop.ru	30 KB
1	fainaidea.com fainaidea.com	39 KB
1	kliningovyj-raj.ru kliningovyj-raj.ru	64 KB
1	buki-repetitor.ru buki-repetitor.ru	58 KB
1	sundays.by sundays.by	71 KB
1	coincryptobase.com coincryptobase.com	24 KB
1	bituk.media bituk.media	82 KB
1	tinkoffjournal.ru img-cdn.tinkoffjournal.ru — Cisco Umbrella Rank: 616131	134 KB
0	recreativ.ru Failed track.recreativ.ru Failed
249	35

	Domain	Requested by
40	tpc.googlesyndication.com	googleads.g.doubleclick.net way2self.in.ua tpc.googlesyndication.com pagead2.googlesyndication.com
25	googleads.g.doubleclick.net	pagead2.googlesyndication.com way2self.in.ua googleads.g.doubleclick.net
24	share.itraffic.su	12 redirects way2self.in.ua
23	pix.eu.criteo.net	ads.eu.criteo.com
22	static.criteo.net	ads.eu.criteo.com
19	way2self.in.ua	way2self.in.ua
16	pagead2.googlesyndication.com	way2self.in.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	fonts.gstatic.com	fonts.googleapis.com
9	www.google.com	4 redirects way2self.in.ua googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.googletagservices.com	googleads.g.doubleclick.net
7	pxxifc.com	way2self.in.ua pxxifc.com
7	fonts.googleapis.com	way2self.in.ua googleads.g.doubleclick.net cdnjs.cloudflare.com tpc.googlesyndication.com
6	mc.yandex.ru	3 redirects way2self.in.ua
5	csm.eu.criteo.net	ads.eu.criteo.com
3	luxadv.com	s.luxadv.com
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	googleads.g.doubleclick.net
3	100widgets.com	1 redirects way2self.in.ua 100widgets.com
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	cm.g.doubleclick.net	2 redirects
2	mc.webvisor.org	1 redirects way2self.in.ua
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	rtb.fr.eu.criteo.com	way2self.in.ua googleads.g.doubleclick.net
2	www.google-analytics.com	way2self.in.ua www.google-analytics.com
2	connect.facebook.net	way2self.in.ua connect.facebook.net
2	www.gstatic.com	www.google.com googleads.g.doubleclick.net
1	gmp.luxcdn.com	way2self.in.ua
1	adlmerge.com	s.luxadv.com
1	rtb.nl.eu.criteo.com	way2self.in.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.luxadv.com	way2self.in.ua
1	cdn.jsdelivr.net	way2self.in.ua
1	leokross.com	way2self.in.ua
1	informer.yandex.ru	way2self.in.ua
1	www.way2self.in.ua	way2self.in.ua
1	shop.aton.ua	way2self.in.ua
1	tekhnotop.ru	way2self.in.ua
1	fainaidea.com	way2self.in.ua
1	kliningovyj-raj.ru	way2self.in.ua
1	buki-repetitor.ru	way2self.in.ua
1	sundays.by	way2self.in.ua
1	coincryptobase.com	way2self.in.ua
1	www.podosinki.su	way2self.in.ua
1	podosinki.su	1 redirects
1	bituk.media	way2self.in.ua
1	img-cdn.tinkoffjournal.ru	way2self.in.ua
0	track.recreativ.ru Failed	way2self.in.ua
249	48

This site contains links to these domains. Also see Links.

Domain
www.way2self.in.ua
annaputyatina.ru
vulkancasino.ua
uden-s.org
futbolok.net.ua
teplomontag.com.ua
feeds.feedburner.com
luckyads.pro
pxxifc.com
metrika.yandex.ru

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.tinkoffjournal.ru Thawte RSA CA 2018	`2021-08-31` - `2022-08-31`	a year	crt.sh
way2self.in.ua R3	`2022-01-18` - `2022-04-18`	3 months	crt.sh
bituk.media R3	`2022-02-18` - `2022-05-19`	3 months	crt.sh
coincryptobase.com Thawte RSA CA 2018	`2021-06-26` - `2022-07-10`	a year	crt.sh
sundays.by RapidSSL RSA CA 2018	`2020-04-30` - `2022-04-30`	2 years	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-22` - `2022-06-21`	a year	crt.sh
kliningovyj-raj.ru R3	`2022-01-11` - `2022-04-11`	3 months	crt.sh
fainaidea.com fainaidea.com	`2022-03-12` - `2023-03-11`	a year	crt.sh
tekhnotop.ru R3	`2022-03-12` - `2022-06-10`	3 months	crt.sh
shop.aton.ua R3	`2022-02-14` - `2022-05-15`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-09` - `2022-04-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-22` - `2022-03-22`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-02` - `2022-05-03`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-03` - `2022-05-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-02-17` - `2022-05-12`	3 months	crt.sh
100widgets.com R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh

This page contains 30 frames:

Primary Page: http://way2self.in.ua/
Frame ID: FD4AF63AFCA47A5D7B3DDEE30CE3E2EE
Requests: 93 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html
Frame ID: 549F0EF531119BFD2669C43A78CD67CB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&adk=1812271804&adf=3025194257&lmt=1647329288&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=http%3A%2F%2Fway2self.in.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1647331007036&bpp=3&bdt=636&idt=176&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1616181645532&frm=20&pv=2&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=218
Frame ID: 0C89DE38D54CC7D5B14FB101F1FE3191
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237
Frame ID: 6F66EAD0CB473C2D6F00961F902B2FB0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=3376076128&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007042&bpp=1&bdt=641&idt=241&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=6710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3NlfBOiQ8s&p=http%3A//way2self.in.ua&dtd=245
Frame ID: 0D313F298927E61F43215FD4F2FCB7B7
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=642&idt=247&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xDXbdyrchb&p=http%3A//way2self.in.ua&dtd=249
Frame ID: 222CBB50FB796D35AF64CE26136375F1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=643&idt=251&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=3xOYi2dOUo&p=http%3A//way2self.in.ua&dtd=252
Frame ID: A49BC0587EEECFACB9D6452F06A12857
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CJ2chv0YwYoKhF_Dg6wSz-ozQBMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAHVttLqA8gBCakCHvr9BLhnsj6oAwGqBLsBT9DxfThpO2ur-afNef_J8XveLGqnOAoFou572Opc41ywwNFCzHTzqBJNxF1mAxlYeQe6ku7-T47BZqUV2V9Gy8cAW6DdZzeOO6ktIKm6KV1GsxbqMbtiNLz55krG8qlCWarYA-5SUUJmi14TSWy27zmsZWmO3A10VeNpSYQuuHJ8PyFXfqFvtuPNmosAmglh7CKFjKAFj32ZSI5ZON5absOxLBOiUYSwVAaWIWxUqEnfjQGLpyPhOhJ4MIAG3JuPmevx2cnWAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=nynPiNHYy9Y&uach_m=[UACH]&cid=CAQSGwCNIrLMF6Kiwvr-B5mU1_LoMIpG-yR99ffXHxgB
Frame ID: 5D3AB0163F73EB310E0CB0AF663AF062
Requests: 6 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF0IIKmvBwAAM9Mx8vvnDZnmWlSspOeA&u=%7CoQxQhUm4gfxL014eOIihwoqdenNEfSLnC%2BHE3ilAv6M%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_Lj2QqfW5owIADEgKs6qJ-vEhEBQC3vrwDges5lxnkkes6hU6wBaTsIk1oVSsynFxB649Pos7I-WNBQ0cmeICdSZT46Gsls6wEhM02poJ1E14AXyvNg6GCBnRdyUhgX58JPLM7ioBecx9VfCKOLTs8kfWQgwXHr8eEqKlLsewfuPmlcyHPX0irzZfeuSiuc3A1wZRJTu_ckt_Hql4NZOLDG8eKau2oJyt4toVuKOCk-vuCuRKNaypdWw7KZ2WsubY7i5vY_hkXeGohA4piRBc9Lr-G8Y9T8zkqzTc5_PGrBhuI6Zof4e8Ayh47ItZBcYZDDjiRYk5sW3hrqHKywXQmE71yspcR9C3LZX_0_iFgN03nyNwGvhKA62FVWdKg78sscWuis8ex9XYvdzfpd7mho-yI4Nu2luOSQqi4wzLBYRnym4Uu5UzjHTqXkWenS_E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1udGv0YwYoKhF_Dg6wSz-ozQBMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAHVttLqA8gBCakCHvr9BLhnsj6oAwGqBL4BT9DxfThpO2ur-afNef_J8XveLGqnOAoFou572Opc41ywwNFCzHTzqBJNxF1mAxlYeQe6ku7-T47BZqUV2V9Gy8cAW6DdZzeOO6ktIKm6KV1GsxbqMbtiNLz55krG8qlCWarYA-5SUUJmi14TSWy27zmsZWmO3A10VeNpSYQuuHJ8PyFXfqFvtuPNmosAmglh7CKFjKBHjVwLzwHFK2HGemBhEbVaWJC64gy4Oe7gYHR5f76ViztkkJZrj4P4DYAG3JuPmevx2cnWAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_28eR3tG3xt7IsEzKDbSnNmtNRR7g%26client%3Dca-pub-5667294504565912%26adurl%3D
Frame ID: D257CFF8940F9653B1FEF184E103C1D2
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CwSUcv0YwYoamF4aY7gSPwZ94yZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQIe-v0EuGeyPqgDAaoEtQFP0GcE8cplDfoj6h8eQI9HwvmpeU5mn4H4vvGmZAjm1IyFH1gZb6eUYNX_cMK0Gry-c6ixVWQI0nrCiz1grxyMJoGqAi-2ajKTyOWtuBSnpFkU3QdqwLR5NPL9Z-WuUNSxLyyM6CnPs-iSf_y-rcGn2aIFWRQwoRO_f2iJ7hewCFujRDjACx6-bIIoi2-ngr-ayOQlrhqVGUM5l8D_Gzf_S-fzDQkcBCVUWMZP_4Q1AdmevHwzgAbQhMeAwJjFlwKgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NjY3Mjk0NTA0NTY1OTEyGAA&sigh=77arS5NhyoU&uach_m=[UACH]&cid=CAQSGwCNIrLMZEAyIR6LWkknMZIdE5s_zYXbvd9wMhgB
Frame ID: 7C38A9CC67FDAE8163C0E3A66510D67D
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF0wYKm4wGAAfgjwJ2S5pYOKTTCgw5Xw&u=%7CoQxQhUm4gfynVlrpzR51ZX%2BWKLTXydx%2Fph5ymY59TN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsfk6rNy33hnOjOX7BUoUIDqHxxH3okXUHt4SDaUGQOY0ZTmSqh1xjwJUSSeF1Qi6PmPUhXvaIs-4AGoyHw9ldm6-5vMDgs9dKws2qBP3HfGuSFl9GqfrZ4D-2eBWqYbjaO_k25NuhPnRk8Lp-_L9j9FOnntFlbR-_W7JNx-JxI5gVUS_k-Po0gVXsMIlKrtnTeJOn3ARXFXJiza2AhYOaKJgh_NclwOKXcf12-06b_nWJVIpTjQ2wuW0i2BcGNVbJV21qv4iN-JKNZAwgfe59pFV_1ZhKwSXwJ0LEB5pcN2PZznvVL2jrPYPOsXWkcfDkF52yI3iypKJUA4j55c0sSMrA0sJRPlkfl1qRIUYtDpx9stEwMbOkQ-9gSvnjRsoVQiy_6nSkzYweIUFoGVmYI3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY2K1v0YwYoamF4aY7gSPwZ94yZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQIe-v0EuGeyPqgDAaoEuAFP0GcE8cplDfoj6h8eQI9HwvmpeU5mn4H4vvGmZAjm1IyFH1gZb6eUYNX_cMK0Gry-c6ixVWQI0nrCiz1grxyMJoGqAi-2ajKTyOWtuBSnpFkU3QdqwLR5NPL9Z-WuUNSxLyyM6CnPs-iSf_y-rcGn2aIFWRQwoRO_f2iJ7hewCFujRDjACx6-bIIoi2-ngv2Y6XaiIYaGpt8tNBDCvc_2X-1FBycEhpGcZWC9QJoZGVw0OG-MtzLbgAbQhMeAwJjFlwKgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20mIHjK30F1n_9AxZlLI2njqZ2xA%26client%3Dca-pub-5667294504565912%26adurl%3D
Frame ID: 815E2EFC7BC53E797B4C85991BE502F3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14
Frame ID: 8B44FD7F7222738ED1BC7C2109C066DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1744450280&pi=t.aa~a.3194323626~i.27~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=3772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=6EyeKMCTtx&p=http%3A//way2self.in.ua&dtd=17
Frame ID: E265C718827A3601B64470E44CA353E5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20
Frame ID: 412F1610A6F9C8CC22FB9AEE350BA698
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1
Frame ID: EBBB6E5D3E41C25A20C0B2F731320D92
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF54AKm5-IAAC-tDapSKb-55hNtNzUsw&u=%7CoQxQhUm4gfydhxVHP1uWxvxmoQ3HglLbcDhhk5OZzW8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsf_cABLeKzTC9KIl1SG3sQfH8EX69IW9IDd2YwapOVA3G9sgjPQHp8cr-BTD8U4EDb1j0YTbVIZ3Q6ruUZ0_j6bfq8huwBhav3QWthqp0GG6QnRpqLEx6Xpr4APeKYcEi7pVL33U8hPjk1cLWIOJckDcA9anPQylwG5rAmDB21rmt5twowsrZDGI00mDD3p4qQcJ8KPKzNGRJrFsFfDY7uND7nHUreSmFLkRRRs_oQEDHhtZU0eGM3Hx08_becVkA3F7pdlRVKpi-atAlY_9Gi_B8rM52zTE5--kv_bSQB9E8SAs2iLrI7QyFrRb5XiuNsJkx4_m6_eZ6Xpg_7dJNWR2J-DFnDFsqXjdzAIBQXuFJ3JGehUctSyFi0MKRgslUtSdZHQWkD_kf8Cx_fx2wAIw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9SLHv0YwYoDPF4i_7gS0_YLYAsme0rFczYbj1pMBwI23ARABIABglQKCARdjYS1wdWItNTY2NzI5NDUwNDU2NTkxMqAB1bbS6gPIAQmpAh76_QS4Z7I-qAMBqgS4AU_QAfF4snnIb_ca2pGB6wbRhomAuZpoJhhh3C4ubvQs7GXXo98cNwt-HZPOZmPzE73pTpRRzvkavD8Kz6x1FJsq5EAD931mg-jjf0pkQdkDuabiVxEZc5AeaTehQKEa01yq9k-Bq735nCNEIUvFETThpkwYUDeYFznMZNOMccSI15MtrhvVdpxN8hcEbc-unpwg3Q0FZhs_nxaygiltOfjTdDwCg0hk9vrqwsblM-WKR9Re03enD4-ABrv28cPwyaPT5QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nqthatDpW4MnqFNY-XFR3AEIDtw%26client%3Dca-pub-5667294504565912%26adurl%3D
Frame ID: FA30537441606F1D591F920044EF27AE
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 1B28B2D1333829610482C925371EBA25
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Frame ID: 1353A4E35BCC9E58399F712F4D5CEA4D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html
Frame ID: 77D0ABFEC2E61A9B20F98E44C3C6011A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C0pklv0YwYvqmN5O26gTdkqQI04K5jWGnqMXk2A636aK9wAEQASCX_bAqYJUCoAHjivalAsgBCakCHvr9BLhnsj6oAwHIA0iqBMwBT9DG4PAcd_qe9AEgelU4L0ACRketNkTANZOPlw4hUYWeDLDdrgZgHq_pkXLYZP60z4OwU47MTChRTBfv0o0Un8QuWZg-mZUg3GWpVGfrAuj2ZuoTq505KKv7qWjKIqwhb0oegi0jvaxFOwutkdJilZxuP_Q4hpqyJWP1xDQ7it6qcDKDuS88Ek_7QYkiPWBKyvEcLyQExOieloKBrtewSwhwUVx0iO62Kn0aV5OzNf9pfPcMp64Ybuy7ENZ7GapXc2wuUABB2_H9omX8wASJ-pGXigOIBZf_7LEnkgUECAQYAZIFBAgFGASgBi7YBgKAB4X1idoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiZYGoAjkEbAIAtIICQiA4YBwEAEYH4AKAcgLAdgTDYIUEBoOd2F5MnNlbGYuaW4udWHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=fh1pyjgAUSE&uach_m=[UACH]&template_id=419
Frame ID: A7564CDE1C8CDF5E78A92CAE583E8DBE
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html
Frame ID: FDC0A96A5699A14859BC63BE351DAD44
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cc6Qvv0YwYpfLN5Kw6wTQ2YPACtOCuY1hp6jF5NgOt-mivcABEAEgl_2wKmCVAqAB44r2pQLIAQmpAo78Z0SZa7I-qAMByANIqgTMAU_QA9HijIzTc7AKJaQhQQ71r98aCF4bJxfSZBQMTbvwQG2XyyK3iBZAHQIyPrgsI2OkTIwTTxaPLYLt1inzuGjKS8xQClnYo__ErfOklCP2wB1sEmsXk-3jw7o9v0qbx8XHNAFg-_OAQX9rUCBDsNDSl_N0SWhKhmUUkNvV1lBoT72koIl19l6Fkwo4RtSRg81tVHS3qdadjsPJPmLvig-lozH9WlxpIIvedsfHOt-ArkbHNd940SIxgEz1msVgV1wBFG_3goiS1Pz3a8AEifqRl4oDiAWX_-yxJ5IFBAgEGAGSBQQIBRgEoAYu2AYCgAeF9YnaAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENL3BaAI5BGwCALSCAkIgOGAcBABGB-ACgHICwHYEw2CFBAaDndheTJzZWxmLmluLnVh0BUBmBYBgBcBshccChoIABIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=OETktHnvdrk&uach_m=[UACH]&template_id=419
Frame ID: 66FCF23CCC0059ABB0F2F97935F4E2F0
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html
Frame ID: 76FF5DD29DB59A031316ED8DFCD58701
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CMPALv0YwYvmgN5CS6gSdsKeQBNOCuY1hp6jF5NgOt-mivcABEAEgl_2wKmCVAqAB44r2pQLIAQmpAh76_QS4Z7I-qAMByANIqgTMAU_QvXWdf8OoypPe7Oc_EiezuSsyGLwBwcOxLWTjzWXHhlid8VYYDIg2hzPvyzwxc5dQnWLHqv5bSjcOQROiVUJCEtfObEZ2x8xqx5K9HwT3CF4i3PNZ5NEH0QON43No5gFB3FZSIT7z3VusOfb7S_bY4LxK2X08AcOHaEZcxLDm8dR-YmoP0LFgPYgg4u5tsVsP2tn5GHvA94X_Uc3I5RmeAYkMIFylshoAsTTveDoekzwBa4FXVDeU2_RaoatXXAi_iixao1LkglP5wMAEifqRl4oDiAWX_-yxJ5IFBAgEGAGSBQQIBRgEoAYu2AYCgAeF9YnaAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENS3BqAI5BGwCALSCAkIgOGAcBABGB-ACgHICwHYEw2CFBAaDndheTJzZWxmLmluLnVh0BUBmBYBgBcBshccChoIABIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=KSv96x01-oE&uach_m=[UACH]&template_id=419
Frame ID: 778253C5122E20884E9171C2A61D1DE4
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js
Frame ID: E1C77F9327506069F81375E7690709F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AAA98843DAED4E372820F0462E919C21
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: AF27F368478D5411395B96E45427A91C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 082F1EC75E73EF9E5BE6E26E8028B109
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A228CFC34C157ACABE7461DAEA9F406F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF107003BA50E18961DC7DDAEE1AB2CB
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Путь к истинной себе

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net/npm/yandex\-metrica\-watch/watch\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

249
Requests

76 %
HTTPS

52 %
IPv6

35
Domains

48
Subdomains

43
IPs

11
Countries

3883 kB
Transfer

7104 kB
Size

23
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.way2self.in.ua/
Title: Главная

Search URL Search Domain Scan URL

URL: https://annaputyatina.ru/uslugi/psiholog-konfliktolog-dlya-biznesa/
Title: услугами бизнес-психолога.

