gumoreska.in.ua Open in urlscan Pro
77.83.100.33 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gumoreska.in.ua/
Effective URL:
https://gumoreska.in.ua/
Submission: On May 25 via api (May 25th 2022, 11:47:53 am UTC) from GB — Scanned from GB

Summary HTTP 192 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 40 IPs in 8 countries across 28 domains to perform 192 HTTP transactions. The main IP is 77.83.100.33, located in Warsaw, Poland and belongs to ATMAN-OFFICE-INTERNET-AS ATMAN, PL. The main domain is gumoreska.in.ua.
TLS certificate: Issued by Certum Domain Validation CA SHA2 on April 17th 2022. Valid for: a year.

This is the only time gumoreska.in.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	77.83.100.33 77.83.100.33	24723 (ATMAN-OFF...) (ATMAN-OFFICE-INTERNET-AS ATMAN)
3	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 1	185.152.64.17 185.152.64.17	60068 (CDN77 ^_^) (CDN77 ^_^)
27	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
27	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 6	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
8 15	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
5 9	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3 5	37.252.172.36 37.252.172.36	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	34.243.58.169 34.243.58.169	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
16	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	52.4.130.30 52.4.130.30	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:26d... 2600:1f18:26d4:7e03:946e:138d:214b:806	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:215... 2600:9000:2156:2a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	44.231.35.126 44.231.35.126	16509 (AMAZON-02) (AMAZON-02)
3	3.122.23.61 3.122.23.61	16509 (AMAZON-02) (AMAZON-02)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2.16.186.25 2.16.186.25	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	3.125.7.203 3.125.7.203	16509 (AMAZON-02) (AMAZON-02)
192	40

21 77.83.100.33 (Warsaw, Poland) 1 redirects

ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL)
PTR: pl-rocket-da1.hostsila.org

gumoreska.in.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.152.64.17 (Prague, Czech Republic) 1 redirects

ASN60068 (CDN77 ^_^, GB)
PTR: unn-185-152-64-17.datapacket.com

sp-ao.shortpixel.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.74.194 (United States) 8 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.35.236.247 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.36 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.58.169 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-58-169.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.130.30 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-130-30.compute-1.amazonaws.com

adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:26d4:7e03:946e:138d:214b:806 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ipds.adrta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:2a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.231.35.126 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-231-35-126.us-west-2.compute.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.122.23.61 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-23-61.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.25 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-25.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.125.7.203 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-7-203.eu-central-1.compute.amazonaws.com

lm.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	654 KB
40	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 92 ad.doubleclick.net — Cisco Umbrella Rank: 202 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 284	185 KB
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	93 KB
21	gumoreska.in.ua 1 redirects gumoreska.in.ua	335 KB
9	serving-sys.com bs.serving-sys.com — Cisco Umbrella Rank: 1201 secure-ds.serving-sys.com — Cisco Umbrella Rank: 1864 lm.serving-sys.com — Cisco Umbrella Rank: 1981	83 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 557 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 530	8 KB
8	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 805 static.adsafeprotected.com — Cisco Umbrella Rank: 552 dt.adsafeprotected.com — Cisco Umbrella Rank: 504	96 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9672	93 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	250 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 264	228 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 240	5 KB
5	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 399 rtb.openx.net — Cisco Umbrella Rank: 1524	770 B
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	150 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 612	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1755	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1040	344 B
2	adrta.com 1 redirects adrta.com — Cisco Umbrella Rank: 1679 ipds.adrta.com — Cisco Umbrella Rank: 5060	947 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	10 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4630	914 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 354	456 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 947	356 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1128	463 B
1	doubleverify.com tps.doubleverify.com — Cisco Umbrella Rank: 490	162 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 789	648 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 46	1 KB
1	shortpixel.ai 1 redirects sp-ao.shortpixel.ai — Cisco Umbrella Rank: 18065	676 B
192	28