Search URL Search Domain Scan URL

URL: https://vulkancasino.ua/ru/category/allgames
Title: https://vulkancasino.ua/ru/category/allgames

Search URL Search Domain Scan URL

URL: https://uden-s.org/
Title: обогреватель

Search URL Search Domain Scan URL

URL: https://futbolok.net.ua/
Title: https://futbolok.net.ua/

Search URL Search Domain Scan URL

URL: https://teplomontag.com.ua/kotly-tverdotoplivnye-1440/property-tip-kotla-1886
Title: двухконтурные твердотопливные котлы в Teplomontag

Search URL Search Domain Scan URL

URL: http://feeds.feedburner.com/way2self

Search URL Search Domain Scan URL

URL: http://luckyads.pro/?utm_source=websites&utm_medium=teasers&utm_content=logo

Search URL Search Domain Scan URL

URL: https://pxxifc.com/v4/click?media=415611&c=mAY-HV1KlKW2EVSxnecDSM6gVErBZDGByFGC4y_O2saEgb7vSEGT6A0x8H0QWXkXNP_cyrzlvY4mzQiFpJS_DCMODWxwEdg46gR5XIzNzl-FtxNb6nIywEp4liyHs5mGMOXu-xENY2_B1rc-Xb29u7loKNHkppLwOPzAj36gcexrmEBVA0urzUrKCbT0zNEN6UPw25xPi8gCIZ5tGSZPx1T9Su3z32kRHZSSqgHEUD4cGMFJClm7g61I1h0qI1I-jZ7nLfXz9zH_0QHOkmFAU6RGJmbNAjA_UNIlSCqFrRbBKIsgZ4Ja3zt-tU9iA15NUPTpjlBysxVuICW4fXc7hEyj4dofztCq_m0xzuQn2THb0iLwbflQL9w81c866i-RbEMgj0PTCIrn1-R8imLL2TY9FXTlGibXpOsjmJf5V249IxThSDEMFUgtkIcpCCVLr0xo0sI7WghiY6VwE3EsjzZDdLslU8cj3mFCl198g5KiTFuZUuOenh5lT_q3TFm5XqBm2PsrUpo6YVV6DaGQ5KaAPW2tDA2yS3XpwRyjNAmjIGlcTTF3
Title: 9 часов 12 минут назад Не стригите грибковые ногти! Грибок выводится мгновенно - возьмите обычный... Читать далее 261 149 112

Search URL Search Domain Scan URL

URL: https://pxxifc.com/v4/click?media=416795&c=mAY-HV1Kla8-U76cDd5pLk05q9lc5Gawvr5mvcDx0a-0Z7n4RblHxbBLETapFKViMZaiQfAv5I8fV2wX9B1VpGXZMENqubpYm5tvRtQY0uhKl6F-vxgLvj4B_xCXj8kRiGTUzYMlCwuD9nLnRyGd9a5rONh9bhLiGOQcH3UxvoMqtrveMhlv4IxDL8h_4dlJeY4zpry5x-O_vD9ptrTG7abZ6nh0CvNe703ha1fHb_smXs3c8b6pA6RYkS84kwjpACkDlIB58Fu-2rhQJZ7-S0cRgJtFPrq_GBx3FfaOsPx5Q27eOjweokUEwKTtxshSnRn91r4GWQkdU9qW8BYEvor9kRdTXf2TuvlH_0j5K_rJh854zlVKC6gdsuPP2mWgEj7RpdB13cbcs6t8GyTu4PEDnIlUzrmqx8kiUv2T3aPkjBKW2h_b6Eyv0n1IFibjZ6KxZDZKpqcXwGwU5Qr37P98-GGlpIGUheElLySdF03XieSFZN5Xcquy5DJQE7XZA6zr_gBT-wcUPYZNtX1eaD0cgEVEn84x_FBNMqT_lMHMxN3raVCexN7vW1LpKMT-
Title: 11 часов 53 минут назад Мы в шоке от потенции мужа! Теперь он может в любой момент, даже если устал после работы, а помогает ему простой... Читать далее 496 183 221

Search URL Search Domain Scan URL

URL: https://metrika.yandex.ru/stat/?id=33112108&from=informer

Search URL Search Domain Scan URL

URL: http://www.way2self.in.ua/politika-konfidentsialnosti
Title: Узнать подробности

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1

Request Chain 22

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1

Request Chain 24

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1

Request Chain 26

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1

Request Chain 27

https://podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg HTTP 301
http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg

Request Chain 28

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1

Request Chain 30

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1

Request Chain 32

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1

Request Chain 34

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1

Request Chain 36

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1

Request Chain 38

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1

Request Chain 40

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1

Request Chain 42

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30600_1 HTTP 301
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30600_1

Request Chain 51

http://connect.facebook.net/ru_RU/sdk.js HTTP 307
https://connect.facebook.net/ru_RU/sdk.js

Request Chain 53

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 71

http://100widgets.com/js_data.php?id=278 HTTP 301
https://100widgets.com/js_data.php?id=278

Request Chain 123

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A190169941557%3Ahid%3A125173013%3Az%3A0%3Ai%3A20220315075647%3Aet%3A1647331008%3Ac%3A1%3Arn%3A989191933%3Arqn%3A1%3Au%3A1647331008308586673%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647331006105%3Ads%3A114%2C85%2C93%2C84%2C0%2C0%2C%2C387%2C10%2C%2C%2C%2C764%3Aco%3A0%3Ast%3A1647331008&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A190169941557%3Ahid%3A125173013%3Az%3A0%3Ai%3A20220315075647%3Aet%3A1647331008%3Ac%3A1%3Arn%3A989191933%3Arqn%3A1%3Au%3A1647331008308586673%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647331006105%3Ads%3A114%2C85%2C93%2C84%2C0%2C0%2C%2C387%2C10%2C%2C%2C%2C764%3Aco%3A0%3Ast%3A1647331008&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 124

https://mc.yandex.ru/watch/33112108?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A264571988381%3Ahid%3A125173013%3Az%3A0%3Ai%3A20220315075647%3Aet%3A1647331008%3Ac%3A1%3Arn%3A228235138%3Arqn%3A1%3Au%3A1647331008308586673%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647331006105%3Ads%3A114%2C85%2C93%2C84%2C0%2C0%2C%2C387%2C10%2C%2C%2C%2C764%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647331008%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A264571988381%3Ahid%3A125173013%3Az%3A0%3Ai%3A20220315075647%3Aet%3A1647331008%3Ac%3A1%3Arn%3A228235138%3Arqn%3A1%3Au%3A1647331008308586673%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647331006105%3Ads%3A114%2C85%2C93%2C84%2C0%2C0%2C%2C387%2C10%2C%2C%2C%2C764%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647331008%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 154

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9578.r9bUrOW7MwMjuwLElcpXZREWAbt-oRqYVK7LGSWPxDXET30tFQSyJtEOUSjog6Jx.H5scNAyeCKxu-rl6fTp1To0QMu0%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9578.2c3oRh8vz-BXOcpqU50aOl2xxySenzonMU7Zbuf2fkXtW3QuKa0nyHleLwSzEz9Ub6AIKLW4Lzo9eKmh3meMcM1Z5GwtV0KBxUqhyqwz45M%2C.BxDgGI21IofXkzooRVgTkWleZxc%2C

Request Chain 209

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 230

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 237

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 238

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 246

http://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm&psid=7075232810112230465&google_hm=NzA3NTIzMjgxMDExMjIzMDQ2NQ&_lxrnd_=100921259 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm=&psid=7075232810112230465&google_hm=NzA3NTIzMjgxMDExMjIzMDQ2NQ&_lxrnd_=100921259&psid=7075232810112230465&_lxrnd_=100921259 HTTP 302
https://gmp.luxcdn.com/tr/?psid=7075232810112230465&_lxrnd_=100921259&psid=7075232810112230465&_lxrnd_=100921259&google_gid=CAESEPFeTn92Czrp8SfQ-P0JlFw&google_cver=1

249 HTTP transactions
13 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
way2self.in.ua/ 96 KB
22 KB 293ms
94ms Document
text/html 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7e173f916281f4b00dc6de63b6a69e1785cf33e6202cc09eb24d4798ce8891de

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Server: nginx/1.16.1
Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 22463
Connection: keep-alive
Vary: Accept-Encoding,Cookie
Cache-Control: max-age=3, must-revalidate
Content-Encoding: gzip
Last-Modified: Tue, 15 Mar 2022 07:28:08 GMT

GET
H/1.1 200
OK styles.css
way2self.in.ua/wp-content/plugins/contact-form-7/includes/css/ 1 KB
761 B 147ms
83ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:53:00 GMT
Server: nginx/1.16.1
ETag: W/"5e15fadc-44f"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK cli-style.css
way2self.in.ua/wp-content/plugins/cookie-law-info/css/ 2 KB
948 B 166ms
83ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/cookie-law-info/css/cli-style.css?ver=1.5.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: e54b12f091001a29558f0c4c6e33fe512f71ba0215fc6630f6afc159f2ba40a1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:46 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbfa-8ca"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK wpfront-scroll-top.css
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/css/ 113 B
365 B 166ms
83ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/css/wpfront-scroll-top.css?ver=1.4.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 4ea65470b3930c46d36c89f4f3db45b677fb3c15b820de53959ce66ad4112d59

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:26 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbe6-71"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK quads.css
way2self.in.ua/wp-content/plugins/quick-adsense-reloaded/assets/css/ 218 B
432 B 170ms
85ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/quick-adsense-reloaded/assets/css/quads.css?ver=1.4.7
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ee98562eed7d7a378016b2d3f26f8dd8242440049855b277341248a0b42e5291

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:53:05 GMT
Server: nginx/1.16.1
ETag: W/"5e15fae1-da"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK style.css
way2self.in.ua/wp-content/themes/smartline-lite/ 43 KB
11 KB 171ms
85ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/style.css?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b91d3b081a858473f2923c4a8e4a3ec66216b151194ded0cc4fc3b12a94e53ad

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 16:08:45 GMT
Server: nginx/1.16.1
ETag: W/"5ebaca0d-abb6"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK genericons.css
way2self.in.ua/wp-content/themes/smartline-lite/css/genericons/ 27 KB
17 KB 173ms
87ms Stylesheet
text/css 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/css/genericons/genericons.css?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 041d0bfd5e5587f4e66e409ad9205d2ed8ead9582e3afb98611044380816108e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:27:57 GMT
Server: nginx/1.16.1
ETag: W/"5e16030d-6c59"
Transfer-Encoding: chunked
Content-Type: text/css
Connection: keep-alive

GET
H/1.1 200
OK css
fonts.googleapis.com/ 5 KB
1 KB 119ms
64ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

734944665ce14cd73676823ba2f40328031c9e1d3f118b2efb8e8d9e3cde7df6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
X-XSS-Protection: 0
Last-Modified: Tue, 15 Mar 2022 07:56:46 GMT
Server: ESF
Cross-Origin-Opener-Policy: same-origin-allow-popups
X-Frame-Options: SAMEORIGIN
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 15 Mar 2022 07:56:46 GMT

GET
H/1.1 200
OK jquery.js Show response
way2self.in.ua/wp-includes/js/jquery/ 94 KB
38 KB 231ms
85ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-includes/js/jquery/jquery.js?ver=1.11.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:29:16 GMT
Server: nginx/1.16.1
ETag: W/"5e16035c-176e9"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK jquery-migrate.min.js Show response
way2self.in.ua/wp-includes/js/jquery/ 7 KB
3 KB 249ms
83ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:29:16 GMT
Server: nginx/1.16.1
ETag: W/"5e16035c-1c20"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK cookielawinfo.js Show response
way2self.in.ua/wp-content/plugins/cookie-law-info/js/ 7 KB
2 KB 249ms
84ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/cookie-law-info/js/cookielawinfo.js?ver=1.5.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 17830f4c96e1949e1d48c60c12ce45533ed0276f1310ebc083acc2c59a280af3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:45 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbf9-1cbe"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK wpfront-scroll-top.js Show response
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/js/ 3 KB
1 KB 255ms
85ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/js/wpfront-scroll-top.js?ver=1.4.4
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: a5ac529d240812c2725fdb0d65eeb2863c8523a42a9a684068b1620071a9b3af

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:57:19 GMT
Server: nginx/1.16.1
ETag: W/"5e15fbdf-d6e"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK navigation.js Show response
way2self.in.ua/wp-content/themes/smartline-lite/js/ 4 KB
2 KB 256ms
85ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/js/navigation.js?ver=4.3.1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 429a39b5d5be375d2ef17c332187e24d6a34dfdc2f3ea1b3d39d892d423e449d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 16:27:54 GMT
Server: nginx/1.16.1
ETag: W/"5e16030a-f39"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 205ms
84ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8be9e29e9716c3c3137df8427636ab60e4dad88533ab7cfcd01d43eac17d661e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53837
x-xss-protection: 0
server: cafe
etag: 6534106532934454988
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 07:56:46 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 152 KB
53 KB 138ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20298498b69fc9c7dd131cea19e96a360b80bd80b4d4bee0be3ae69cc70fc080

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 18031070741774095051
Vary: Accept-Encoding, Origin
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 53839
X-XSS-Protection: 0
Expires: Tue, 15 Mar 2022 07:56:46 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 181ms
64ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

efe60d3132396e59045e15ed5c74035c98ac27b363af49041b12706746af8b52

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Tue, 15 Mar 2022 07:56:46 GMT

GET
H/1.1 200
OK pykwb612g.php Show response
pxxifc.com/1wyl71192vilm0py03h8q/876/vuq876/ 58 KB
19 KB 215ms
90ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/1wyl71192vilm0py03h8q/876/vuq876/pykwb612g.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 10:10:17 GMT
Server: nginx/1.14.2
ETag: "6229ce89-4b07"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19207

GET
H/1.1 200
OK 0y3qh8768uvq876pkyjo.php Show response
pxxifc.com/z7y1l7192lvip0m/ 58 KB
19 KB 216ms
90ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/z7y1l7192lvip0m/0y3qh8768uvq876pkyjo.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 10:10:17 GMT
Server: nginx/1.14.2
ETag: "6229ce89-4b07"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19207

GET
H/1.1 200
OK 768quv678ykpjh.php Show response
pxxifc.com/k1i1l7912/ivl/0mp3y0h8q/ 58 KB
19 KB 217ms
92ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/k1i1l7912/ivl/0mp3y0h8q/768quv678ykpjh.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 10:10:17 GMT
Server: nginx/1.14.2
ETag: "6229ce89-4b07"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19207

GET
H/1.1 200
OK pky7sdz.php Show response
pxxifc.com/ghx1l7/219lvipm0/0y3q8h768vuq/876/ 58 KB
19 KB 219ms
93ms Script
application/javascript 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/ghx1l7/219lvipm0/0y3q8h768vuq/876/pky7sdz.php
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Thu, 10 Mar 2022 10:10:17 GMT
Server: nginx/1.14.2
ETag: "6229ce89-4b07"
Content-Type: application/javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 19207

GET
H/1.1 200
OK logo1-1340-350.jpg
way2self.in.ua/wp-content/uploads/2015/10/ 67 KB
67 KB 87ms
85ms Image
image/jpeg 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/uploads/2015/10/logo1-1340-350.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: b1dd202355d105d5decce633f48db2749a76ae1e29771dec12b5338f6c7a0c7d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Last-Modified: Wed, 08 Jan 2020 16:14:48 GMT
Server: nginx/1.16.1
ETag: "5e15fff8-10c97"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 68759

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1

325 B
529 B

182ms
60ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30624_1
Date: Tue, 15 Mar 2022 07:56:46 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 Zw
img-cdn.tinkoffjournal.ru/i/S-cjY9Q2Ct0NcyUocj3rNXrVRZrM2o15-uUt1Fu4x_Y/w:1200/aHR0cHM6Ly9pbWct/Y2RuLnRpbmtvZmZq/b3VybmFsLnJ1Ly0v/bWFpbl9fX195YXpo/cHNpaG9sb2cuYnZ3/Y254NW5uNWdlLmpw/ 133 KB
134 KB 399ms
106ms Image
image/webp 92.223.84.84
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-cdn.tinkoffjournal.ru/i/S-cjY9Q2Ct0NcyUocj3rNXrVRZrM2o15-uUt1Fu4x_Y/w:1200/aHR0cHM6Ly9pbWct/Y2RuLnRpbmtvZmZq/b3VybmFsLnJ1Ly0v/bWFpbl9fX195YXpo/cHNpaG9sb2cuYnZ3/Y254NW5uNWdlLmpw/Zw
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 92.223.84.84 , Luxembourg, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: db8d470fcb7b5fe2a19a10083ea345b5e9f5e92bf3d62465fac44c73ef703449

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-id: m9p-up-gc54
date: Tue, 15 Mar 2022 07:56:47 GMT
x-proxy-cache-status: HIT
x-cached-since: 2022-03-14T08:01:41+00:00
x-envoy-upstream-service-time: 250
content-disposition: inline; filename="main____yazhpsiholog.bvwcnx5nn5ge.webp"
content-length: 136650
x-request-id: a578c29e-fc69-44e8-8ba1-63fa3863eae1
server: nginx
etag: 4010c6145daa3bbb837fefc43ab3ef768122390a7f78e74e151edf9c97739643
vary: Accept
content-type: image/webp
cache-control: max-age=157680000
cache: HIT
accept-ranges: bytes
expires: Sun, 14 Mar 2027 07:56:47 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1

325 B
529 B

181ms
60ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30621_1
Date: Tue, 15 Mar 2022 07:56:46 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK Screenshot_12.jpg
way2self.in.ua/wp-content/uploads/2022/02/ 284 KB
284 KB 339ms
166ms Image
image/jpeg 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://way2self.in.ua/wp-content/uploads/2022/02/Screenshot_12.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 550ac245106b0935f2d104288a7d91bf63c38cf89e938ccbd19080f3ee22a727

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Last-Modified: Sun, 20 Feb 2022 06:42:13 GMT
Server: nginx/1.16.1
ETag: "6211e2c5-46e71"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 290417

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1

325 B
529 B

182ms
60ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30620_1
Date: Tue, 15 Mar 2022 07:56:46 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK photo_2021-09-19_01-02-50-1024x505.jpg
bituk.media/wp-content/uploads/2021/09/ 81 KB
82 KB 356ms
87ms Image
image/jpeg 185.233.39.242
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bituk.media/wp-content/uploads/2021/09/photo_2021-09-19_01-02-50-1024x505.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.233.39.242 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: vps-37976.vps-default-host.net
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b3f6c6b1ecd1c79b3289035b660e537b8010d86ae9d5663b93d80019e6061716

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Last-Modified: Sat, 18 Sep 2021 22:02:00 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "144e1-5cc4c327a2600"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 83169

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1

325 B
529 B

161ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-28173_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1

200
OK

4ef42a42c182f1c8b6c93ba43ead1a45.jpg
www.podosinki.su/wp-content/uploads/4/e/f/
Redirect Chain

https://podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg

38 KB
39 KB

349ms
87ms

Image
image/jpeg

2606:4700:3030::ac43:c5d9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2606:4700:3030::ac43:c5d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5026639059f689fcceeddefe8af1a6e26e5642a0fe1efaf02db641d97ca5b1f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
CF-Cache-Status: MISS
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection: keep-alive
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 38811
Last-Modified: Mon, 14 Mar 2022 13:30:30 GMT
Server: cloudflare
ETag: "622f4376-979b"
Vary: Accept-Encoding
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XdR3t592Ky3LrPQsRyPnMiwP%2FjiliCpxGifmRH0MS3cxJNLFG0BsQyusN2QydKW1Hs6vMzxMkDLhIEEkm12UqIUKEF3Q%2BGIRn3RmZFgvNmKtbtWNs0AW6k9gyzt1cOqhsL1qLkpiejcD5UocqFtX"}],"group":"cf-nel","max_age":604800}
Content-Type: image/jpeg
Cache-Control: max-age=14400
Referer: http://way2self.in.ua/
Accept-Ranges: bytes
CF-RAY: 6ec3b1cf6e08891e-LHR

Redirect headers

date: Tue, 15 Mar 2022 07:56:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SWem2PTSJrmoxUDmu%2Fj%2BLbgZvxMx%2FXAVB8UGqxkGFkWwix%2FNIUfe%2F5PclPt6XdYXqWn6T0WyGOjMzNS6IKJmKdx9byCs1qiLmvehVwr4bfiT68Alom8ugQDO1q2sVTQ6SZqjQwaKoqkdAeQ%3D"}],"group":"cf-nel","max_age":604800}
location: http://www.podosinki.su/wp-content/uploads/4/e/f/4ef42a42c182f1c8b6c93ba43ead1a45.jpg
cache-control: max-age=3600
cf-ray: 6ec3b1cd69ef7723-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Tue, 15 Mar 2022 08:56:47 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1

325 B
529 B

147ms
59ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30616_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 4(2).jpeg
coincryptobase.com/storage/journal/December2020/ 24 KB
24 KB 580ms
59ms Image
image/jpeg 116.202.113.101
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://coincryptobase.com/storage/journal/December2020/4(2).jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 116.202.113.101 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.101.113.202.116.clients.your-server.de
Software: nginx/1.16.1 (Ubuntu) /
Resource Hash: a6acbcf8b6f128cd689868adc2787451f6114be57992ace33b325235ba24d207

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Thu, 17 Dec 2020 12:24:36 GMT
server: nginx/1.16.1 (Ubuntu)
etag: "5fdb4e04-5e63"
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 24163
expires: Wed, 15 Mar 2023 07:56:47 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1

325 B
529 B

146ms
59ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30615_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 vybrat-obogrevatel-1.jpg
sundays.by/images/stati/ 71 KB
71 KB 1053ms
210ms Image
image/jpeg 178.172.137.201
BN-AS Belarussian...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sundays.by/images/stati/vybrat-obogrevatel-1.jpg

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.172.137.201 , Belarus, ASN12406 (BN-AS Belarussian data communication service provider., BY),

Reverse DNS

178-172-137-201.hosterby.com

Software

nginx/1.16.1 /

Resource Hash

c571c146ca5e8750a690ee9e2fe076f51e37aebcfbc50171d5f85d66e355a6fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 07:14:50 GMT
server: nginx/1.16.1
etag: "5ecb706a-11baa"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 72618
expires: Thu, 14 Apr 2022 07:56:48 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1

325 B
529 B

59ms
59ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30614_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 15979239853711.jpg
buki-repetitor.ru/data/files/news/ 57 KB
58 KB 280ms
72ms Image
image/jpeg 2606:4700:3033::ac43:9890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://buki-repetitor.ru/data/files/news/15979239853711.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:9890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 154d6b9ef9acb788970a8dd3ea34b2e752356cb3dccf87f69f5dcaaf6547ef99

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58308
last-modified: Thu, 20 Aug 2020 11:46:25 GMT
server: cloudflare
etag: "5f3e6291-e3c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HYywhacQ%2FN8k85kyR2HaAEPx0SImSVV9zXtRjkd%2Bqhnmhoe4e4F%2F%2BO4SaDE65SwiUzHP3hw6a6TJV55O46SUrZkoTaXtyXWL%2Fogrkrq5Ryx835beZ5CPSf38T5%2BUUSTMTH6WRFg6OlvEgOzcPx60Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 6ec3b1cc7c117729-LHR
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1

325 B
529 B

60ms
59ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30609_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK %D0%9A%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B0-1-%D0%9C%D1%8B%D1%82%D1%8C%D0%B5-%D1%85%D0%BE%D0%BB%D0%BE%D0%B4%D0%B8%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0.jpg
kliningovyj-raj.ru/wp-content/uploads/2019/09/ 64 KB
64 KB 531ms
182ms Image
image/jpeg 62.109.27.135
THEFIRST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliningovyj-raj.ru/wp-content/uploads/2019/09/%D0%9A%D0%B0%D1%80%D1%82%D0%B8%D0%BD%D0%BA%D0%B0-1-%D0%9C%D1%8B%D1%82%D1%8C%D0%B5-%D1%85%D0%BE%D0%BB%D0%BE%D0%B4%D0%B8%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.109.27.135 , Russian Federation, ASN29182 (THEFIRST-AS, RU),
Reverse DNS: anndielm.fvds.ru
Software: nginx/1.16.1 /
Resource Hash: 2a4b85ca6dd780bb8c0251e81cb94d07a11333c041f1e64bbe95b7a945383b53

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Last-Modified: Thu, 27 Feb 2020 06:23:53 GMT
Server: nginx/1.16.1
ETag: "5e576079-10057"
Content-Type: image/jpeg
Cache-Control: max-age=315360000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 65623
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1

325 B
529 B

59ms
59ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30603_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 %D0%A0%D0%B8%D1%81%D1%83%D0%BD%D0%BE%D0%BA1.jpg
fainaidea.com/wp-content/uploads/2016/03/ 39 KB
39 KB 251ms
79ms Image
image/jpeg 95.216.99.229
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fainaidea.com/wp-content/uploads/2016/03/%D0%A0%D0%B8%D1%81%D1%83%D0%BD%D0%BE%D0%BA1.jpg

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.216.99.229 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.229.99.216.95.clients.your-server.de

Software

nginx/1.14.1 /

Resource Hash

5343d3e721695927d444d88f94ffa3c0711ec7cd144cb010d8fc32f987ee3794

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Tue, 29 Mar 2016 14:19:27 GMT
server: nginx/1.14.1
etag: "56fa8eef-9ad9"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 39641
expires: Wed, 15 Mar 2023 07:56:47 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1

325 B
529 B

60ms
60ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30602_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 naturalnaja-kosmetika-dlja-uhoda-za-kozhej-lica-1-1024x576.jpg
tekhnotop.ru/wp-content/uploads/2019/12/ 29 KB
30 KB 315ms
98ms Image
image/jpeg 81.90.181.184
SELECTEL-MSK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tekhnotop.ru/wp-content/uploads/2019/12/naturalnaja-kosmetika-dlja-uhoda-za-kozhej-lica-1-1024x576.jpg

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

81.90.181.184 , Russian Federation, ASN50340 (SELECTEL-MSK, RU),

Reverse DNS

host-11f4a573.hostiman.com

Software

nginx/1.20.1 /

Resource Hash

9f0290c06f2c6f64d0ee106a94fa8b5416ae10ca75e8d90ed3cdc8e0890af8c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Thu, 05 Nov 2020 07:31:33 GMT
server: nginx/1.20.1
etag: "5fa3aa55-75fd"
strict-transport-security: max-age=31536000;
content-type: image/jpeg
cache-control: max-age=432000
accept-ranges: bytes
content-length: 30205
x-xss-protection: 1; mode=block
expires: Sun, 20 Mar 2022 07:56:47 GMT

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1

325 B
529 B

59ms
58ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-29382_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H/1.1 200
OK Holod-kak-umenshit-negativnoe-vliyanie-na-immunitet.jpeg
way2self.in.ua/wp-content/uploads/2021/01/ 87 KB
88 KB 85ms
84ms Image
image/jpeg 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://way2self.in.ua/wp-content/uploads/2021/01/Holod-kak-umenshit-negativnoe-vliyanie-na-immunitet.jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 79eb2eb16e9551b79e36e2e0ca5bc7baa2db0840a73d298918b95389e5d28900

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Last-Modified: Thu, 21 Jan 2021 10:28:47 GMT
Server: nginx/1.16.1
ETag: "6009575f-15d20"
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 89376

GET
H/1.1

200
OK

share.js Show response
share.itraffic.su/
Redirect Chain

http://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30600_1
https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30600_1

325 B
529 B

60ms
59ms

Script
application/javascript

142.132.202.70
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30600_1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 142.132.202.70 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.70.202.132.142.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=UTF-8

Redirect headers

Location: https://share.itraffic.su/share.js?buttons=fb,vk,ok,pi,li,vi,wa,tg,bm&size=big&theme=9&align=center&direction=horizontal&cnt=1&cnt0=0&hover=1&key=20624d78dce4902a62c2d10dd11de4d5-30600_1
Date: Tue, 15 Mar 2022 07:56:47 GMT
Server: nginx/1.18.0 (Ubuntu)
Connection: keep-alive
Content-Length: 178
Content-Type: text/html

GET
H2 200 profi.jpg
shop.aton.ua/image/catalog/article/ 83 KB
83 KB 569ms
190ms Image
image/jpeg 185.68.16.18
UKRAINE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shop.aton.ua/image/catalog/article/profi.jpg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.68.16.18 , Ukraine, ASN200000 (UKRAINE-AS, UA),
Reverse DNS: web676.default-host.net
Software: nginx /
Resource Hash: f786d93125d562534ca1da96cbf560d589fdf9583fedf0aa21ebc18ecabdbbd0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

x-ray: p17866:0.000/wn23352:0.000/
last-modified: Mon, 06 Jul 2020 08:50:17 GMT
server: nginx
etag: "5f02e5c9-14aa4"
content-type: image/jpeg
date: Tue, 15 Mar 2022 07:56:47 GMT
accept-ranges: bytes
content-length: 84644

GET
H/1.1 200
OK rss-icon-1.png
www.way2self.in.ua/wp-content/uploads/2015/11/ 20 KB
20 KB 229ms
84ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.way2self.in.ua/wp-content/uploads/2015/11/rss-icon-1.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: fa299f977b0c6d1ae285d7dc7d4b17876f8b6ddc063eefa410dc1d0fd1116908

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Last-Modified: Wed, 08 Jan 2020 16:10:30 GMT
Server: nginx/1.16.1
ETag: "5e15fef6-4f20"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20256

GET
H2 200 3_0_B9ECFFFF_99CCFFFF_0_pageviews
informer.yandex.ru/informer/33112108/ 1 KB
2 KB 246ms
78ms Image
image/png 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://informer.yandex.ru/informer/33112108/3_0_B9ECFFFF_99CCFFFF_0_pageviews

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

0b685637b18e7f10923161cbfc3105454b0acbc10c8ad0dfd47d0ebb7c3c6997

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Tue, 15-Mar-2022 07:56:47 GMT
content-type: image/png
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 1438
x-xss-protection: 1; mode=block
expires: Tue, 15-Mar-2022 07:56:47 GMT

GET
H/1.1 200
OK 2.png
way2self.in.ua/wp-content/plugins/wpfront-scroll-top/images/icons/ 5 KB
5 KB 87ms
87ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/plugins/wpfront-scroll-top/images/icons/2.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3a8d61ec4f9d08132d1e4d1dcd8fbf220c50d294ce07242737bc315562f2880d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Last-Modified: Wed, 08 Jan 2020 15:57:21 GMT
Server: nginx/1.16.1
ETag: "5e15fbe1-136f"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4975

GET
H/1.1 200
OK jquery.form.min.js Show response
way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/ 15 KB
7 KB 87ms
87ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:52:58 GMT
Server: nginx/1.16.1
ETag: W/"5e15fada-3b90"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 200
OK scripts.js Show response
way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/ 11 KB
4 KB 94ms
94ms Script
application/javascript 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://way2self.in.ua/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.3
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 7b9c44cf87a0ef3fb6de18543dc2d3bf2864b52d385f4bdcf1834ae3df4c44a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Jan 2020 15:52:58 GMT
Server: nginx/1.16.1
ETag: W/"5e15fada-2d41"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Connection: keep-alive

GET
H/1.1 502
Bad Gateway LQ.js
leokross.com/_yMj/ 0
0 117ms
55ms Script
text/html 79.171.117.17
VARITI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://leokross.com/_yMj/LQ.js
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 79.171.117.17 , Russian Federation, ASN64494 (VARITI-AS, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/ 357 KB
141 KB 171ms
54ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/85AXn53af-oJBEtL2o2WpAjZ/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 08:20:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84968
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143659
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 05:02:21 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 08:20:39 GMT

GET
H2

200

sdk.js Show response
connect.facebook.net/ru_RU/
Redirect Chain

http://connect.facebook.net/ru_RU/sdk.js
https://connect.facebook.net/ru_RU/sdk.js

3 KB
2 KB

177ms
58ms

Script
application/x-javascript

2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d651659afe38ac3181b568bfd952a9d5a9ef2a5ca826d8c2ca16f7b449fa1503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 5uxa5yHl+VbppR23VlUl6A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1688
x-fb-rlafr: 0
x-fb-debug: kudtPOvD0TQUSq83SxT/XcLVbgMVb5Ue6y66TOcDY2gcuOgh+2olP75+mSGag5bWVlnT4g+qHTb+r3tT9RjNHA==
x-fb-trip-id: 686109401
x-fb-content-md5: c3dcfadb97156594c1d0b25943399419
x-frame-options: DENY
date: Tue, 15 Mar 2022 07:56:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "c14d5bf23c7ed186eae9ca6cff440609"
timing-allow-origin: *
priority: u=1,i
expires: Tue, 15 Mar 2022 08:01:49 GMT

Redirect headers

Location: https://connect.facebook.net/ru_RU/sdk.js#xfbml=1&version=v2.6&appId=957403467676178
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 watch.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 138 KB
58 KB 171ms
71ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/watch.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcf0a15d58ec1ff3c24a98a256f779944de437b2baefd7529bcb4f916570740b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 37042
x-jsd-version: 1.222.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA, cache-lcy19256-LCY
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"229a4-vvyGe1h1GveLVR3H+jgTFyH4DGc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ec3b1cef9c57549-LHR

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

172ms
55ms

Script
text/javascript

2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1317
date: Tue, 15 Mar 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 15 Mar 2022 09:34:50 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H/1.1 200
OK background.png
way2self.in.ua/wp-content/themes/smartline-lite/images/ 3 KB
3 KB 86ms
86ms Image
image/png 2a03:f480:1:26::70
PAGM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://way2self.in.ua/wp-content/themes/smartline-lite/images/background.png
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 2a03:f480:1:26::70 , Estonia, ASN198068 (PAGM-AS, EE),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 97212b12104c856919d44f21b8cbecd7397e7ef9e698fa6a14b692a5408c302a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:46 GMT
Last-Modified: Wed, 08 Jan 2020 16:27:55 GMT
Server: nginx/1.16.1
ETag: "5e16030b-aee"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2798

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyCkIT4ttDfCmxA.woff2
fonts.gstatic.com/s/raleway/v26/ 21 KB
22 KB 112ms
57ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyCkIT4ttDfCmxA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a442100377d2c7c94c3608a7a785ec70c87b849c6c1faf78757939f9d4c970ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 00:30:18 GMT
X-Content-Type-Options: nosniff
Age: 26788
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 21688
X-XSS-Protection: 0
Last-Modified: Thu, 03 Feb 2022 00:15:38 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Wed, 15 Mar 2023 00:30:18 GMT

GET
H/1.1 200
OK raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXXp1veQ.woff2
fonts.gstatic.com/s/bitter/v25/ 16 KB
16 KB 111ms
56ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/bitter/v25/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLjOXXp1veQ.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9928921bcce9e4f9c2596d8e2fd221b690dc553d495379ba0fe3096defc8005

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Mon, 14 Mar 2022 15:56:54 GMT
X-Content-Type-Options: nosniff
Age: 57592
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 15896
X-XSS-Protection: 0
Last-Modified: Thu, 03 Feb 2022 00:33:41 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Tue, 14 Mar 2023 15:56:54 GMT

GET
H/1.1 200
OK raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLzOXXp1veSRBw.woff2
fonts.gstatic.com/s/bitter/v25/ 10 KB
11 KB 118ms
54ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/bitter/v25/raxhHiqOu8IVPmnRc6SY1KXhnF_Y8fbfOLzOXXp1veSRBw.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6831904cf2298ee15feee85c0b196c0d88093c1cd8ed30706006b0016a7401e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 19:20:31 GMT
X-Content-Type-Options: nosniff
Age: 477375
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 10176
X-XSS-Protection: 0
Last-Modified: Thu, 03 Feb 2022 00:31:37 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 09 Mar 2023 19:20:31 GMT

GET
H/1.1 200
OK 1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v26/ 41 KB
42 KB 117ms
55ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://fonts.gstatic.com/s/raleway/v26/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2

Requested by

Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Raleway%3A400%2C700%7CBitter&subset=latin%2Clatin-ext

Protocol

HTTP/1.1

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://fonts.googleapis.com/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Wed, 09 Mar 2022 01:06:27 GMT
X-Content-Type-Options: nosniff
Age: 543019
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Content-Length: 42336
X-XSS-Protection: 0
Last-Modified: Thu, 03 Feb 2022 00:16:25 GMT
Server: sffe
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type: font/woff2
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Timing-Allow-Origin: *
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="apps-themes"
Expires: Thu, 09 Mar 2023 01:06:27 GMT

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK lb212289_3.js Show response
s.luxadv.com/t/ 81 KB
34 KB 298ms
100ms Script
application/javascript 109.248.237.51
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://s.luxadv.com/t/lb212289_3.js?rt=10068790066
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 109.248.237.51 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 270307c80dde50ae8f690c7a3b2b8597d98623311f93681ab5189e179df61402

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Oct 2019 21:06:26 GMT
Server: nginx
ETag: W/"5da4e352-145e6"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=60
Connection: keep-alive
Expires: Tue, 15 Mar 2022 07:57:48 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 292 KB
105 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5667294504565912&plah=way2self.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a223fe2b3d06907c2f0fa6d14d097ae0af8aa5691172312073ad6edc16b48401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 107542
x-xss-protection: 0
server: cafe
etag: 1936352481159753490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/ Frame 549F 10 KB
5 KB 171ms
54ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Mon, 14 Mar 2022 23:41:54 GMT
expires: Mon, 28 Mar 2022 23:41:54 GMT
cache-control: public, max-age=1209600
age: 29693
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK render Show response
pxxifc.com/v1/ 29 KB
9 KB 216ms
126ms XHR
text/html 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://pxxifc.com/v1/render?surfer_uuid=aad6a153-fe26-48b0-bc23-b650eeb240df&referrer=http%3A%2F%2Fway2self.in.ua%2F&page_load_uuid=011a0650-ed62-4b51-b752-b4a5271aed5f&page_depth=1&4efg58u0wfa=3a7530d7-59f4-4c35-b15c-08fd30e13d70&block_uuid=3a7530d7-59f4-4c35-b15c-08fd30e13d70&refresh_depth=1&safari_multiple_request=424
Requested by: Host: pxxifc.com
URL: http://pxxifc.com/z7y1l7192lvip0m/0y3qh8768uvq876pkyjo.php
Protocol: HTTP/1.1
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c01ba3b7d2f8ff99aebf859857b4049bc6470d6ad7ab450db79f522c411f982c

Request headers

Referer: http://way2self.in.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
Date: Tue, 15 Mar 2022 07:56:47 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, must-revalidate
Connection: keep-alive
expires: -1

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
647 B 181ms
63ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=way2self.in.ua&callback=_gfp_s_&client=ca-pub-5667294504565912

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-5667294504565912&plah=way2self.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8863046b7577f5366d7a43517b18730ececce868a343a71716ee247c7b75d20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 184ms
63ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 182ms
62ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fway2self.in.ua%2F&tn=DIV&id=cookie-law-info-bar&ign=false&pw=1600&ph=1200&x=1575&y=1175

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0C89 114 KB
34 KB 448ms
384ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&adk=1812271804&adf=3025194257&lmt=1647329288&plat=1%3A16777216%2C3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A32768%2C32%3A32&format=0x0&url=http%3A%2F%2Fway2self.in.ua%2F&ea=0&flash=0&pra=5&wgl=1&dt=1647331007036&bpp=3&bdt=636&idt=176&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1616181645532&frm=20&pv=2&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=218