	Domain	Requested by
27	tpc.googlesyndication.com	googleads.g.doubleclick.net gumoreska.in.ua tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
27	pagead2.googlesyndication.com	gumoreska.in.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
21	gumoreska.in.ua	1 redirects gumoreska.in.ua
18	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net gumoreska.in.ua
16	static.criteo.net	ads.eu.criteo.com
15	cm.g.doubleclick.net	8 redirects googleads.g.doubleclick.net
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
6	www.googletagservices.com	googleads.g.doubleclick.net gumoreska.in.ua
5	secure-ds.serving-sys.com	bs.serving-sys.com secure-ds.serving-sys.com googleads.g.doubleclick.net
5	s0.2mdn.net	gumoreska.in.ua tpc.googlesyndication.com s0.2mdn.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	googleads4.g.doubleclick.net	gumoreska.in.ua
3	bs.serving-sys.com	googleads.g.doubleclick.net secure-ds.serving-sys.com
3	dt.adsafeprotected.com	googleads.g.doubleclick.net
3	static.adsafeprotected.com	fw.adsafeprotected.com googleads.g.doubleclick.net
3	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.googletagmanager.com	gumoreska.in.ua www.googletagmanager.com
2	image6.pubmatic.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	pix.eu.criteo.net	ads.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	fw.adsafeprotected.com	1 redirects gumoreska.in.ua
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
1	lm.serving-sys.com	secure-ds.serving-sys.com
1	ssum-sec.casalemedia.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	rtb.openx.net	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	ipds.adrta.com	ads.eu.criteo.com
1	adrta.com	1 redirects
1	tps.doubleverify.com	gumoreska.in.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	fonts.googleapis.com	gumoreska.in.ua
1	sp-ao.shortpixel.ai	1 redirects
192	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
telegram.me
vk.com
api.whatsapp.com

Subject Issuer	Validity	Valid
gumoreska.in.ua Certum Domain Validation CA SHA2	`2022-04-17` - `2023-04-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.doubleverify.com Network Solutions OV Server CA 2	`2021-11-08` - `2022-12-09`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-11-19` - `2022-12-18`	a year	crt.sh
bs.serving-sys.com Amazon	`2022-04-10` - `2023-05-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-05` - `2023-03-08`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
lm.serving-sys.com Amazon	`2022-02-15` - `2023-03-16`	a year	crt.sh

This page contains 28 frames:

Primary Page: https://gumoreska.in.ua/
Frame ID: B758920C303DB5E091F0D55B0353C3A6
Requests: 39 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220523/r20190131/zrt_lookup.html
Frame ID: 789ED442CA6C6F0BB66E50DCC8D63A69
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&adk=1812271804&adf=3025194257&lmt=1653379815&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgumoreska.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266501&bpp=3&bdt=375&idt=247&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8243374390886&frm=20&pv=2&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265
Frame ID: EB4BF87A9077E4EF1E33C9124584899F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266504&bpp=2&bdt=378&idt=267&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aXlrfypkgo&p=https%3A//gumoreska.in.ua&dtd=272
Frame ID: F0E9F6B513087DAF2EF91E81C543B62E
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266506&bpp=1&bdt=380&idt=306&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KIGojFSH19&p=https%3A//gumoreska.in.ua&dtd=309
Frame ID: 23EBDA09ADA379B006A2E4FFA57DD9A4
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318
Frame ID: 536B163C6B41EB896276D91F4556D010
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Frame ID: D141C8F8DEBE50637C7D31D212C8B528
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4XYgAOWyIFKN-TAAupb_ljHR9KzraLJAPIyw&u=%7C5ZMWlKK%2B3Bia1B6%2FRcXTXLUvAWUCfCQ%2BCSRvP9f9oHE%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxkpc6-zjlPVPR7akiQ8WiPVSpIkn7p715cBdnfCoOkee9YGCdAUOoZNjEJ131GhWVZBvcmd03yjJGrBRMueomGpFfZRZQSFXWxH3Rn5HmfDDdlp7Ns2NExv863DdlB08uwQOqyj4GqHts_cg4S8wvPW81PIFiOG7R0Jiye-cE7-N_NlD-U1v9LcIRHT6OaEvFvFZytdBOom04kgDoDiaupq9_4YTyCkVJcSuu9BJ7I6emgUC0HhbkYm9Zr4_YKhX57CbG2ksIHw4QX7XnoCHPP0NlZRJ4ZUUeEcT8AW-GDStohZs1FKB4z89Fi_KlaVJdkjlnibwOJPSDFu-PAwtHcPhljq3xRT-MBzCGx_3ebsbHsLCR_2BpRkh5aZtJR1P4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM7RWYheOYqK2OZO_o9kP79KucOSP0rFct8DJx9kBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQI1-JBalAy1PqgDAaoEvQFP0EmdI6LMu55hXXsgN7dGmuV57s4TtKNZmUFECUGwf7Miygc3NhnhpTB0HZjnXx1xBvMt86SMLmxugJ0wuZp4f-Y56ZvQ2RrHzEZbFGYlapQ113hcj4b-RWEokZlPI6-1Z7vM4P1lIs6OMKSss9MONV-xhx2iMMtw_7vWZVPGJ5CoAmR6LEdX5rl9sEyM1FPls92fBE_OCwkfmE7RG6l-CwTfvbZbkOEG4VGEpAvuNkXHd74d-mcX0OGpzY-ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H4_8B9CHKGhd251_nbpmBzkVheA%26client%3Dca-pub-9735848914219258%26adurl%3D
Frame ID: 19594F5A85B2F4E3FBB63287A0BC1037
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html
Frame ID: CF7D7BCB5B0028D3C0D99A78D028394A