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e9ffaf055ff6ad18fd2edd9829b14c5671a178c8ae91a852eb9382b014c9f86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 07:56:47 GMT
server: cafe
content-length: 35133
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:47 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6F66 24 KB
10 KB 662ms
620ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

be7f32978141e5a016fd2b7cd959becfe9bbcc361ec92fd5884b86d53f85a7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 07:56:47 GMT
server: cafe
content-length: 10169
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:47 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D31 88 KB
30 KB 431ms
399ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=3376076128&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007042&bpp=1&bdt=641&idt=241&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=6710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3NlfBOiQ8s&p=http%3A//way2self.in.ua&dtd=245

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51dd6adf19e9a3c5a9a17081de5aee8f6e6ff3b6e0daf2edc4d46786aeeafdda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 07:56:47 GMT
server: cafe
content-length: 30909
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:47 GMT
cache-control: private

GET
H/1.1

200
OK

js_data.php Show response
100widgets.com/
Redirect Chain

http://100widgets.com/js_data.php?id=278
https://100widgets.com/js_data.php?id=278

306 B
733 B

186ms
61ms

Script
text/html

193.176.1.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://100widgets.com/js_data.php?id=278
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 193.176.1.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ip.stat.zevshost.net
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash: cfd76f8f2b5ed21afc907b2a26e5a1bad5664c9e6deaac474b7e6790354bd282

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 15 Mar 2022 07:56:48 GMT
Server: nginx/1.16.1
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: text/html
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Location: https://100widgets.com/js_data.php?id=278
Date: Tue, 15 Mar 2022 07:56:48 GMT
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 169
Content-Type: text/html

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 222C 30 KB
11 KB 381ms
354ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=642&idt=247&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xDXbdyrchb&p=http%3A//way2self.in.ua&dtd=249

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

55b3aea51e49fce01128a7a934d6d5d36a90d9901561aece7495ae3d2499dd06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 07:56:47 GMT
server: cafe
content-length: 10941
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:47 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A49B 30 KB
11 KB 314ms
290ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=643&idt=251&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=3xOYi2dOUo&p=http%3A//way2self.in.ua&dtd=252

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4f6cfba47365134e41de680a23af8c2c03e1cf33d8ebdc40c0b42704bc485abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 07:56:47 GMT
server: cafe
content-length: 10917
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:47 GMT
cache-control: private

GET
H/1.1 200
OK d03621486ae85d84.jpeg
pxxifc.com/.cdn/3a8241/a2ef40/d15c0b7108ff4939b09d011780967070/ 16 KB
16 KB 92ms
91ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pxxifc.com/.cdn/3a8241/a2ef40/d15c0b7108ff4939b09d011780967070/d03621486ae85d84.jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: c4c2dfd2723da41500a728731204f06460243ccfc3b5988ee5b4ed48833c666a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Last-Modified: Tue, 22 Feb 2022 06:46:06 GMT
Server: nginx/1.14.2
ETag: "621486ae-3e2e"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 15918

GET
H/1.1 200
OK d036216e1f509532.jpeg
pxxifc.com/.cdn/3a8241/a2ef40/d5b3f2c254e84994bed1df416b2a62fd/ 19 KB
19 KB 90ms
90ms Image
image/jpeg 62.76.25.27
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://pxxifc.com/.cdn/3a8241/a2ef40/d5b3f2c254e84994bed1df416b2a62fd/d036216e1f509532.jpeg
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: HTTP/1.1
Server: 62.76.25.27 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a84dc7d5290e88a80d22779e6c2de1ef73413fa6b573b00d021b21d840cc131c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:47 GMT
Last-Modified: Thu, 24 Feb 2022 01:40:05 GMT
Server: nginx/1.14.2
ETag: "6216e1f5-4a07"
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
Content-Length: 18951

GET
H2 200 css
fonts.googleapis.com/ 15 KB
1 KB 181ms
63ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b6636658309daf40633373d068662f1e248e0e5cc0131786b436074456cb88ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 06:49:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 07:56:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5D3A 0
0 70ms
70ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ2chv0YwYoKhF_Dg6wSz-ozQBMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAHVttLqA8gBCakCHvr9BLhnsj6oAwGqBLsBT9DxfThpO2ur-afNef_J8XveLGqnOAoFou572Opc41ywwNFCzHTzqBJNxF1mAxlYeQe6ku7-T47BZqUV2V9Gy8cAW6DdZzeOO6ktIKm6KV1GsxbqMbtiNLz55krG8qlCWarYA-5SUUJmi14TSWy27zmsZWmO3A10VeNpSYQuuHJ8PyFXfqFvtuPNmosAmglh7CKFjKAFj32ZSI5ZON5absOxLBOiUYSwVAaWIWxUqEnfjQGLpyPhOhJ4MIAG3JuPmevx2cnWAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=nynPiNHYy9Y&uach_m=[UACH]&cid=CAQSGwCNIrLMF6Kiwvr-B5mU1_LoMIpG-yR99ffXHxgB

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=643&idt=251&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=3xOYi2dOUo&p=http%3A//way2self.in.ua&dtd=252
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 07:56:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5D3A 0
0 173ms
60ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=UtDQEuKBMMAC4AOdg2ICAgAAAMsdJY3uoi0fFTyPnBC_RjBitO0x3iUQsw5d51cAEg&wp=YjBGvwAF0IIKmvBwAAM9Mx8vvnDZnmWlSspOeA

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:45 GMT
server: Kestrel
server-processing-duration-in-ticks: 228237
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D257 134 KB
45 KB 283ms
152ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF0IIKmvBwAAM9Mx8vvnDZnmWlSspOeA&u=%7CoQxQhUm4gfxL014eOIihwoqdenNEfSLnC%2BHE3ilAv6M%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_Lj2QqfW5owIADEgKs6qJ-vEhEBQC3vrwDges5lxnkkes6hU6wBaTsIk1oVSsynFxB649Pos7I-WNBQ0cmeICdSZT46Gsls6wEhM02poJ1E14AXyvNg6GCBnRdyUhgX58JPLM7ioBecx9VfCKOLTs8kfWQgwXHr8eEqKlLsewfuPmlcyHPX0irzZfeuSiuc3A1wZRJTu_ckt_Hql4NZOLDG8eKau2oJyt4toVuKOCk-vuCuRKNaypdWw7KZ2WsubY7i5vY_hkXeGohA4piRBc9Lr-G8Y9T8zkqzTc5_PGrBhuI6Zof4e8Ayh47ItZBcYZDDjiRYk5sW3hrqHKywXQmE71yspcR9C3LZX_0_iFgN03nyNwGvhKA62FVWdKg78sscWuis8ex9XYvdzfpd7mho-yI4Nu2luOSQqi4wzLBYRnym4Uu5UzjHTqXkWenS_E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1udGv0YwYoKhF_Dg6wSz-ozQBMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAHVttLqA8gBCakCHvr9BLhnsj6oAwGqBL4BT9DxfThpO2ur-afNef_J8XveLGqnOAoFou572Opc41ywwNFCzHTzqBJNxF1mAxlYeQe6ku7-T47BZqUV2V9Gy8cAW6DdZzeOO6ktIKm6KV1GsxbqMbtiNLz55krG8qlCWarYA-5SUUJmi14TSWy27zmsZWmO3A10VeNpSYQuuHJ8PyFXfqFvtuPNmosAmglh7CKFjKBHjVwLzwHFK2HGemBhEbVaWJC64gy4Oe7gYHR5f76ViztkkJZrj4P4DYAG3JuPmevx2cnWAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_28eR3tG3xt7IsEzKDbSnNmtNRR7g%26client%3Dca-pub-5667294504565912%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=337628481&adf=3940008474&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=643&idt=251&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=1279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=3xOYi2dOUo&p=http%3A//way2self.in.ua&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8ac59cc6828e61336a4a7259b9fd29c4440f5700882076c58242f411ed431b06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=X4FPRQmXtJdWs0lpBUCbLFIOCxs3UenDOBEYuuJDpq_HQHwpaWZC03z17PHwycT2CXF47q3bqEn8fibLd24Jy3fvcIRNcX54E8ZL82FxShh9yCpbKrbPopSXi_mVvVh5WLPHLWoiLp3uPhgwl5u7tn6OBGCSK0mJxcQ720qxLSe27SQRsCkjSvrVd6EzL0ZeRWH2QcgYiyqbex-vf1lt9kptDLeqEDULQVezgcssWGSUbhWcViksPg5-b_AzZRrZoGGEug"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 76684385
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 5D3A 2 KB
1 KB 190ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:50:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5D3A 117 KB
36 KB 186ms
63ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 5D3A 15 KB
7 KB 175ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:07:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7C38 0
0 90ms
90ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CwSUcv0YwYoamF4aY7gSPwZ94yZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQIe-v0EuGeyPqgDAaoEtQFP0GcE8cplDfoj6h8eQI9HwvmpeU5mn4H4vvGmZAjm1IyFH1gZb6eUYNX_cMK0Gry-c6ixVWQI0nrCiz1grxyMJoGqAi-2ajKTyOWtuBSnpFkU3QdqwLR5NPL9Z-WuUNSxLyyM6CnPs-iSf_y-rcGn2aIFWRQwoRO_f2iJ7hewCFujRDjACx6-bIIoi2-ngr-ayOQlrhqVGUM5l8D_Gzf_S-fzDQkcBCVUWMZP_4Q1AdmevHwzgAbQhMeAwJjFlwKgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NjY3Mjk0NTA0NTY1OTEyGAA&sigh=77arS5NhyoU&uach_m=[UACH]&cid=CAQSGwCNIrLMZEAyIR6LWkknMZIdE5s_zYXbvd9wMhgB

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=642&idt=247&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xDXbdyrchb&p=http%3A//way2self.in.ua&dtd=249
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 07:56:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7C38 0
0 231ms
66ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=Uv2jEuGBMNACmAKdg2ICAgAAAMsdJY3uoi0fFTyPnBC_RjBiQuUDohcOTQ_iMuEAEg&wp=YjBGvwAF0wYKm4wGAAfgjwJ2S5pYOKTTCgw5Xw

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 402811
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 815E 42 KB
17 KB 133ms
67ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF0wYKm4wGAAfgjwJ2S5pYOKTTCgw5Xw&u=%7CoQxQhUm4gfynVlrpzR51ZX%2BWKLTXydx%2Fph5ymY59TN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsfk6rNy33hnOjOX7BUoUIDqHxxH3okXUHt4SDaUGQOY0ZTmSqh1xjwJUSSeF1Qi6PmPUhXvaIs-4AGoyHw9ldm6-5vMDgs9dKws2qBP3HfGuSFl9GqfrZ4D-2eBWqYbjaO_k25NuhPnRk8Lp-_L9j9FOnntFlbR-_W7JNx-JxI5gVUS_k-Po0gVXsMIlKrtnTeJOn3ARXFXJiza2AhYOaKJgh_NclwOKXcf12-06b_nWJVIpTjQ2wuW0i2BcGNVbJV21qv4iN-JKNZAwgfe59pFV_1ZhKwSXwJ0LEB5pcN2PZznvVL2jrPYPOsXWkcfDkF52yI3iypKJUA4j55c0sSMrA0sJRPlkfl1qRIUYtDpx9stEwMbOkQ-9gSvnjRsoVQiy_6nSkzYweIUFoGVmYI3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY2K1v0YwYoamF4aY7gSPwZ94yZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQIe-v0EuGeyPqgDAaoEuAFP0GcE8cplDfoj6h8eQI9HwvmpeU5mn4H4vvGmZAjm1IyFH1gZb6eUYNX_cMK0Gry-c6ixVWQI0nrCiz1grxyMJoGqAi-2ajKTyOWtuBSnpFkU3QdqwLR5NPL9Z-WuUNSxLyyM6CnPs-iSf_y-rcGn2aIFWRQwoRO_f2iJ7hewCFujRDjACx6-bIIoi2-ngv2Y6XaiIYaGpt8tNBDCvc_2X-1FBycEhpGcZWC9QJoZGVw0OG-MtzLbgAbQhMeAwJjFlwKgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20mIHjK30F1n_9AxZlLI2njqZ2xA%26client%3Dca-pub-5667294504565912%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=642&idt=247&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xDXbdyrchb&p=http%3A//way2self.in.ua&dtd=249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c7ac4453422564529f681b11b76e4398cf8756afdeb75a565a45b82927726060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=pUoENwmXtJdWs0lp-a11NutzETlCci90PlOXuVW1uiHAH1UTzI_uJD7SaiMvSHsvHv_LDpucssQHeUWvh1PnCTPihvSf0mlCvOYd_RQ36s5wbDpuwquU-p62bI5te0CiSfNwz60UlDwBiy0CdPP7NXuH4NyCS4ODMNL48GGTaRNFxhcjfV_6U3hGUNH3yKH3dHBZMkF6gveib4Idjjy4vPh1gJVNFgS5wRqz-GLIZmslrOn-Ccg93mu6SgiF199rM9rQhA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 5073369
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7C38 2 KB
1 KB 122ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=642&idt=247&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xDXbdyrchb&p=http%3A//way2self.in.ua&dtd=249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:50:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7C38 15 KB
6 KB 116ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=642&idt=247&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xDXbdyrchb&p=http%3A//way2self.in.ua&dtd=249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:07:19 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C38 117 KB
36 KB 185ms
129ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=1918591600&adk=1545001857&adf=605032024&pi=t.ma~as.1918591600&w=341&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=341x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1647331007043&bpp=1&bdt=642&idt=247&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1100&ady=906&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&fsb=1&xpc=xDXbdyrchb&p=http%3A//way2self.in.ua&dtd=249

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0D31 8 KB
895 B 129ms
64ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=3376076128&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007042&bpp=1&bdt=641&idt=241&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=6710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3NlfBOiQ8s&p=http%3A//way2self.in.ua&dtd=245

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cdc61b8df6e8af4f24e9acbaf8f4569dd1bf04fb2ae7424430627371478013d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 06:46:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 07:56:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 0D31 2 KB
984 B 57ms
56ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 294
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:51:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0D31 0
0 73ms
73ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CS3s2v0YwYsbCF83Y6wTX3onoBJ2cn4Vnw_H2j6sPleXav80BEAEgl_2wKmCVAqABhb7ZmgLIAQmpAh76_QS4Z7I-qAMByAPLBKoE3AFP0GPF5hEqwPgO8gHIuIXOGjnQ_adxDZHdVlBcOt0IThclQdfrw-kXNpae_a4SOGUJXn6yNdL0DsBTnpwPL7wMT-YuoSDGjCncBn5bOgks9l4tAdXzrk4xbHGm2NHeFuuZYREYp_mVOAH_c75JctWbi8uIrPZYaxuli6kQ7I6O_gg1MPx139B0qwZ5s5PhfMwcpsInbjbNgb1f_b__CF4_HslO0OXCuSUGdPp8xDVhK3KFE1tDJ5N2xhvWq9DPPKnOQqO4mk0JNrrxRveNQ5Y4IRAk7bTXgzsVPJY7wASh3O7g9AOIBaSqjN05kgUECAQYAZIFBAgFGASgBi7YBgKAB-PBpuUBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ1M0BoAjkEbAIAtIICQiA4YBwEAEYH4AKAcgLAbgTiCfYEw2CFBAaDndheTJzZWxmLmluLnVh0BUBgBcBshccChoIABIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=hHTsALjFuH8&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=3376076128&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007042&bpp=1&bdt=641&idt=241&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=6710&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=3NlfBOiQ8s&p=http%3A//way2self.in.ua&dtd=245
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 07:56:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 0D31 19 KB
8 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:52:35 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 0D31 2 KB
1 KB 87ms
86ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 402
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:50:05 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D31 117 KB
36 KB 147ms
147ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 0D31 15 KB
6 KB 89ms
88ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:07:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2968
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:07:19 GMT

GET
H2 200 35849274faa25b88196bf3c3ff2d72d2.js Show response
www.gstatic.com/mysidia/ Frame 0D31 28 KB
12 KB 176ms
55ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35849274faa25b88196bf3c3ff2d72d2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 18:51:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11831
x-xss-protection: 0
last-modified: Mon, 07 Mar 2022 07:55:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 18:51:47 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15363664536656357079/ Frame 0D31 28 KB
28 KB 95ms
95ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15363664536656357079/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1889e2916663887ecd40c94213f8b502dc7fd8cb72ddc063d36a671379b67805

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 08 Mar 2022 23:15:34 GMT
x-content-type-options: nosniff
age: 549673
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28510
x-xss-protection: 0
last-modified: Sun, 05 Dec 2021 10:04:03 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 08 Mar 2023 23:15:34 GMT

GET
DATA 200
OK truncated
/ Frame 0D31 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 0D31 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/ 151 KB
54 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203030101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f69411a65f3d7298cd4c116d0a7691c1a5667e243077669868e4ae8e85468222

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55006
x-xss-protection: 0
server: cafe
etag: 14140325113136806019
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 15 Mar 2022 07:56:47 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 126ms
62ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 126ms
63ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 07:56:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B44 119 KB
39 KB 473ms
473ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00523ecff97d48b5638f38a529390ea536e4aebc5402f397197dd8ebba2f27e8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLn8tpzSx_YCFRCJmgodHdgJQg&gqi=v0YwYuyoNdeD7_UP7--UyAg&layout=/sadbundle/%24csp%253Der3%24/8522434734429362886/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLn8tpzSx_YCFRCJmgodHdgJQg&gqi=v0YwYuyoNdeD7_UP7--UyAg&layout=/sadbundle/%24csp%253Der3%24/8522434734429362886/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 07:56:48 GMT
server: cafe
content-length: 39746
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E265 119 KB
39 KB 451ms
451ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1744450280&pi=t.aa~a.3194323626~i.27~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=3772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=6EyeKMCTtx&p=http%3A//way2self.in.ua&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c432c7d6da74e3072e355a6a2de778c31663c208a4bdf8e0783ba85b75fe6d1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqCt5zSx_YCFRObmgodXQkJAQ&gqi=v0YwYpK8NbO5lQfy04DYBg&layout=/sadbundle/%24csp%253Der3%24/8522434734429362886/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLqCt5zSx_YCFRObmgodXQkJAQ&gqi=v0YwYpK8NbO5lQfy04DYBg&layout=/sadbundle/%24csp%253Der3%24/8522434734429362886/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 07:56:48 GMT
server: cafe
content-length: 39807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 412F 119 KB
39 KB 459ms
459ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8311281600a31962b95e21991d5c8f0e4befaf8ac36024acb3f5b11a8f95a6fe

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNemt5zSx_YCFRLYmgod0OwAqA&gqi=v0YwYp7TNc7M7_UPtfe7SA&layout=/sadbundle/%24csp%253Der3%24/8522434734429362886/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNemt5zSx_YCFRLYmgod0OwAqA&gqi=v0YwYp7TNc7M7_UPtfe7SA&layout=/sadbundle/%24csp%253Der3%24/8522434734429362886/index.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 15 Mar 2022 07:56:48 GMT
server: cafe
content-length: 39739
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 7C38 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5787badee8f3f4ed6095a2936afb9f7342b5c5961970642d4d08b14d22479d7e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 286 KB
81 KB 118ms
57ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=3c32d6b3f796b652136b4396274fcc4d

Requested by

Host: connect.facebook.net
URL: http://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

76fb6a4c19dc2ccc8f7495ef95e060e614da0733952ae7dd88da315215aea699

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: http://way2self.in.ua/
Origin: http://way2self.in.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: f7/BahP7xTqQXg0aVMF/0Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 83124
x-fb-rlafr: 0
x-fb-debug: o12O5LUl5EvcCeLv19CcoChyuXy0YOh6GHaIfyjl66qRkxR4m78DWA0l7mVlEWClWvJ4g3Ja5MloR2Swvxu5rQ==
x-fb-content-md5: bb271b6558c574ecfd69e915c102d683
x-frame-options: DENY
date: Tue, 15 Mar 2022 07:56:47 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "ebd4129eb14fea0f22a601a9b25867c3"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 15 Mar 2023 07:26:24 GMT

GET
DATA 200
OK truncated
/ Frame 5D3A 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0b675f5e1b7c176080692a0cf804603f6ee2e3fd6bd6049d55a7a0c9ded0077

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 815E 2 KB
1 KB 342ms
230ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF0wYKm4wGAAfgjwJ2S5pYOKTTCgw5Xw&u=%7CoQxQhUm4gfynVlrpzR51ZX%2BWKLTXydx%2Fph5ymY59TN0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsfk6rNy33hnOjOX7BUoUIDqHxxH3okXUHt4SDaUGQOY0ZTmSqh1xjwJUSSeF1Qi6PmPUhXvaIs-4AGoyHw9ldm6-5vMDgs9dKws2qBP3HfGuSFl9GqfrZ4D-2eBWqYbjaO_k25NuhPnRk8Lp-_L9j9FOnntFlbR-_W7JNx-JxI5gVUS_k-Po0gVXsMIlKrtnTeJOn3ARXFXJiza2AhYOaKJgh_NclwOKXcf12-06b_nWJVIpTjQ2wuW0i2BcGNVbJV21qv4iN-JKNZAwgfe59pFV_1ZhKwSXwJ0LEB5pcN2PZznvVL2jrPYPOsXWkcfDkF52yI3iypKJUA4j55c0sSMrA0sJRPlkfl1qRIUYtDpx9stEwMbOkQ-9gSvnjRsoVQiy_6nSkzYweIUFoGVmYI3w&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCY2K1v0YwYoamF4aY7gSPwZ94yZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTU2NjcyOTQ1MDQ1NjU5MTKgAdW20uoDyAEJqQIe-v0EuGeyPqgDAaoEuAFP0GcE8cplDfoj6h8eQI9HwvmpeU5mn4H4vvGmZAjm1IyFH1gZb6eUYNX_cMK0Gry-c6ixVWQI0nrCiz1grxyMJoGqAi-2ajKTyOWtuBSnpFkU3QdqwLR5NPL9Z-WuUNSxLyyM6CnPs-iSf_y-rcGn2aIFWRQwoRO_f2iJ7hewCFujRDjACx6-bIIoi2-ngv2Y6XaiIYaGpt8tNBDCvc_2X-1FBycEhpGcZWC9QJoZGVw0OG-MtzLbgAbQhMeAwJjFlwKgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_20mIHjK30F1n_9AxZlLI2njqZ2xA%26client%3Dca-pub-5667294504565912%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 815E 2 KB
1 KB 340ms
229ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 815E 308 B
636 B 338ms
229ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 815E 507 B
835 B 338ms
230ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 815E 43 B
347 B 175ms
59ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=jFaaVCC1FSYz-WCjs-znaKGb1tquLNn40nasO9qHmeZtb0_0yX3dFwlfqd_UW4n6_E2Fm0YY-KOAZJVb25G9tWYE0i6caCJM-ogUogHaiS54tXjafHH7ASgusGwV7OXwq-l965gAvL6GDFrzLIVKLBaKXxlIJSeYtjTR1f2TsN21CeOqN_YbWSeqjV3SkbucucO9OmbhemUSl2Z0irQ8k0R4F1LpFvLPIGHC_uOfOBAeibaue6cb9p3JLQio06UD_GPfSzDY4sd9d_Yswzxo1VVv7Q7zejTXZAYKFR6TLUbZvhRHPVexIFMaqInVQf4nvVZZmp4MSn6WP3SSEMsP2AZWcFvsgrrSPM_EbyUfluE4j2Y4vzRAGD9ByiOZSA4nyQLsnZlv-JEghC0SvFi_wHlZ0kBrdBK_vzsfO0s7RjThT23psh0AxV3yNlwb3TpKwIAnZw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:47 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2787676
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 832b82871f3248338680d79981111b80_image_ad_336x280.jpeg
static.criteo.net/design/dt/90764/220105/ Frame 815E 96 KB
96 KB 214ms
106ms Image
image/jpeg 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/90764/220105/832b82871f3248338680d79981111b80_image_ad_336x280.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

217e1b04eacd2a5e7a3f034f71830451edc5268fb17f66e234e3bdbb9e0faa47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 05 Jan 2022 18:27:39 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "61d5e31b-17e02"
strict-transport-security: max-age=31536000; preload;
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 97794
expires: Fri, 10 Mar 2023 07:56:48 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 815E 0
127 B 152ms
49ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=pUoENwmXtJdWs0lp-a11NutzETlCci90PlOXuVW1uiHAH1UTzI_uJD7SaiMvSHsvHv_LDpucssQHeUWvh1PnCTPihvSf0mlCvOYd_RQ36s5wbDpuwquU-p62bI5te0CiSfNwz60UlDwBiy0CdPP7NXuH4NyCS4ODMNL48GGTaRNFxhcjfV_6U3hGUNH3yKH3dHBZMkF6gveib4Idjjy4vPh1gJVNFgS5wRqz-GLIZmslrOn-Ccg93mu6SgiF199rM9rQhA&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 07:56:47 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 815E 2 KB
1 KB 320ms
224ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 815E 2 KB
1 KB 179ms
178ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D257 2 KB
1 KB 182ms
106ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF0IIKmvBwAAM9Mx8vvnDZnmWlSspOeA&u=%7CoQxQhUm4gfxL014eOIihwoqdenNEfSLnC%2BHE3ilAv6M%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyJQ-FXRqPyq_Lj2QqfW5owIADEgKs6qJ-vEhEBQC3vrwDges5lxnkkes6hU6wBaTsIk1oVSsynFxB649Pos7I-WNBQ0cmeICdSZT46Gsls6wEhM02poJ1E14AXyvNg6GCBnRdyUhgX58JPLM7ioBecx9VfCKOLTs8kfWQgwXHr8eEqKlLsewfuPmlcyHPX0irzZfeuSiuc3A1wZRJTu_ckt_Hql4NZOLDG8eKau2oJyt4toVuKOCk-vuCuRKNaypdWw7KZ2WsubY7i5vY_hkXeGohA4piRBc9Lr-G8Y9T8zkqzTc5_PGrBhuI6Zof4e8Ayh47ItZBcYZDDjiRYk5sW3hrqHKywXQmE71yspcR9C3LZX_0_iFgN03nyNwGvhKA62FVWdKg78sscWuis8ex9XYvdzfpd7mho-yI4Nu2luOSQqi4wzLBYRnym4Uu5UzjHTqXkWenS_E&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC1udGv0YwYoKhF_Dg6wSz-ozQBMme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi01NjY3Mjk0NTA0NTY1OTEyoAHVttLqA8gBCakCHvr9BLhnsj6oAwGqBL4BT9DxfThpO2ur-afNef_J8XveLGqnOAoFou572Opc41ywwNFCzHTzqBJNxF1mAxlYeQe6ku7-T47BZqUV2V9Gy8cAW6DdZzeOO6ktIKm6KV1GsxbqMbtiNLz55krG8qlCWarYA-5SUUJmi14TSWy27zmsZWmO3A10VeNpSYQuuHJ8PyFXfqFvtuPNmosAmglh7CKFjKBHjVwLzwHFK2HGemBhEbVaWJC64gy4Oe7gYHR5f76ViztkkJZrj4P4DYAG3JuPmevx2cnWAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_28eR3tG3xt7IsEzKDbSnNmtNRR7g%26client%3Dca-pub-5667294504565912%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame D257 2 KB
1 KB 305ms
231ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D257 308 B
636 B 261ms
230ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame D257 507 B
835 B 253ms
223ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame D257 43 B
347 B 100ms
61ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ZUfnqO2yxhIc4v2u-1IQzBNp2gapRzOTIoTGy2PpVjG-Wpf5iLTVsnB9gBuf7HIToNsB7TCGOhv_gtWk4D26dakx19QTwQ9H9LQQzjB1lqYRaxJryQ5Tzcwj0lWd3u13d8a0dPREP9Hqo1r3J94HRHnWAyv1DMvdEprli0v7FFn9p23FdGjsfxmNcchxQA4iGzHPEzPtjGfcsL1rAMf2Dgh6hpnLch4GQpDFP81Jdhk5JUpHL2nFQXS-rsiw1dnK-OnnRTtZW9VE9WyLx7mrlFWrr2mnhTCLTkVdLPu34Ud_6-H5jB-LULo5sc4o7fvNhW26MuhLqvL6qAC9jhz-_rcglS5zIxdNn2SwNgweybPr9VnSwoVdc0jqihdb2XNthjr_x4KwTHXDmSwc5lBSWdwEKB1dvL1fDcOfC3jO4ndSZ4IY4gAQxnt4EfCUIunOkA1Gtg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:47 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4081933
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala...

174 B
300 B

82ms
81ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A190169941557%3Ahid%3A125173013%3Az%3A0%3Ai%3A20220315075647%3Aet%3A1647331008%3Ac%3A1%3Arn%3A989191933%3Arqn%3A1%3Au%3A1647331008308586673%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647331006105%3Ads%3A114%2C85%2C93%2C84%2C0%2C0%2C%2C387%2C10%2C%2C%2C%2C764%3Aco%3A0%3Ast%3A1647331008&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

e3cb0985127ebd5ded1285ab9c33db80ceab550d14f644a12f100ba19f527965

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15-Mar-2022 07:56:48 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 174
x-xss-protection: 1; mode=block
expires: Tue, 15-Mar-2022 07:56:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Tue, 15-Mar-2022 07:56:48 GMT
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A2%3Adp%3A0%3Als%3A190169941557%3Ahid%3A125173013%3Az%3A0%3Ai%3A20220315075647%3Aet%3A1647331008%3Ac%3A1%3Arn%3A989191933%3Arqn%3A1%3Au%3A1647331008308586673%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647331006105%3Ads%3A114%2C85%2C93%2C84%2C0%2C0%2C%2C387%2C10%2C%2C%2C%2C764%3Aco%3A0%3Ast%3A1647331008&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 15-Mar-2022 07:56:48 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/33112108/
Redirect Chain

https://mc.yandex.ru/watch/33112108?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Ae...
https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3...

392 B
493 B

82ms
82ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A264571988381%3Ahid%3A125173013%3Az%3A0%3Ai%3A20220315075647%3Aet%3A1647331008%3Ac%3A1%3Arn%3A228235138%3Arqn%3A1%3Au%3A1647331008308586673%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647331006105%3Ads%3A114%2C85%2C93%2C84%2C0%2C0%2C%2C387%2C10%2C%2C%2C%2C764%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647331008%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1096fea53d5beadc2147df615d68b1b42e027593f425717981b965ddaa406ea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:48 GMT
x-content-type-options: nosniff
last-modified: Tue, 15-Mar-2022 07:56:48 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 392
x-xss-protection: 1; mode=block
expires: Tue, 15-Mar-2022 07:56:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Tue, 15-Mar-2022 07:56:48 GMT
location: /watch/33112108/1?wmode=7&page-url=http%3A%2F%2Fway2self.in.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Agqny5s7jg30ymmhf5r%3Afp%3A667%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A264571988381%3Ahid%3A125173013%3Az%3A0%3Ai%3A20220315075647%3Aet%3A1647331008%3Ac%3A1%3Arn%3A228235138%3Arqn%3A1%3Au%3A1647331008308586673%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1647331006105%3Ads%3A114%2C85%2C93%2C84%2C0%2C0%2C%2C387%2C10%2C%2C%2C%2C764%3Aco%3A0%3Arqnl%3A1%3Ast%3A1647331008%3At%3A%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://way2self.in.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 15-Mar-2022 07:56:48 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
177 B 79ms
79ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Fri, 18 Feb 2022 11:36:57 GMT
etag: "620f5aa9-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 15 Mar 2022 08:56:48 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 6F66 2 KB
1 KB 117ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:50:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6F66 117 KB
36 KB 163ms
101ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 6F66 15 KB
6 KB 117ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:44:57 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/ Frame EBBB 10 KB
4 KB 54ms
54ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Mon, 14 Mar 2022 23:56:52 GMT
expires: Mon, 28 Mar 2022 23:56:52 GMT
cache-control: public, max-age=1209600
age: 28796
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D257 12 KB
5 KB 140ms
49ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1602458
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QJZ0%2Fbl4hVS%2BMVdgbhzfit%2FkCXRI3JFmoZJoT%2F0Gmqgqbju7%2FuOvBh5dSPC56DDPYhcc5k1kJoHarA%2FxUk4yDauIY8yIe0F1ca%2FoS9u8RRog183k8cnJx25swvefR39Rvunb33d%2FcQtFiivius09TBGV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ec3b1d0f99974a1-LHR
expires: Sun, 05 Mar 2023 07:56:48 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D257 12 KB
6 KB 225ms
225ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 125ms
60ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1803596266&t=pageview&_s=1&dl=http%3A%2F%2Fway2self.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IAhAAEABAAAAAC~&jid=1870191232&gjid=1929535527&cid=266343060.1647331007&tid=UA-68999546-1&_gid=88674597.1647331008&_r=1&_slc=1&z=748407185

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://way2self.in.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://way2self.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 6F66 0
0 69ms
68ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CUZ-Hv0YwYoDPF4i_7gS0_YLYAsme0rFczYbj1pMBwI23ARABIABglQKCARdjYS1wdWItNTY2NzI5NDUwNDU2NTkxMqAB1bbS6gPIAQmpAh76_QS4Z7I-qAMBqgS1AU_QAfF4snnIb_ca2pGB6wbRhomAuZpoJhhh3C4ubvQs7GXXo98cNwt-HZPOZmPzE73pTpRRzvkavD8Kz6x1FJsq5EAD931mg-jjf0pkQdkDuabiVxEZc5AeaTehQKEa01yq9k-Bq735nCNEIUvFETThpkwYUDeYFznMZNOMccSI15MtrhvVdpxN8hcEbc-u3J4BT4qK-giAAwIRUhTLwfHHfooIrVDmQjLXZDRaLcmSwn7awMiABrv28cPwyaPT5QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01NjY3Mjk0NTA0NTY1OTEyGAA&sigh=WbM_lVY7LYE&uach_m=[UACH]&cid=CAQSGwCNIrLMZyunyFipGu_WXLCTJ6rKT_Qo5lz5_xgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 07:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 6F66 0
0 64ms
63ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UrbRDsz6RO4GmAKdg2ICAgAAAI2i1XSGhSf5FTyPnBC-RjBi9AnW96mVEoXp26kAEg&wp=YjBGvwAF54AKm5-IAAC-tDapSKb-55hNtNzUsw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 287849
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame FA30 150 KB
48 KB 159ms
159ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF54AKm5-IAAC-tDapSKb-55hNtNzUsw&u=%7CoQxQhUm4gfydhxVHP1uWxvxmoQ3HglLbcDhhk5OZzW8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsf_cABLeKzTC9KIl1SG3sQfH8EX69IW9IDd2YwapOVA3G9sgjPQHp8cr-BTD8U4EDb1j0YTbVIZ3Q6ruUZ0_j6bfq8huwBhav3QWthqp0GG6QnRpqLEx6Xpr4APeKYcEi7pVL33U8hPjk1cLWIOJckDcA9anPQylwG5rAmDB21rmt5twowsrZDGI00mDD3p4qQcJ8KPKzNGRJrFsFfDY7uND7nHUreSmFLkRRRs_oQEDHhtZU0eGM3Hx08_becVkA3F7pdlRVKpi-atAlY_9Gi_B8rM52zTE5--kv_bSQB9E8SAs2iLrI7QyFrRb5XiuNsJkx4_m6_eZ6Xpg_7dJNWR2J-DFnDFsqXjdzAIBQXuFJ3JGehUctSyFi0MKRgslUtSdZHQWkD_kf8Cx_fx2wAIw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9SLHv0YwYoDPF4i_7gS0_YLYAsme0rFczYbj1pMBwI23ARABIABglQKCARdjYS1wdWItNTY2NzI5NDUwNDU2NTkxMqAB1bbS6gPIAQmpAh76_QS4Z7I-qAMBqgS4AU_QAfF4snnIb_ca2pGB6wbRhomAuZpoJhhh3C4ubvQs7GXXo98cNwt-HZPOZmPzE73pTpRRzvkavD8Kz6x1FJsq5EAD931mg-jjf0pkQdkDuabiVxEZc5AeaTehQKEa01yq9k-Bq735nCNEIUvFETThpkwYUDeYFznMZNOMccSI15MtrhvVdpxN8hcEbc-unpwg3Q0FZhs_nxaygiltOfjTdDwCg0hk9vrqwsblM-WKR9Re03enD4-ABrv28cPwyaPT5QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nqthatDpW4MnqFNY-XFR3AEIDtw%26client%3Dca-pub-5667294504565912%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&slotname=9890819785&adk=2007858151&adf=4089702428&pi=t.ma~as.9890819785&w=878&fwrn=4&fwrnh=100&lmt=1647329288&rafmt=1&psa=0&format=878x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1647331007040&bpp=2&bdt=640&idt=233&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=409&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&cms=2&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=4KaymF3OKW&p=http%3A//way2self.in.ua&dtd=237

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6626f213dc18ee45e252e417978b574bd4299cadaed1ba864b44265e19ed4669

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=wbUdJgmXtJdWs0lp7OdZWmtnJFTki-UWGiJQ_narn1djvgGuY4cAA02bYl7NziMMABPyxsWhdgdhlP9RQJuUWFfGzGCr69wzihiAZMQjdDozgBwHSSMNXNv-r_TJSvzHQBL5s2CuYY9lznAd4-YAS7xV_pvyc5_TIYltDL7KhuuQHQiVTVsrw_U7-A9aQtnNDUNn075-ry4ZwEC5fFMa9oEPzV6XPiuyOs-eGEgsgFjh3YMKmR2w3P78KXKUbZvchfx8CA"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 96533225
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 0D31 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 181c325dbe30aba2c5aa91e8847047e97799be2fea31d5ea2e4dc5df4094e485

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 0D31 28 KB
28 KB 175ms
56ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvbQoi-E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef72d72c3eb95429b38be5ca351d57e7bf27a2a9427942fc99c303159a4af855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:44:58 GMT
x-content-type-options: nosniff
age: 551510
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28248
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:58:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:44:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D257 7 KB
7 KB 157ms
53ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=236&m=0&partner=85548&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F85548%2F220201%2Ffce1a4adf29c4e41ac62513a3ab7ad84_logo_%282%29.jpg&v=3&w=636&s=zgsDHw-Ud1za8DGDMSjRiJE8

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

33d9025d057c9be3664a987e63cd9df728192c9ff8383b10c4f853aa8140a19d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30222682
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7106
expires: Tue, 28 Feb 2023 03:08:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D257 27 KB
28 KB 335ms
231ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=85548&q=80&r=0&u=https%3A%2F%2Fwww.vendulalondon.com%2Fmedia%2Fcatalog%2Fproduct%2Fh%2Fe%2Fhello_sailor-laptop_bag-front_1040x1040px.jpg&v=3&w=400&s=AFYRKys8FSDv8nzxZTQh7TSp&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d1955013dc0cb4bee5f7c1308ca2b38582de77d81f27809c535b168bbc716d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29744030
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 28102
expires: Wed, 22 Feb 2023 14:10:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D257 30 KB
30 KB 214ms
110ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=85548&q=80&r=0&u=https%3A%2F%2Fwww.vendulalondon.com%2Fmedia%2Fcatalog%2Fproduct%2Fi%2Fm%2Fimg_6749_1_.jpg&v=3&w=400&s=wj2hYHDOFMAWdHFicAgL2__7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

35122e1d6d5452b3f8ff19a8127f9c090979e4309f0b4ed3154f145d6d98ef57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29889205
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 30776
expires: Fri, 24 Feb 2023 06:30:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D257 24 KB
24 KB 263ms
159ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=85548&q=80&r=0&u=https%3A%2F%2Fwww.vendulalondon.com%2Fmedia%2Fcatalog%2Fproduct%2Fv%2Fe%2Fvendula_cats_and_corgis_blue_umbrella_4_.jpg&v=3&w=400&s=GF4uowx_2RZ8tm3qZ9jNJctt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b3c60eb5382df55304fff473d7304b34032d3d78e1c4b1ca0acf0a151bf7da13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31466948
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 24640
expires: Tue, 14 Mar 2023 12:45:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D257 40 KB
40 KB 314ms
211ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=85548&q=80&r=0&u=https%3A%2F%2Fwww.vendulalondon.com%2Fmedia%2Fcatalog%2Fproduct%2Fi%2Fm%2Fimg_6698_1_.jpg&v=3&w=400&s=pnmGvI18XoU0XPH2yPFUg2su&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6cf1732d6c6f193ec241caa248c8f62a00db9c2951ba55ec3c9f113e7f808798