Requests: 7 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27811680.336108188;dc_pre=CNzziKPK-vcCFfys3godiD0LKQ;dc_trk_aid=528517444;dc_trk_cid=171754254;ord=4291053352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=
Frame ID: 57442B31AAABF848045352E8EDA3CE72
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIvMz8UBMAE&v=APEucNW8eLOcVA7nFdO971rcjkJNemjQBrsZYPEouPEOZX0JzUL_TNio_8N4G6OL0BqXYI45YzHgtTIYNfv5K69tTAE6W8sdpnsxiDE2uMMn3xgiw7coxGtA8UYlM2EvMEY3Xkr5sinZmxFT1Uk7zcFl5Kohm0xqfXZLheXU9YvkAjs-6OknDIE
Frame ID: 101FDCAEE48A1CF2D4B65ED394DE26D9
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwIDz1NT36om4kS1CQoAYZIJLDTtWSYmSTQ8d9JDNLVaZMICTtq5CtutmgCcn6A7xdXOzvYmohw9G9hEUdFoHSvU0YhHWahqNuWP6sOIEVLamsHT4pe2Q4PwAauXlH5020MRGVlkKtzDyji_rlTkAvB9IVRg&dbm_d=AKAmf-BPvOO4zTLv_rhDLHAMstfep-LSy4DEsD4aOsmH_o_F5u9eX8bogMC3YC_cz3-sUNgW4_HGPcLSrDuMOMvRxtbyNBjL5fHBQxYLC8RLAwNAAqzRJQ2kE_sFgzgSv_LCSMju1nr5Pmfcq3dyjqPMyhfFFd3iMUYrEFr1WEIxGOFrMtBvSMEUR1OVK6YK8ivPmk5vfikjGHwZDSQmSuHNssur0m5VAyOaMbEYB31LlP4n8kzX9LxcfwUByQcR6kX4Ig-8SDIRzDAp1exN-QYmtFsNgTkyDot4lVJMAcnnbCa5BdQpNC_PUEzC6dUyF2KQEls-xx0nOzUQpr_l6QxoGe9VoGJikVtzJL3wRlbvF19K0ctsTS38LFQ71T8u_XRxO2YdDx1J5PIYtXWij7rmEgjvBryUw3LOuGU0nEEj6eHJ35Hgx3EU3l9v2IBJqCGBxij2noUIQA5JHUKlgU3O5ds7bn3_EJqslWYUzMoQL3gHX9rsTaM9PpYelYWEhWWaFphRbXCjd6KDFCKisgeIlraP0JwkgK9vduocmtPSN6c-PQZM3yaFkmQHT-9pP7_brDHUBSnbM8aCyD0BV9lKiE98Ve1dgeh8zuIusmptIChXlhxZ7j7cJj1_s3XUSyhLicicCGqWCBH566A9PJ5J9JkabN9_MqmGkgUG6_CnKJM6iAWtcXK9sPpf-fihl1zRob-kpsvT8-lfCnTnH9SarIO2EjT9gMwcY2C5KDBd3wF85jHxQPqWhloa8tDYqPjBCKwOw476UqoFZTy3mb8DSWPDIZ3880jid3isuHj6Cl_pwzAZNyKoKrL8jzjjIsOSdufOlzQ4P23bRo-4GxeRhhwydBBX_UwEn2nwm7-7VTaPdryRF3QoGqflPXTCheGPCUwQ8dM7tHzVqyYhvdNtLXNHEVlFvqv79ETkC6i-e7WosbwmGa2Ebt_7lLQODbgKCIez0vEh2Eu36tyTsxCiZ1GVxvIeUc8YgKH5Nb2frabbS4CuSlaP2MlwV-Y2rIoiZU9P_3Go7EpIWzeS895NyjCXdEG6QmD6pr4DxufJwlimaw1vm59z_fTyNqGStOdfuuMOgBVvWUYX7y5oC0NpOcyp-T7w8oa1ddFfFZOSL1p2GA7M13YdXgi_QISG1Nnem6tCJduwFVEqHfCY_ojxUeoJYKwKbZBMXg1RRJ2dsbenpmyN824xjg1HV1UvxK1s379Sn7SaBBOwyopEUKAChqAgI3xBcYIp-unjsvrhb3tktfuJqBp4jJ_mW-vBTOJEYpUvFsHDYl_DWfnV04wTvLnCfdITA7mXbWOBDaMiQqQTYM_rJHWj4omVRfP1rDyyhBMNWz-GPFQpYa1aILBFhJNJIAttLUSS7hTYDPYRpflkFlrpYLZw8WUtmjKV7RysJ-zaA0Jtvq5WNqUraUwUcqs7v9t6w83xKSiOKbSsXwsxEv9bfnDuWBtqFi-NzpwKI0WIKTyCEkiu6cKIKI44vnzC6iGArYlmCHUQcIcZM1-AXvh_iiFIKwrAMVKpxVAfM95kItoMjy53Tdwc7MvBUsGa0YvGzXv0XEcPkkbiWxmANjY324vd-7auZawDBJWHT9vfUEwZVZctWLfE0yz6hMand0HTkUofub9Rb2zplIJnoXn6WHBuraxdOx-a7Ril0ry6KQIxsWFi8mxICu1J8WJMYtaGxhl8UO5a16x1XVIZq8y0i6K-49Rbq_A1QaC9aWPbzsXrbXejg7E4UAwyzYSCemK4N81w-qvZHEPDIdwaG9ClITdaScd2VzJftOsYKHVROj25Pksrl5fgyGqXiYe-b8f-u7kcZW7x_Q4rIzRoGS3bzLCeve0RHkj0O_NMpi_SZnqfxWu3ghw5HA6imk22UzBE5fzY