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29913955
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 40788
expires: Fri, 24 Feb 2023 13:22:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D257 13 KB
13 KB 317ms
213ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=85548&q=80&r=0&u=https%3A%2F%2Fwww.vendulalondon.com%2Fmedia%2Fcatalog%2Fproduct%2Fz%2Fi%2Fzipper-coin-purse-epicerie.jpg&v=3&w=400&s=TRZvZIrTdUdZYMLVHDqKVtHk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6f7c82a273555cfe14aa1ace7e1882c24a414899751d612489dce53ab8bdc350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29457475
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13436
expires: Sun, 19 Feb 2023 06:34:43 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D257 0
127 B 55ms
55ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=X4FPRQmXtJdWs0lpBUCbLFIOCxs3UenDOBEYuuJDpq_HQHwpaWZC03z17PHwycT2CXF47q3bqEn8fibLd24Jy3fvcIRNcX54E8ZL82FxShh9yCpbKrbPopSXi_mVvVh5WLPHLWoiLp3uPhgwl5u7tn6OBGCSK0mJxcQ720qxLSe27SQRsCkjSvrVd6EzL0ZeRWH2QcgYiyqbex-vf1lt9kptDLeqEDULQVezgcssWGSUbhWcViksPg5-b_AzZRrZoGGEug&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 07:56:47 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D257 2 KB
1 KB 162ms
162ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D257 2 KB
1 KB 162ms
162ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame EBBB 19 KB
8 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:55:24 GMT

GET
H3 200 17564755759181248278
tpc.googlesyndication.com/daca_images/simgad/ Frame EBBB 15 KB
15 KB 56ms
56ms Image
image/webp 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/17564755759181248278

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ee803f8a7f72c686c75557ca7045e67f0690726daada84e9a84ec783f4fe960

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Sun, 13 Mar 2022 08:42:46 GMT
x-content-type-options: nosniff
age: 170042
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15410
x-xss-protection: 0
last-modified: Fri, 11 Mar 2022 12:34:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Mar 2023 08:42:46 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame EBBB 2 KB
1 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:50:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EBBB 117 KB
36 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame EBBB 15 KB
6 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:44:57 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame EBBB 28 KB
12 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca7f23edc5a250dd23a0e499b3aa451f9dbc6bafc91faf8da2c7245bb05de1f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:07:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11802
x-xss-protection: 0
server: cafe
etag: 8307557220395963033
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 05:07:45 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame D257 5 KB
670 B 64ms
64ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ed4e5d5940ae2ba7cd94e95b41cad12239d3462eb6e23ac9f8ebda18e337f99d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:16:33 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 07:56:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9578.r9bUrOW7MwMjuwLElcpXZREWAbt-oRqYVK7LGSWPxDXET30tFQSyJtEOUSjog6Jx.H5scNAyeCKxu-rl6fTp1To0QMu0%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9578.2c3oRh8vz-BXOcpqU50aOl2xxySenzonMU7Zbuf2fkXtW3QuKa0nyHleLwSzEz9Ub6AIKLW4Lzo9eKmh3meMcM1Z5GwtV0KBxUqhyqwz45M%2C.BxDgGI21IofXkzooRVgTkWleZx...

43 B
359 B

98ms
98ms

Image
image/gif

80.239.201.77
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9578.2c3oRh8vz-BXOcpqU50aOl2xxySenzonMU7Zbuf2fkXtW3QuKa0nyHleLwSzEz9Ub6AIKLW4Lzo9eKmh3meMcM1Z5GwtV0KBxUqhyqwz45M%2C.BxDgGI21IofXkzooRVgTkWleZxc%2C

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Server

80.239.201.77 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

80-239-201-77.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9578.2c3oRh8vz-BXOcpqU50aOl2xxySenzonMU7Zbuf2fkXtW3QuKa0nyHleLwSzEz9Ub6AIKLW4Lzo9eKmh3meMcM1Z5GwtV0KBxUqhyqwz45M%2C.BxDgGI21IofXkzooRVgTkWleZxc%2C
date: Tue, 15 Mar 2022 07:56:48 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 6F66 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df81f38227c0f8ea9501c0f4d77699313286628b455bc18817b486b7d2996e1f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame FA30 2 KB
1 KB 55ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YjBGvwAF54AKm5-IAAC-tDapSKb-55hNtNzUsw&u=%7CoQxQhUm4gfydhxVHP1uWxvxmoQ3HglLbcDhhk5OZzW8%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0F-RefiA9PrL7TknJyDwr_rnf-JRpDK3FHSc-AHeZp_IBU6y1RilCUjjBuHP86Nsf_cABLeKzTC9KIl1SG3sQfH8EX69IW9IDd2YwapOVA3G9sgjPQHp8cr-BTD8U4EDb1j0YTbVIZ3Q6ruUZ0_j6bfq8huwBhav3QWthqp0GG6QnRpqLEx6Xpr4APeKYcEi7pVL33U8hPjk1cLWIOJckDcA9anPQylwG5rAmDB21rmt5twowsrZDGI00mDD3p4qQcJ8KPKzNGRJrFsFfDY7uND7nHUreSmFLkRRRs_oQEDHhtZU0eGM3Hx08_becVkA3F7pdlRVKpi-atAlY_9Gi_B8rM52zTE5--kv_bSQB9E8SAs2iLrI7QyFrRb5XiuNsJkx4_m6_eZ6Xpg_7dJNWR2J-DFnDFsqXjdzAIBQXuFJ3JGehUctSyFi0MKRgslUtSdZHQWkD_kf8Cx_fx2wAIw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9SLHv0YwYoDPF4i_7gS0_YLYAsme0rFczYbj1pMBwI23ARABIABglQKCARdjYS1wdWItNTY2NzI5NDUwNDU2NTkxMqAB1bbS6gPIAQmpAh76_QS4Z7I-qAMBqgS4AU_QAfF4snnIb_ca2pGB6wbRhomAuZpoJhhh3C4ubvQs7GXXo98cNwt-HZPOZmPzE73pTpRRzvkavD8Kz6x1FJsq5EAD931mg-jjf0pkQdkDuabiVxEZc5AeaTehQKEa01yq9k-Bq735nCNEIUvFETThpkwYUDeYFznMZNOMccSI15MtrhvVdpxN8hcEbc-unpwg3Q0FZhs_nxaygiltOfjTdDwCg0hk9vrqwsblM-WKR9Re03enD4-ABrv28cPwyaPT5QGgBiGoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nqthatDpW4MnqFNY-XFR3AEIDtw%26client%3Dca-pub-5667294504565912%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame FA30 2 KB
1 KB 55ms
55ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame FA30 308 B
636 B 69ms
68ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame FA30 507 B
835 B 54ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame FA30 43 B
347 B 60ms
59ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=JTbc--M1nWhEaKRNiLCjyAqj5tx0haRGVSRrl3Sfg4m_YdGWBV_uSTgB0QRxWM_gGhAkVpyV5hnUEB2HpHWXRUjXnEPbB2zJ6ZQZiDCcAU_6ExL3kmJ_bS4h5EhodD48IPMRmBjQit0aXZ0jsTu2yp1UQIuV-CEPPDmvEOZSjmO5zmqeR8pUkyv1cBX_ydMEP-TV0vrIAD7bNt95oVHs_6_F6inCYxKV-ob0WbNIaoBM1RBIqKP3HuhWDha4tmExiXuB8od0uCZ69_oTeZ9Q5BTFUMoRjrmu2GAVSDkiSEI2aQJNbMbIAwYKmfMN0cRvkfvaPkk-41tJ8521TkjCjJuA5HVwI_SStyg9qzRCNnSv6cPvTQAixiPLgheJpa6AWv-6OcjBJ6Pcw2XaIxu5tqNREDMG7fRk4Qx5YCawNbLt4Im0fVyjF6YKLrE71y1LGyllvb5JoNqEAMt9vnPzdfmlOaE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:48 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2725472
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B28 143 B
163 B 64ms
64ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Mar 2022 07:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=ISO-8859-1
age: 2999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 78bb7106eba1493f9541a62dff8c230f_apercu-regular-pro.woff
static.criteo.net/design/dt/ Frame FA30 48 KB
47 KB 268ms
118ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/78bb7106eba1493f9541a62dff8c230f_apercu-regular-pro.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ebbf4f292a8418f3b6c75846f97f481a16454132e089ece9099cb92c1daedfd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Thu, 19 Oct 2017 09:50:44 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"59e87574-bed4"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame FA30 12 KB
5 KB 141ms
93ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 468143
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKKuGKdkaBDB9UY95WyysEProFwZBDDp%2FWo14N3qtuhGzRFxFNGgQFqri3BoQ1Qxkdk0XwHT4kZ84JfVVof71oJqw3Jb2R3mhWEUdYBKy25rDsG5Dx36Y4g4rbwzBM6qjcrRBnT3vqIg17%2BuRyxnn5%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ec3b1d20a57004e-LHR
expires: Sun, 05 Mar 2023 07:56:48 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame FA30 12 KB
6 KB 55ms
54ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 9 KB
10 KB 186ms
186ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=1539&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1539%2F160413%2F2409b94295924b7cbb294a23cfc10830_loveknitting-logo.png&v=3&w=196&s=TYVOtK-JVveCvKI1rmbX6M4-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f0639bc38ae39ebb8e4bfd1a2e4d2b954cc441e68cb358db99222811bf7d22f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29009238
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9469
expires: Tue, 14 Feb 2023 02:04:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 194 KB
195 KB 268ms
268ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=1539&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F1539%2F220307%2Fb0600a91c04c455baa8e4257a4522228_img_square_1.jpg&v=3&w=1200&s=E04aWwhY0-BbrJ_qvDF0lxgW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

021accc9fdd578de30d046878593e4b01f06ce032e6c33e35ef02bee276d4748

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30443499
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 199160
expires: Thu, 02 Mar 2023 16:28:28 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 12 KB
12 KB 250ms
250ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fe71258abb040f1c8167511e6c763d1e6.jpg&v=3&w=400&s=6kKTt_rkJt4RVjsa8t0fYtY0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cecfbedbd64aed599a32b480f530a54d07d86cc3455c22e4921244caf699bfd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29728835
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12202
expires: Wed, 22 Feb 2023 09:57:23 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 12 KB
13 KB 195ms
195ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fdfbb9d74b62e81e3ce405f103de7e0cd.jpg&v=3&w=400&s=bDQZi02vHJP0SFLNu88eAlkE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

160942ab6f3cb2da7fbd38baf5302fe0119c030ea748dfde860c48f84e8baa2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29893039
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 12568
expires: Fri, 24 Feb 2023 07:34:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 7 KB
8 KB 194ms
194ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F6d45b76b626dc49868250be05001a9bb.jpg&v=3&w=400&s=lwBaUI26HpMoVQIQncLR-L2g&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

67ec7b0ae530e005f4d7feb7a38dae76aa4c685f381261b6c9cbc49f4c0d6966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29647624
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7668
expires: Tue, 21 Feb 2023 11:23:53 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 16 KB
17 KB 206ms
205ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fa272f69bb307a513ac71c8dd832bcab1.jpg&v=3&w=400&s=-wZwUSoyNAIPXDJLThFxaODC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3b074e5bf8f44106c818da9dda606ef7a9eaf8184056a149f2cfab835e4abcec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29027700
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16656
expires: Tue, 14 Feb 2023 07:11:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 14 KB
15 KB 199ms
198ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F5c44355c5b52f13097af5ed0a24ead15.jpg&v=3&w=400&s=Ra12mc-L2at54zoJ2TFhmUe1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c307d3d0f75db470a4ec4ea2888052a943dc2bc37c4953ee92012ace9456f481

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31271358
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 14640
expires: Sun, 12 Mar 2023 06:26:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 30 KB
30 KB 212ms
211ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F22e3dd04fbc72de272cf0a89ed70b95e.jpg&v=3&w=400&s=ZsgZbeWWU-ClSbCwUvKaXlwl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b7eaa8ea30f63924d6ff5c4b95cbb868cd9fc99aecd8c0abff5d64fe6ac316ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30262061
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 30826
expires: Tue, 28 Feb 2023 14:04:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 21 KB
21 KB 243ms
243ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fa115ae235d68613b4a662043746fd525.jpg&v=3&w=400&s=FOo5hlKiannBEDCPDA_LsP5E&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ab499783a1c39ad52411b624b2e81d0c9fbb886b9abdce17ebf9344a42c0decc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31035882
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 21608
expires: Thu, 09 Mar 2023 13:01:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 13 KB
14 KB 230ms
229ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fac5a5da88f4a174e7cd5a307a545831b.jpg&v=3&w=400&s=2oUEhoVcMi_Rbs9nAhGCtEja&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b73b888af8a60d8e921890d08933a27268413e240ed8c54ad5b90ce67ab5b5bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29540774
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 13600
expires: Mon, 20 Feb 2023 05:43:03 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 7 KB
7 KB 260ms
260ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fedf6f68a6e5a5ea72a5f89260994c425.jpg&v=3&w=400&s=AHcUjuJzqXP7ytDL7FsPXfWe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3de4aeb363469940e621ddf0908070ed772576975270a0d7884fde9db52ec809

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=28945503
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7034
expires: Mon, 13 Feb 2023 08:21:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 17 KB
17 KB 219ms
219ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F945407f65862a37fe6af8e6e83859d6d.jpg&v=3&w=400&s=a5jXmxMUWfQyCbn_F97Us4DV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

32dc44bd9356e41dffd1458e9a95c7c464693494a5e90a7a38d6be3ea62c359e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30326668
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 17082
expires: Wed, 01 Mar 2023 08:01:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 18 KB
18 KB 248ms
248ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F5568ce293f5335a65605235cafdcdea6.jpg&v=3&w=400&s=5TeTYesS1PahZmEA86UCK_8l&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9d52b8f5fbfd39cb15f2ca391398c1ad6d65612b321dcbfa9f0715a43f9be70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29635607
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 18308
expires: Tue, 21 Feb 2023 08:03:35 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 6 KB
6 KB 279ms
279ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fe286f16f82b50f694b4a6f0e2bd5daf5.jpg&v=3&w=400&s=uDKS1bwZ7aP4NuqX7MFgw6fL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9f5a8e751215fa9954205b5d64a5414cc9c96e4275ddd552acd4dac2ea5f6959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29990622
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6086
expires: Sat, 25 Feb 2023 10:40:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 10 KB
11 KB 250ms
250ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2Fe28a53901a546d5ee8d41a97811544c2.jpg&v=3&w=400&s=gXPfPfqNdm24_q1MBgQUXH3V&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8177c9cd189e3a98d42a8c82c4f0820fc89cc99e62d68a8923915d0be9f17510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29375139
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 10738
expires: Sat, 18 Feb 2023 07:42:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 7 KB
7 KB 249ms
249ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F87920edbf03916b569c1b4f561b73aea.jpg&v=3&w=400&s=O5IOIgLbM5U8KsVarbTuGFeZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

eaf885c5319ba9df600bceb678c7d3d635ce62bf25506f5622f6be001083a674

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30248389
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7370
expires: Tue, 28 Feb 2023 10:16:38 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame FA30 9 KB
9 KB 259ms
259ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1539&q=80&r=0&u=https%3A%2F%2Fct-res.cloudinary.com%2Ff_auto%252Cq_auto%3Agood%252Cw_700%2Fimages%2F035fc51238282f806139e63bb65d448f.jpg&v=3&w=400&s=I_wjMP-unrKanMDhVz6PmqRW&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b25da06664536f2aa1996a59f6a993b02a9f9382e0c49c0429722ff687e02900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30341194
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9132
expires: Wed, 01 Mar 2023 12:03:22 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FA30 0
127 B 49ms
49ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=wbUdJgmXtJdWs0lp7OdZWmtnJFTki-UWGiJQ_narn1djvgGuY4cAA02bYl7NziMMABPyxsWhdgdhlP9RQJuUWFfGzGCr69wzihiAZMQjdDozgBwHSSMNXNv-r_TJSvzHQBL5s2CuYY9lznAd4-YAS7xV_pvyc5_TIYltDL7KhuuQHQiVTVsrw_U7-A9aQtnNDUNn075-ry4ZwEC5fFMa9oEPzV6XPiuyOs-eGEgsgFjh3YMKmR2w3P78KXKUbZvchfx8CA&sds=2&rev=unknown&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 07:56:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FA30 2 KB
1 KB 58ms
58ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame FA30 2 KB
1 KB 54ms
54ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 10 Mar 2023 07:56:48 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2
fonts.gstatic.com/s/opensans/v28/ Frame D257 39 KB
39 KB 157ms
54ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v28/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-mu0SC55I.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 08 Mar 2022 22:44:55 GMT
x-content-type-options: nosniff
age: 551513
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39556
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 22:07:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 08 Mar 2023 22:44:55 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1353 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 05:35:02 GMT

GET
H/1.1 200
OK stat.js.php Show response
100widgets.com/ 0
199 B 61ms
60ms Script
application/javascript 193.176.1.9
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to

Full URL: https://100widgets.com/stat.js.php
Requested by: Host: 100widgets.com
URL: http://100widgets.com/js_data.php?id=278
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.176.1.9 Düsseldorf, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: ip.stat.zevshost.net
Software: nginx/1.16.1 / PHP/5.4.16
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:48 GMT
Server: nginx/1.16.1
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/ Frame 77D0 20 KB
6 KB 55ms
55ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0c883063b03ae249e74e449bf45d8c7416099377eb2888dc8ce320bcb581a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 6579
date: Sun, 13 Mar 2022 07:33:57 GMT
expires: Mon, 13 Mar 2023 07:33:57 GMT
cache-control: public, max-age=31536000
age: 174171
last-modified: Wed, 21 Apr 2021 10:12:33 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A756 0
0 75ms
75ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C0pklv0YwYvqmN5O26gTdkqQI04K5jWGnqMXk2A636aK9wAEQASCX_bAqYJUCoAHjivalAsgBCakCHvr9BLhnsj6oAwHIA0iqBMwBT9DG4PAcd_qe9AEgelU4L0ACRketNkTANZOPlw4hUYWeDLDdrgZgHq_pkXLYZP60z4OwU47MTChRTBfv0o0Un8QuWZg-mZUg3GWpVGfrAuj2ZuoTq505KKv7qWjKIqwhb0oegi0jvaxFOwutkdJilZxuP_Q4hpqyJWP1xDQ7it6qcDKDuS88Ek_7QYkiPWBKyvEcLyQExOieloKBrtewSwhwUVx0iO62Kn0aV5OzNf9pfPcMp64Ybuy7ENZ7GapXc2wuUABB2_H9omX8wASJ-pGXigOIBZf_7LEnkgUECAQYAZIFBAgFGASgBi7YBgKAB4X1idoBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQiZYGoAjkEbAIAtIICQiA4YBwEAEYH4AKAcgLAdgTDYIUEBoOd2F5MnNlbGYuaW4udWHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTY2NzI5NDUwNDU2NTkxMhgA&sigh=fh1pyjgAUSE&uach_m=[UACH]&template_id=419

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1744450280&pi=t.aa~a.3194323626~i.27~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=3772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=6EyeKMCTtx&p=http%3A//way2self.in.ua&dtd=17
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 07:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame A756 19 KB
8 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1744450280&pi=t.aa~a.3194323626~i.27~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=3772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=6EyeKMCTtx&p=http%3A//way2self.in.ua&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:55:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame A756 2 KB
1 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:50:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A756 117 KB
36 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame A756 15 KB
6 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:44:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A756 0
0 137ms
72ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcdwlDos8AnxTOHAuK-87gEt1Bm1PQRPtRrBwM_nIJgqw8VfzUqzZvm8RPoQkyIcaos2RV
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1744450280&pi=t.aa~a.3194323626~i.27~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=3772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=6EyeKMCTtx&p=http%3A//way2self.in.ua&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/ Frame FDC0 20 KB
6 KB 67ms
65ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0c883063b03ae249e74e449bf45d8c7416099377eb2888dc8ce320bcb581a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 6579
date: Sun, 13 Mar 2022 07:33:57 GMT
expires: Mon, 13 Mar 2023 07:33:57 GMT
cache-control: public, max-age=31536000
age: 174171
last-modified: Wed, 21 Apr 2021 10:12:33 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 66FC 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cc6Qvv0YwYpfLN5Kw6wTQ2YPACtOCuY1hp6jF5NgOt-mivcABEAEgl_2wKmCVAqAB44r2pQLIAQmpAo78Z0SZa7I-qAMByANIqgTMAU_QA9HijIzTc7AKJaQhQQ71r98aCF4bJxfSZBQMTbvwQG2XyyK3iBZAHQIyPrgsI2OkTIwTTxaPLYLt1inzuGjKS8xQClnYo__ErfOklCP2wB1sEmsXk-3jw7o9v0qbx8XHNAFg-_OAQX9rUCBDsNDSl_N0SWhKhmUUkNvV1lBoT72koIl19l6Fkwo4RtSRg81tVHS3qdadjsPJPmLvig-lozH9WlxpIIvedsfHOt-ArkbHNd940SIxgEz1msVgV1wBFG_3goiS1Pz3a8AEifqRl4oDiAWX_-yxJ5IFBAgEGAGSBQQIBRgEoAYu2AYCgAeF9YnaAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENL3BaAI5BGwCALSCAkIgOGAcBABGB-ACgHICwHYEw2CFBAaDndheTJzZWxmLmluLnVh0BUBmBYBgBcBshccChoIABIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=OETktHnvdrk&uach_m=[UACH]&template_id=419

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 07:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 66FC 19 KB
8 KB 66ms
65ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:55:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 66FC 2 KB
1 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:50:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 66FC 117 KB
36 KB 79ms
78ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 66FC 15 KB
6 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:44:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 66FC 0
0 74ms
73ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTWzbNIGtFp3FxZ1WRgJbwZJ09flKNvtj-SxOZnHd7ChCo5lLYXQzl2sgZTwZWWk-eNz8lx
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/ Frame 76FF 20 KB
6 KB 63ms
63ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2e0c883063b03ae249e74e449bf45d8c7416099377eb2888dc8ce320bcb581a6

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
timing-allow-origin: *
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
content-length: 6579
date: Sun, 13 Mar 2022 07:33:57 GMT
expires: Mon, 13 Mar 2023 07:33:57 GMT
cache-control: public, max-age=31536000
age: 174171
last-modified: Wed, 21 Apr 2021 10:12:33 GMT
content-type: text/html
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7782 0
0 82ms
81ms Fetch
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMPALv0YwYvmgN5CS6gSdsKeQBNOCuY1hp6jF5NgOt-mivcABEAEgl_2wKmCVAqAB44r2pQLIAQmpAh76_QS4Z7I-qAMByANIqgTMAU_QvXWdf8OoypPe7Oc_EiezuSsyGLwBwcOxLWTjzWXHhlid8VYYDIg2hzPvyzwxc5dQnWLHqv5bSjcOQROiVUJCEtfObEZ2x8xqx5K9HwT3CF4i3PNZ5NEH0QON43No5gFB3FZSIT7z3VusOfb7S_bY4LxK2X08AcOHaEZcxLDm8dR-YmoP0LFgPYgg4u5tsVsP2tn5GHvA94X_Uc3I5RmeAYkMIFylshoAsTTveDoekzwBa4FXVDeU2_RaoatXXAi_iixao1LkglP5wMAEifqRl4oDiAWX_-yxJ5IFBAgEGAGSBQQIBRgEoAYu2AYCgAeF9YnaAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENS3BqAI5BGwCALSCAkIgOGAcBABGB-ACgHICwHYEw2CFBAaDndheTJzZWxmLmluLnVh0BUBmBYBgBcBshccChoIABIUcHViLTU2NjcyOTQ1MDQ1NjU5MTIYAA&sigh=KSv96x01-oE&uach_m=[UACH]&template_id=419

Requested by

Host: way2self.in.ua
URL: http://way2self.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 15 Mar 2022 07:56:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/ Frame 7782 19 KB
8 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:55:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7865
x-xss-protection: 0
server: cafe
etag: 17470246482903461409
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:55:24 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7782 2 KB
1 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:50:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:50:05 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7782 117 KB
36 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36369
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647258231097430"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/ Frame 7782 15 KB
6 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220308/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:44:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 711
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6397
x-xss-protection: 0
server: cafe
etag: 14404976697706490601
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 29 Mar 2022 07:44:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7782 0
0 73ms
73ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR7JLgEeiPwjXTZx-qsL0Mwox9DvFlDtJlxVqrpWOB8THaB8NN3l9yq17dwswThzdLBnsLT
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1B28
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

150ms
150ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 07:56:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:48 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 07:56:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame E1C7 35 KB
13 KB 67ms
65ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220308/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 05:35:02 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AAA9 143 B
163 B 56ms
54ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1744450280&pi=t.aa~a.3194323626~i.27~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280&nras=3&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=3772&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=6EyeKMCTtx&p=http%3A//way2self.in.ua&dtd=17

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Mar 2022 07:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=ISO-8859-1
age: 2999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 77D0 9 KB
3 KB 56ms
54ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 77D0 26 KB
10 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 14:22:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 77D0 4 KB
720 B 63ms
62ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7cRaleway:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48ca13426dcc59e549df375ddcb9c51cd070d43457d4553d8a6b47b5a9123418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:56:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 07:56:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
DATA 200
OK truncated
/ Frame A756 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1d725376b47e5eb497dfb5e99638f711d0e59d9ae71faa309a3843091504c192

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF27 143 B
163 B 60ms
59ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Mar 2022 07:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=ISO-8859-1
age: 2999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FDC0 9 KB
3 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FDC0 26 KB
10 KB 59ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 14:22:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FDC0 4 KB
720 B 66ms
66ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7cRaleway:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48ca13426dcc59e549df375ddcb9c51cd070d43457d4553d8a6b47b5a9123418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:56:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 07:56:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 082F 143 B
163 B 57ms
56ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Tue, 15 Mar 2022 07:06:49 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=ISO-8859-1
age: 2999
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 76FF 9 KB
3 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:42:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 13:42:50 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 76FF 26 KB
10 KB 58ms
57ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Mon, 14 Mar 2022 14:22:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63283
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 15 Mar 2022 14:22:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 76FF 4 KB
720 B 64ms
64ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7cRaleway:600

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48ca13426dcc59e549df375ddcb9c51cd070d43457d4553d8a6b47b5a9123418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 15 Mar 2022 07:56:48 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 15 Mar 2022 07:56:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 15 Mar 2022 07:56:48 GMT

GET
DATA 200
OK truncated
/ Frame 66FC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa5cf261fb891eac61832b2d0b405a3c5cb42bafe5f4bb033836471357a8be8c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7782 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f916c92a178aecebc952bea0cb8dc0bf8ddf9e92882273985144a7fd38d7dfa4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200 / Show response
luxadv.com/multishows/618788/ 417 B
458 B 213ms
95ms Script
application/x-javascript 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://luxadv.com/multishows/618788/?rt=100870393&title=%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&f=__lxG212289__100819889&scr=1600x1200&wnd=1600x1200
Requested by: Host: s.luxadv.com
URL: http://s.luxadv.com/t/lb212289_3.js?rt=10068790066
Protocol: HTTP/1.1
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2fba3578b87145f8399f4ad00ef5b3593649e3ae8572af547943c2228b429b3e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:48 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 77D0 300 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f36654c4fc0df1a3cd1786b08ba11bbd67302624b1206028406244eccd1adb3d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 a50696ead277b1a8100f2c6cfb920878.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/media/ Frame 77D0 12 KB
12 KB 55ms
55ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/media/a50696ead277b1a8100f2c6cfb920878.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a057c6e43de5a7f14956cc62c3ed2e22e5484d5fe61594ad32301ebf366ec37d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 188997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12470
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 10:12:33 GMT
server: sffe
date: Sun, 13 Mar 2022 03:26:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Mar 2023 03:26:51 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrEVJz9d.woff2
fonts.gstatic.com/s/raleway/v26/ Frame 77D0 16 KB
16 KB 55ms
55ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrEVJz9d.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7cRaleway:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bad94c037d8579792c24642e9b43fd0999360be6d5c1d99cdd7eca505116d1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:36:58 GMT
x-content-type-options: nosniff
age: 483590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16416
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 17:36:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AAA9
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

167ms
166ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 07:56:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 07:56:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame FDC0 300 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f36654c4fc0df1a3cd1786b08ba11bbd67302624b1206028406244eccd1adb3d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 76FF 300 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f36654c4fc0df1a3cd1786b08ba11bbd67302624b1206028406244eccd1adb3d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=UTF-8

GET
H3 200 a50696ead277b1a8100f2c6cfb920878.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/media/ Frame FDC0 12 KB
12 KB 54ms
54ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/media/a50696ead277b1a8100f2c6cfb920878.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a057c6e43de5a7f14956cc62c3ed2e22e5484d5fe61594ad32301ebf366ec37d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 188997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12470
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 10:12:33 GMT
server: sffe
date: Sun, 13 Mar 2022 03:26:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Mar 2023 03:26:51 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrEVJz9d.woff2
fonts.gstatic.com/s/raleway/v26/ Frame FDC0 16 KB
16 KB 53ms
53ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrEVJz9d.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7cRaleway:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bad94c037d8579792c24642e9b43fd0999360be6d5c1d99cdd7eca505116d1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:36:58 GMT
x-content-type-options: nosniff
age: 483590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16416
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 17:36:58 GMT

GET
H3 200 a50696ead277b1a8100f2c6cfb920878.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/media/ Frame 76FF 12 KB
12 KB 59ms
59ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/media/a50696ead277b1a8100f2c6cfb920878.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8522434734429362886/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a057c6e43de5a7f14956cc62c3ed2e22e5484d5fe61594ad32301ebf366ec37d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 188997
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12470
x-xss-protection: 0
last-modified: Wed, 21 Apr 2021 10:12:33 GMT
server: sffe
date: Sun, 13 Mar 2022 03:26:51 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 13 Mar 2023 03:26:51 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrEVJz9d.woff2
fonts.gstatic.com/s/raleway/v26/ Frame 76FF 16 KB
16 KB 62ms
62ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v26/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVsEpbCIPrEVJz9d.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:700%7cRaleway:600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bad94c037d8579792c24642e9b43fd0999360be6d5c1d99cdd7eca505116d1a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Wed, 09 Mar 2022 17:36:58 GMT
x-content-type-options: nosniff
age: 483590
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16416
x-xss-protection: 0
last-modified: Thu, 03 Feb 2022 00:15:35 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 09 Mar 2023 17:36:58 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame AF27
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

168ms
168ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=1331978177&pi=t.aa~a.3194323626~i.41~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=0&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280%2C877x280%2C877x280&nras=4&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=4882&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=8&uci=a!8&btvi=5&fsb=1&xpc=3Z4CpdjZCq&p=http%3A//way2self.in.ua&dtd=20

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 07:56:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 07:56:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 082F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

192ms
192ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5667294504565912&output=html&h=280&adk=4167863222&adf=3995565334&pi=t.aa~a.3194323626~i.15~rp.4&w=877&fwrn=4&fwrnh=100&lmt=1647329288&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=5291598837&psa=0&ad_type=text_image&format=877x280&url=http%3A%2F%2Fway2self.in.ua%2F&flash=0&fwr=0&pra=3&rh=200&rw=877&rpe=1&resp_fmts=3&wgl=1&fa=27&dt=1647331007825&bpp=1&bdt=1424&idt=-M&shv=r20220308&mjsv=m202203030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C878x280%2C878x280%2C341x280%2C341x280&nras=2&correlator=1616181645532&frm=20&pv=1&ga_vid=266343060.1647331007&ga_sid=1647331007&ga_hid=1803596266&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=162&ady=2954&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531398%2C44750774%2C31064037&oid=2&pvsid=1046787145574762&pem=546&tmod=1977750238&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=NEGcxiLnnP&p=http%3A//way2self.in.ua&dtd=14

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 07:56:49 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 15 Mar 2022 07:56:49 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 15 Mar 2022 07:56:48 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 77D0 35 KB
13 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 05:35:02 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame FDC0 35 KB
13 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 05:35:02 GMT

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame 76FF 35 KB
13 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8506
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 05:35:02 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C38 42 B
64 B 146ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvl0CqUc_gh7bPddTAT9So5odux789gehkDpTKJ64pHVHK9XODSlsFhltmQa6a3VIc2KqKMcp-5tAFrMh-VtQ5a&sig=Cg0ArKJSzNXeValaz1z6EAE&id=lidar2&mcvt=1019&p=0,0,280,336&mtos=1019,1019,1019,1019,1019&tos=1019,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1545001857&rs=2&la=0&cr=0&vs=4&r=v&rst=1647331007686&rpt=264&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 / Show response
adlmerge.com/md/ 305 B
411 B 119ms
50ms Script
text/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: http://adlmerge.com/md/?lxname=__lxG212289__100819889&lx_alg=173&lx_params=rt%3d100870393%26title%3d%25D0%259F%25D1%2583%25D1%2582%25D1%258C%2520%25D0%25BA%2520%25D0%25B8%25D1%2581%25D1%2582%25D0%25B8%25D0%25BD%25D0%25BD%25D0%25BE%25D0%25B9%2520%25D1%2581%25D0%25B5%25D0%25B1%25D0%25B5%26f%3d__lxG212289__100819889%26scr%3d1600x1200%26wnd%3d1600x1200&lx_ids=618788&&f=__lxG212289__100819889
Requested by: Host: s.luxadv.com
URL: http://s.luxadv.com/t/lb212289_3.js?rt=10068790066
Protocol: HTTP/1.1
Server: 95.211.66.35 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 8dbf44fc72c46162d2f8b054b0a156bdf4f550b35746606957203dc47d1c5ad2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:49 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: nginx/1.16.0
Connection: keep-alive
ISEU: eu
Content-Type: text/javascript

POST
H2 200 all
csm.eu.criteo.net/ Frame 815E 0
127 B 50ms
49ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 07:56:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200 / Show response
luxadv.com/multishows/618788/ 493 B
1 KB 104ms
104ms Script
text/javascript 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://luxadv.com/multishows/618788/?rt=100910537&title=%D0%9F%D1%83%D1%82%D1%8C%20%D0%BA%20%D0%B8%D1%81%D1%82%D0%B8%D0%BD%D0%BD%D0%BE%D0%B9%20%D1%81%D0%B5%D0%B1%D0%B5&f=__lxG212289__100819889&scr=1600x1200&wnd=1600x1200&md=7075232810112230465
Requested by: Host: s.luxadv.com
URL: http://s.luxadv.com/t/lb212289_3.js?rt=10068790066
Protocol: HTTP/1.1
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b65e768ad857d2dbcd23f85179dfe007057a8931adf01c5385464849acb75603

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:49 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
P3P: policyref="luxadv.com/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"

GET
H2

403

/
gmp.luxcdn.com/tr/
Redirect Chain

http://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm&psid=7075232810112230465&google_hm=NzA3NTIzMjgxMDExMjIzMDQ2NQ&_lxrnd_=100921259
https://cm.g.doubleclick.net/pixel?google_nid=albs&google_cm=&psid=7075232810112230465&google_hm=NzA3NTIzMjgxMDExMjIzMDQ2NQ&_lxrnd_=100921259&psid=7075232810112230465&_lxrnd_=100921259
https://gmp.luxcdn.com/tr/?psid=7075232810112230465&_lxrnd_=100921259&psid=7075232810112230465&_lxrnd_=100921259&google_gid=CAESEPFeTn92Czrp8SfQ-P0JlFw&google_cver=1

0
0

309ms
97ms

Image
text/html

109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gmp.luxcdn.com/tr/?psid=7075232810112230465&_lxrnd_=100921259&psid=7075232810112230465&_lxrnd_=100921259&google_gid=CAESEPFeTn92Czrp8SfQ-P0JlFw&google_cver=1
Requested by: Host: way2self.in.ua
URL: http://way2self.in.ua/
Protocol: H2
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:49 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://gmp.luxcdn.com/tr/?psid=7075232810112230465&_lxrnd_=100921259&psid=7075232810112230465&_lxrnd_=100921259&google_gid=CAESEPFeTn92Czrp8SfQ-P0JlFw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 382
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET mtch.php
track.recreativ.ru/ 0
0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6F66 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstcXh9tMSRZizx0RguzEonzUYYr2_1UgfBogU9kKZbd_7g2H6XIUSdFI8PXe_W9H6nX3GXA6Tx53DQ17tir9E7Pfw&sig=Cg0ArKJSzOLhZPt5aP-IEAE&id=lidar2&mcvt=1001&p=0,0,280,878&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220314&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2007858151&rs=2&la=0&cr=0&vs=4&r=v&rst=1647331007278&rpt=940&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame FA30 0
127 B 48ms
48ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 15 Mar 2022 07:56:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 64ms
63ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 07:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 62ms
62ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=way2self.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 07:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 68ms
68ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69b786555f4b19834e5b64bc2dce695a8eead391dcae048e82f70b0c45e5a62a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 15 Mar 2022 07:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10568
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 76ms
76ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 15 Mar 2022 07:56:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A228 13 KB
5 KB 54ms
54ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Mar 2022 07:12:31 GMT
expires: Wed, 15 Mar 2023 07:12:31 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 2659
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame AF10 783 B
537 B 63ms
63ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

582b9ec1c30af4a7aa235f1a72fc994a55f63e93825e6377255876d99cd64318

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xm3rb3Fw4PO0dK067RjRQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 15 Mar 2022 07:56:50 GMT
date: Tue, 15 Mar 2022 07:56:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-xm3rb3Fw4PO0dK067RjRQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js Show response
pagead2.googlesyndication.com/bg/ Frame A228 35 KB
13 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/xt8fZ__SaXi8rLOjRFpxOtLjv0mS66MIGtFrZKZOLkM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 05:35:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8508
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13756
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 15 Mar 2023 05:35:02 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame AF10 0
0 106ms
106ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220308&jk=1046787145574762&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A228 0
9 B 54ms
54ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kGDImQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

date: Tue, 15 Mar 2022 07:56:50 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 78ms
78ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220308&jk=1046787145574762&bg=!DwylDEjNAAb7UztL-1M7ACkAdvg8WnPGz61QOIgKDwJYXFIhR25aM4PeVahhBXSIDvSfXVHJRRrVSgIAAABSUgAAAAJoAQcKAFlOf0ccaUNQiPW76Xk2-LLkvX_NIg0Qlsx9_DbmcYZB71N2vFVjaply8iCGky0VEbTFihC1Z1hFft9fUvK9iV_Cpy8xVN7Y163b2j2-cdyWEF4O0oiMcZcHWJkCqZYsBFLBlEkYd1srMSUAHaH2_sQaT-GUrdJ7zSnLCWs9Kc4f-XATw8lIwAKBiRQ3e79o_0p16wa_ciJdm2L-EEcVUE2eFCGs_--N8AF6gmbvpbJEUhhXUmHbZWMy9JNr05GHqsxLVbI0LHX5Yxuh5D6prIVnllgrmLQ5axQRZ9VvR-dc7kXKCk8MHVt7ui5gabE2DyHF3EmvSEw_kIRhRgiNn0By_1OYXFql_cqhEr-9txjDqz8EJjqYKH2tCHFGY6Sn6Fsj8iLXcpICmBe5omdcEJ59o1vxbC8s5R-Lwq3rPp8ujAreqNjMQ5SCBpO712QV3fAdA7ZREiCq2vDAqwtQLESwMHVXc3ujYb7x3KJqPT4VHLj1plGeuzeNIuVmuKNLzzqTWqN5DhQ8DbdnWdVAgbQ65gyDBqH7CjfGRRlZxs5YwNX1IGBHiAcvV2Z3Mh2Gc_7VWEmNc_KbQTIq1seS7Dvi03AD69JDhWEzWZqjiDyOoEgp2GwFu4gc5OCih4-J3AijdczS1t268dGJ62GPTiRluYOWHb_YkqT3w4Tzth56z4PDu1KxkeQIZkYo_3jcnk2zOGX2NjzKFZZxRQhiisc1RagqrBbC79GxG4KvU7fs21BYgORwK6JZrrDE6vjVFI9Bq1AqOifB8dMzMbXWmFpaPsl-uT1KLTqgyQkPheV1UMd-coovso5ctOmV45jTlQg2Pneq-mPsvZg81PlAOf3SW6pN-Ej5E_HjBGRxwmVAs7FtfU4_cqb8FQ4ndrlCp8VZDJmvyeWANQ7Rs4WjrNRUatQizlNysRK-0-z0DdfB-F-o_1R3530fpJb3qhv_z2YuM7ub6jU6u_0Yp1rs8JnMpRRed2xarY-C_1nRlaSb_703qEK3dS3pa12SPUc7vD21jb3PCw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

pragma: no-cache
date: Tue, 15 Mar 2022 07:56:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 / Show response
luxadv.com/npm_mobile_atf_problems/ 0
137 B 97ms
97ms Script
text/html 109.248.237.37
SUPPORTIT-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://luxadv.com/npm_mobile_atf_problems/?rt=101221491&loc=http%3A%2F%2Fway2self.in.ua%2F&ss=1600x1200&sid=212289&type=adsense&h=280&w=878
Requested by: Host: s.luxadv.com
URL: http://s.luxadv.com/t/lb212289_3.js?rt=10068790066
Protocol: HTTP/1.1
Server: 109.248.237.37 Moscow, Russian Federation, ASN201009 (SUPPORTIT-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: http://way2self.in.ua/
User-Agent: Mozilla/5.0 (Linux; Android 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.185 Mobile Safari/537.36