8vPEfwhvY1R7QBng994tk8JtdbU3mW4dBbeFq8j_Hl5ThilWxwB5ztR729_uZZ5PELa256nyzJ7aYe6oVQWvLjl9fviRakeiHmAAE1TCwunIg0IotJX4jaySmsuLmYkXQFlRQwI6Lh216f-vyKF3lHXzlsa3LgtKMHxvLVc_JoezSo03bz2aI-Z1AogL2chxrd4vYrdO9uucmmtq9xriJ8KXsKSfFITBk_A_QBSjo_7Mxk1NWwK7dobaTSseazTvjil3e43b96gpuan0EO3KLoSVDLVX-5fovmygPZUNhlic3_9TLeHdgNxs7hG9HS0-KMdRbN3zivfWNmiVm79wOkc6xAjGiT3Wcqbae1nqC_MOSYVmDfvG0jSa8lexfJ7OAlRDjTVHV5h2mU4Za0TxWKBNS0dHDGOtTbvDKmedObJYKmcClqgf0viWHmTaScMzQrc1PTg3u9_I7odg6HL6cCZRm51CHTCspp8Duv2Fn7vpJMziNMfvgu1lYA6DrejKARiE6WrFUK5A1QzU6v_ywV_CybdATwFys6eIYIE7JZiiayB1-DRhkw1ijX5Aa2_j6ifnJ39kl1twubyEzbfxO85VrtKU2pXkYU526esMBz5uWANQpYLqKtfWsHLHqMK8zorN3cBhOvgcjFN39ygKxlIvpq029RIlB5imTY5GeIFWokbFGCgCB5W7kqWStB6dqv8bNPj_Mka8pgFHtvL9jd0XEnT7O6W55kgQxmgIlVP-Q6VTxFp98B9EwZKXBPoebatsjD27_U7OFVcOayLdZrn7pEmThrVBXa-F0Zr0Idb0YOsDYGeG64cGBR7fOZvAkrCj2Zk5DFRwhdYIYi7WyedE1y-f8zQ8oqtlg1MDv4JlPOeSgjSDQUSwUfIZRSoiNxBNDPkj41XuCnsOG2NFYM5iIQvKfVNhjAAhfWEaq8ZAh6oIqiodHF_vR20fnvK0hZuXEiRVV-7QV3DxKzsg8yXbwK0iSzKaJMecZUhdgXo_R9a0V9mxjWUsBmGh7DUiT62S0Jz2BtXwgyrc8dw3DAAC6q0TOlBonGJIBSaUiPlJpldSEsrjvBdgcvrBvQS7xJqvJJE_xwaE2CJOQV0bRxcKgOOZuA8Uq0AAE83eTlzUWnBF1mZxlqSUiTGl_5fxuF9cM_NvtvxRiBPoFT_d_7bin6WSOZfPl4IoI93GzvZn3Za3Ktsj-qkFjHwG9g&cid=CAASBORoTS0&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Frame ID: 35260F1484F2DFE3458B3E4F67F8151B
Requests: 19 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4XYgAOYF8FKPSPAAOJeTdEXsGkLLDajMD9QA&u=%7C5ZMWlKK%2B3Bj94rzS4IBY5YXtjQFdSBGLEpVtrU1m0%2B0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvhlCtBCGtqTo4H7ltPR11hSXF-j0wHEC9S68KeW7iahhFMu4yL_7t0BBP2CCheMnvoJNiGcuzRMI0BTEZ3cygxR2nyE-cLoKN7v6aF11WtnPDv93clR2wYTFNHXJJHL2WVhSdwyaRjdgbt65YMkioMjATCVK2vnmJIq_EuD4tPkEsIMhMrg2lTzJCuq5dawPW8-pGUNv23GJ-_-JaoB_2ijnrI2yUBQaZhz2OD-ysO24NX23n-2_4CGkfp2hjsBEyEpH_DaXhrmPa-CnqKmFXtlGHr1w5Bg6p3NdhwrJjZh1cxSf-CKjLevwyzLVIEZ6RlqZbYXDcbrI3ABmfZi2NKc1XlbuzZ9uRH03Xj3hLMw8Byswfmy0n4_QoYu2P57HfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtTE4YheOYt_AOY_po9kP-ZKO0AXkj9KxXJ_Z5oSzAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCR8iXI3UCtT6oAwGqBLgBT9DhIYvzkwnecGHW9BGAI7RpstFLfLVhKuqz-ZASov8ncRiVAHQRwXOk-6NCrJa_Pvz39Sp5AFPtomlGhPUZvRprD0eLY05Yg0he_cjlN4qd1GU-M9-eVA42n__Brvui5jHZt3rnKEsT60Irzv_mlzf8hgzL8qUo3VLlubaeCL8ERCVCx9rgdPYQXdHRQbGzLifrO_YzfA_JpKBZ2MOEQ3kUZmMTdYcD-7-qPORd4_uod3FbvA99Y4AG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SY_357hggiQw3TVF9bc3zd2pyLw%26client%3Dca-pub-9735848914219258%26adurl%3D