Response headers

Date: Tue, 15 Mar 2022 07:56:52 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
Content-Type: text/html

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: track.recreativ.ru
URL: http://track.recreativ.ru/mtch.php?nid=6&psid=7075232810112230465&_lxrnd_=100921206

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 10:57:07	Name: IDE Value: AHWqTUkVEMogRVDkCUk6RxkCxg4W9Mc1aHogbserr5N0TwAiZb6us_NQjBoSkelJSvk
.way2self.in.ua/	1970-01-20 10:21:07	Name: _ym_uid Value: 1647331008308586673
.way2self.in.ua/	1970-01-20 10:21:07	Name: _ym_d Value: 1647331008
.way2self.in.ua/	1970-01-20 19:06:43	Name: _ga Value: GA1.3.266343060.1647331007
.way2self.in.ua/	1970-01-20 01:36:57	Name: _gid Value: GA1.3.88674597.1647331008
.way2self.in.ua/	1970-01-20 01:35:31	Name: _gat Value: 1
.yandex.ru/	1970-01-20 10:21:07	Name: ymex Value: 1678867008.yrts.1647331008#1678867008.yrtsi.1647331008
.yandex.ru/	1970-01-20 10:21:07	Name: yandexuid Value: 7669003531647331008
.yandex.ru/	1970-01-20 10:21:07	Name: yuidss Value: 7669003531647331008
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1796859111647331008
.yandex.ru/	1970-01-23 17:11:31	Name: i Value: MCILYdAf7tBKtWHAm3yGq98OHwlYS5+lqVhKydhQ27RXAF5SRfXXJd1t7zCLhfyn4G77Rr3sV4Qns3CmlDuNuOVyEI0=
.way2self.in.ua/	1970-01-20 10:57:07	Name: __gads Value: ID=d237483eb508aee6-228ae0775ccd0053:T=1647331007:RT=1647331007:S=ALNI_Mbjj4lxplZgwkK7XcelBWI-39rxqQ
.way2self.in.ua/	1970-01-20 01:36:43	Name: _ym_isad Value: 2
way2self.in.ua/	1970-01-20 02:18:43	Name: __lx212289_load_cnt Value: 1
way2self.in.ua/	1970-01-20 02:18:43	Name: __lx212289_load_tmr Value: 0
way2self.in.ua/	1970-01-20 02:18:43	Name: __lx212289_load_tmr_pre Value: 1647331008203
.way2self.in.ua/	1970-01-20 01:35:32	Name: _ym_visorc Value: w
.mc.webvisor.org/	1970-01-20 01:35:31	Name: sync_cookie_csrf Value: 3099772001fake
.mc.yandex.ru/	1970-01-20 01:35:31	Name: sync_cookie_csrf Value: 327157230fake
.webvisor.org/	1970-01-27 08:47:31	Name: yandexuid Value: 7669003531647331008
.webvisor.org/	1970-01-27 08:47:31	Name: yuidss Value: 7669003531647331008
.mc.webvisor.org/	1970-01-20 01:36:57	Name: sync_cookie_ok Value: synced
.doubleclick.net/	1970-01-20 01:35:34	Name: DSID Value: NO_DATA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://leokross.com/_yMj/LQ.js Message: Failed to load resource: the server responded with a status of 502 (Bad Gateway)
network	error	URL: http://track.recreativ.ru/mtch.php?nid=6&psid=7075232810112230465&_lxrnd_=100921206 Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://gmp.luxcdn.com/tr/?psid=7075232810112230465&_lxrnd_=100921259&psid=7075232810112230465&_lxrnd_=100921259&google_gid=CAESEPFeTn92Czrp8SfQ-P0JlFw&google_cver=1 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

100widgets.com
adlmerge.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
bituk.media
buki-repetitor.ru
cat.fr.eu.criteo.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
coincryptobase.com
connect.facebook.net
csm.eu.criteo.net
fainaidea.com
fonts.googleapis.com
fonts.gstatic.com
gmp.luxcdn.com
googleads.g.doubleclick.net
img-cdn.tinkoffjournal.ru
informer.yandex.ru
kliningovyj-raj.ru
leokross.com
luxadv.com
mc.webvisor.org
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
podosinki.su
pxxifc.com
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.luxadv.com
share.itraffic.su
shop.aton.ua
static.criteo.net
sundays.by
tekhnotop.ru
tpc.googlesyndication.com
track.recreativ.ru
way2self.in.ua
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
www.podosinki.su
www.way2self.in.ua
track.recreativ.ru
109.248.237.37
109.248.237.51
116.202.113.101
142.132.202.70
142.250.184.226
142.250.74.194
178.172.137.201
178.250.0.160
178.250.2.135
178.250.2.150
185.233.39.242
185.68.16.18
193.176.1.9
2606:4700:3030::ac43:c5d9
2606:4700:3033::ac43:9890
2606:4700:3035::6815:3460
2606:4700::6810:125e
2606:4700::6810:5514
2a00:1450:4001:801::2002
2a00:1450:4001:808::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::18
2a02:2638::2
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:f480:1:26::70
62.109.27.135
62.76.25.27
79.171.117.17
80.239.201.77
81.90.181.184
92.223.84.84
95.211.66.35
95.216.99.229
00523ecff97d48b5638f38a529390ea536e4aebc5402f397197dd8ebba2f27e8
021accc9fdd578de30d046878593e4b01f06ce032e6c33e35ef02bee276d4748
041d0bfd5e5587f4e66e409ad9205d2ed8ead9582e3afb98611044380816108e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b685637b18e7f10923161cbfc3105454b0acbc10c8ad0dfd47d0ebb7c3c6997
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
1096fea53d5beadc2147df615d68b1b42e027593f425717981b965ddaa406ea4
154d6b9ef9acb788970a8dd3ea34b2e752356cb3dccf87f69f5dcaaf6547ef99
160942ab6f3cb2da7fbd38baf5302fe0119c030ea748dfde860c48f84e8baa2e
17830f4c96e1949e1d48c60c12ce45533ed0276f1310ebc083acc2c59a280af3
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
181c325dbe30aba2c5aa91e8847047e97799be2fea31d5ea2e4dc5df4094e485
1889e2916663887ecd40c94213f8b502dc7fd8cb72ddc063d36a671379b67805
1d725376b47e5eb497dfb5e99638f711d0e59d9ae71faa309a3843091504c192
20298498b69fc9c7dd131cea19e96a360b80bd80b4d4bee0be3ae69cc70fc080
217e1b04eacd2a5e7a3f034f71830451edc5268fb17f66e234e3bdbb9e0faa47
270307c80dde50ae8f690c7a3b2b8597d98623311f93681ab5189e179df61402
2a4b85ca6dd780bb8c0251e81cb94d07a11333c041f1e64bbe95b7a945383b53
2e0c883063b03ae249e74e449bf45d8c7416099377eb2888dc8ce320bcb581a6
2fba3578b87145f8399f4ad00ef5b3593649e3ae8572af547943c2228b429b3e
32dc44bd9356e41dffd1458e9a95c7c464693494a5e90a7a38d6be3ea62c359e
33d9025d057c9be3664a987e63cd9df728192c9ff8383b10c4f853aa8140a19d
35122e1d6d5452b3f8ff19a8127f9c090979e4309f0b4ed3154f145d6d98ef57
3a8d61ec4f9d08132d1e4d1dcd8fbf220c50d294ce07242737bc315562f2880d
3b074e5bf8f44106c818da9dda606ef7a9eaf8184056a149f2cfab835e4abcec
3de4aeb363469940e621ddf0908070ed772576975270a0d7884fde9db52ec809
3e4b4d396700e065d5d37bde974840cf2bf19565f8450785f0a869079b86bce9
429a39b5d5be375d2ef17c332187e24d6a34dfdc2f3ea1b3d39d892d423e449d
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
48ca13426dcc59e549df375ddcb9c51cd070d43457d4553d8a6b47b5a9123418
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ea65470b3930c46d36c89f4f3db45b677fb3c15b820de53959ce66ad4112d59
4f6cfba47365134e41de680a23af8c2c03e1cf33d8ebdc40c0b42704bc485abc
51dd6adf19e9a3c5a9a17081de5aee8f6e6ff3b6e0daf2edc4d46786aeeafdda
5343d3e721695927d444d88f94ffa3c0711ec7cd144cb010d8fc32f987ee3794
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
550ac245106b0935f2d104288a7d91bf63c38cf89e938ccbd19080f3ee22a727
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55b3aea51e49fce01128a7a934d6d5d36a90d9901561aece7495ae3d2499dd06
5787badee8f3f4ed6095a2936afb9f7342b5c5961970642d4d08b14d22479d7e
582b9ec1c30af4a7aa235f1a72fc994a55f63e93825e6377255876d99cd64318
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6626f213dc18ee45e252e417978b574bd4299cadaed1ba864b44265e19ed4669
67ec7b0ae530e005f4d7feb7a38dae76aa4c685f381261b6c9cbc49f4c0d6966
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69b786555f4b19834e5b64bc2dce695a8eead391dcae048e82f70b0c45e5a62a
6cf1732d6c6f193ec241caa248c8f62a00db9c2951ba55ec3c9f113e7f808798
6f7c82a273555cfe14aa1ace7e1882c24a414899751d612489dce53ab8bdc350
734944665ce14cd73676823ba2f40328031c9e1d3f118b2efb8e8d9e3cde7df6
76fb6a4c19dc2ccc8f7495ef95e060e614da0733952ae7dd88da315215aea699
79eb2eb16e9551b79e36e2e0ca5bc7baa2db0840a73d298918b95389e5d28900
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b9c44cf87a0ef3fb6de18543dc2d3bf2864b52d385f4bdcf1834ae3df4c44a6
7e173f916281f4b00dc6de63b6a69e1785cf33e6202cc09eb24d4798ce8891de
7ee803f8a7f72c686c75557ca7045e67f0690726daada84e9a84ec783f4fe960
8177c9cd189e3a98d42a8c82c4f0820fc89cc99e62d68a8923915d0be9f17510
8311281600a31962b95e21991d5c8f0e4befaf8ac36024acb3f5b11a8f95a6fe
8863046b7577f5366d7a43517b18730ececce868a343a71716ee247c7b75d20a
8ac59cc6828e61336a4a7259b9fd29c4440f5700882076c58242f411ed431b06
8be9e29e9716c3c3137df8427636ab60e4dad88533ab7cfcd01d43eac17d661e
8dbf44fc72c46162d2f8b054b0a156bdf4f550b35746606957203dc47d1c5ad2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a
97212b12104c856919d44f21b8cbecd7397e7ef9e698fa6a14b692a5408c302a
9c432c7d6da74e3072e355a6a2de778c31663c208a4bdf8e0783ba85b75fe6d1
9d52b8f5fbfd39cb15f2ca391398c1ad6d65612b321dcbfa9f0715a43f9be70b
9e9ffaf055ff6ad18fd2edd9829b14c5671a178c8ae91a852eb9382b014c9f86
9f0290c06f2c6f64d0ee106a94fa8b5416ae10ca75e8d90ed3cdc8e0890af8c0
9f5a8e751215fa9954205b5d64a5414cc9c96e4275ddd552acd4dac2ea5f6959
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a057c6e43de5a7f14956cc62c3ed2e22e5484d5fe61594ad32301ebf366ec37d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a223fe2b3d06907c2f0fa6d14d097ae0af8aa5691172312073ad6edc16b48401
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a442100377d2c7c94c3608a7a785ec70c87b849c6c1faf78757939f9d4c970ed
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ac529d240812c2725fdb0d65eeb2863c8523a42a9a684068b1620071a9b3af
a6acbcf8b6f128cd689868adc2787451f6114be57992ace33b325235ba24d207
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a83c3f260b750dfc47e4e5024eda4b4f80be0c0a3e0ae5111a3b0a799df64448
a84dc7d5290e88a80d22779e6c2de1ef73413fa6b573b00d021b21d840cc131c
a8af594e98124fdfb69db78da884375ca716f805d065ddea29cc4a025adacc09
a9928921bcce9e4f9c2596d8e2fd221b690dc553d495379ba0fe3096defc8005
ab499783a1c39ad52411b624b2e81d0c9fbb886b9abdce17ebf9344a42c0decc
b0b675f5e1b7c176080692a0cf804603f6ee2e3fd6bd6049d55a7a0c9ded0077
b1dd202355d105d5decce633f48db2749a76ae1e29771dec12b5338f6c7a0c7d
b25da06664536f2aa1996a59f6a993b02a9f9382e0c49c0429722ff687e02900
b3c60eb5382df55304fff473d7304b34032d3d78e1c4b1ca0acf0a151bf7da13
b3f6c6b1ecd1c79b3289035b660e537b8010d86ae9d5663b93d80019e6061716
b5026639059f689fcceeddefe8af1a6e26e5642a0fe1efaf02db641d97ca5b1f
b65e768ad857d2dbcd23f85179dfe007057a8931adf01c5385464849acb75603
b6636658309daf40633373d068662f1e248e0e5cc0131786b436074456cb88ad
b73b888af8a60d8e921890d08933a27268413e240ed8c54ad5b90ce67ab5b5bc
b7eaa8ea30f63924d6ff5c4b95cbb868cd9fc99aecd8c0abff5d64fe6ac316ec
b91d3b081a858473f2923c4a8e4a3ec66216b151194ded0cc4fc3b12a94e53ad
bad94c037d8579792c24642e9b43fd0999360be6d5c1d99cdd7eca505116d1a7
bcf0a15d58ec1ff3c24a98a256f779944de437b2baefd7529bcb4f916570740b
be7f32978141e5a016fd2b7cd959becfe9bbcc361ec92fd5884b86d53f85a7c6
c01ba3b7d2f8ff99aebf859857b4049bc6470d6ad7ab450db79f522c411f982c
c307d3d0f75db470a4ec4ea2888052a943dc2bc37c4953ee92012ace9456f481
c39d994e33ee115b35d7872dbea911a99508c74e34629725343b269b5d5233e4
c4c2dfd2723da41500a728731204f06460243ccfc3b5988ee5b4ed48833c666a
c4d24f6b27cc7ceea56fbec786bb1f486fdad9a1f998f760f76d1f44671e105c
c571c146ca5e8750a690ee9e2fe076f51e37aebcfbc50171d5f85d66e355a6fd
c640c6d4c7104b09736c8a8c26f666305963273ffcba78e63b7a06451461cc55
c6df1f67ffd26978bcacb3a3445a713ad2e3bf4992eba3081ad16b64a64e2e43
c7ac4453422564529f681b11b76e4398cf8756afdeb75a565a45b82927726060
c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
ca32702f36da9bdbaa5463f8e3db9b18d82f3ce8a630d18e8bde6b30a2582d20
ca7f23edc5a250dd23a0e499b3aa451f9dbc6bafc91faf8da2c7245bb05de1f7
cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78
cdc61b8df6e8af4f24e9acbaf8f4569dd1bf04fb2ae7424430627371478013d4
cecfbedbd64aed599a32b480f530a54d07d86cc3455c22e4921244caf699bfd3
cfb94e5ee3cf4cc864f0afd05660956b94cf3f42232c7ac5e119924713c294ad
cfd76f8f2b5ed21afc907b2a26e5a1bad5664c9e6deaac474b7e6790354bd282
d1955013dc0cb4bee5f7c1308ca2b38582de77d81f27809c535b168bbc716d7f
d651659afe38ac3181b568bfd952a9d5a9ef2a5ca826d8c2ca16f7b449fa1503
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7e3f3f9a87439492d58ee8a90cdc8741bd44e9f5ebc5a1be461ded2df7a155e
db8d470fcb7b5fe2a19a10083ea345b5e9f5e92bf3d62465fac44c73ef703449
df81f38227c0f8ea9501c0f4d77699313286628b455bc18817b486b7d2996e1f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3cb0985127ebd5ded1285ab9c33db80ceab550d14f644a12f100ba19f527965
e54b12f091001a29558f0c4c6e33fe512f71ba0215fc6630f6afc159f2ba40a1
e6831904cf2298ee15feee85c0b196c0d88093c1cd8ed30706006b0016a7401e
eaf885c5319ba9df600bceb678c7d3d635ce62bf25506f5622f6be001083a674
ebbf4f292a8418f3b6c75846f97f481a16454132e089ece9099cb92c1daedfd4
ed4e5d5940ae2ba7cd94e95b41cad12239d3462eb6e23ac9f8ebda18e337f99d
ee98562eed7d7a378016b2d3f26f8dd8242440049855b277341248a0b42e5291
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef72d72c3eb95429b38be5ca351d57e7bf27a2a9427942fc99c303159a4af855
efe60d3132396e59045e15ed5c74035c98ac27b363af49041b12706746af8b52
f0639bc38ae39ebb8e4bfd1a2e4d2b954cc441e68cb358db99222811bf7d22f7
f36654c4fc0df1a3cd1786b08ba11bbd67302624b1206028406244eccd1adb3d
f69411a65f3d7298cd4c116d0a7691c1a5667e243077669868e4ae8e85468222
f786d93125d562534ca1da96cbf560d589fdf9583fedf0aa21ebc18ecabdbbd0
f916c92a178aecebc952bea0cb8dc0bf8ddf9e92882273985144a7fd38d7dfa4
fa299f977b0c6d1ae285d7dc7d4b17876f8b6ddc063eefa410dc1d0fd1116908
fa5cf261fb891eac61832b2d0b405a3c5cb42bafe5f4bb033836471357a8be8c
fdecda5ee87b28e579c5b61ef0f86e7fff85c838ff0a06450feee13a5877ed0b

way2self.in.ua Open in urlscan Pro 2a03:f480:1:26::70 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

249 Requests

76 %HTTPS

52 %IPv6

35 Domains

48 Subdomains

43 IPs

11 Countries

3883 kBTransfer

7104 kBSize

23 Cookies

12 Outgoing links

Redirected requests

249 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 13 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

way2self.in.ua Open in urlscan Pro
2a03:f480:1:26::70 Public Scan

Screenshot
Live screenshot

Full Image

249
Requests

76 %
HTTPS

52 %
IPv6

35
Domains

48
Subdomains

43
IPs

11
Countries

3883 kB
Transfer

7104 kB
Size

23
Cookies

249 HTTP transactions
13 data transactions