Frame ID: AA5945F32E6947AF4BD98421336430B4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220523/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1BD3DE5981B91FAE5D9A00B96BDFFD7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D3CAE62222E865AB09DBC1B7DE0AB8DD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYw5qqygEwAQ&v=APEucNWyzxplnrT9PyJNFTeCQr99WbT6rQv97vWySXrKMdXJfLij1bX8Uhx5UEz4-OPUhr8C0nXumu-XWtuN7XOEBXbi8g2yyd5gQHg6vN0iprP-Bfl8Ij2kQX2hznkwaJ7a3XCNdvUKHf3BJ8CLRxj9UF57qfkdb0eV7zRE8UlgM3UXHTZJKMU
Frame ID: B5788CCC926BA1C5CAB949FC683D6F94
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2021.js
Frame ID: 5B0D3F4017474DAB8BDFD0FD77930B1B
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/62050916/20220317062459771/index.html?e=69&leftOffset=0&topOffset=0&c=utM3WiLWuV&t=1&renderingType=2&ev=01_247
Frame ID: 4E8C0AF3025F6E3E71CCA2DFC745E169
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5F3A4D64C6D3F492018BE9B6E505FC5B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CBF9D859A39C2B1A19322DB6B1867730
Requests: 2 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: E33E0D48DC601C0A7636DCCDAC029A66
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Frame ID: 326BB034B3879A2852133F937856E59C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6EA20B3DB02219BD3E328EAAF39357D4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CB3655A02FA4626F26EE801026121978
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLnVksABMAE&v=APEucNVZx9FeT9WaHcxOtiGXS1gDNZB1qXKNUcPHCs_FyRI-8kqKHw7aPRGO5IIzqJDxCGc4ViyoAyiXkt9BWkR6Yg2X0qglRtTU_9z-9vWEPcnO_RpAo-F8WIl-nBkGej5_CdfNDXXc4mUhv_F0Saa4P1t208NkwI0EXeJ4-9rv1-MFvoGjCjM
Frame ID: 03168F8EC455CF94D6C7851F4FDA7219
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqP1Ut2mSyGgfwfDLoMegcBF94UG7Y1ygwmfzgnZ93w-DqTy2o7YU6zM7eObETxCaTBgAH0xcmlOqlIDab6RXRGIiDSIzJUj3DajsYdhowI7ACjrTT2QeAQ5tD8aj6ylUQeyW3p7YAAxftikq8neqcdYVjCw&cry=1&dbm_d=AKAmf-C88LZ6lQ3lrveDTQzxwFJnU8QzEsy8ZGszSFlykDeiQRSaXPB79BxXL_A5Alv00JhPqtHImkh_p_9sFM05IRsBx-mR5qZGPPQ3D1FsPUcTjDoLM0IMyoonkTFoUKfQu3wKNqRrgmBRVvVXMBqohkBt76awkJ397isSChgY7X5oSgcW7FnY429dCxMswiqOFbpI_5GyMvzOfqxsTaDzxWGHYM2TG8rtUnhY3Bt7Cvseyp1gzbeLZ47b5tgNF8wtuMJoA10BVtuwsRLDWN4QCI3xMcUBwx25kBW2VT3TwblF2J1dJ5tLXrCB5xRiJ3IPiAL1GXmPoKzgvdmDL25sWOpmP5F4FI1lyNjPXTnQ623G2NHOchqsn8UWquY__9F5fduepuOeX1zSUAni7aZkwHdJNfIFGjIYQojCk_nS0pP0Iywqe6wXh1TYb1YmZRWcpgZ4Vy7DgZuZVhJGRBELmBWElv84YIG0k3-x-EVjhYXAgk8gQYm2sjxvJTyt8N77iZGpn7y3OHhcNoIHAnQRQ-BygtFF79b8Kg9O1Jl1F4OG3BbKERAhaW-06Q3VyJBNYCcFwwIr9q64kQkBUqU0T1GMCOwyfVzsOalv9CtT2z1wpYeFnObifxfoB4Ay5o7jL2X6HoSasAeICVb34yn0UKfKmFp9Lu01O5SrVNlPxd1Dk7rRfct83NP_pQJ23xJFITCrlFWI6etC-0aWlh2vE8xxv6DMxSns70unmkjKjry-mPgnp_EJDmzN9c5jeBUbcLO9hKj_R6InSOzA2sQplGiTpq1eF_KMWWzqHORqv627C8voC5mmWxSdV-cw-7ZqxvALSsTYjMRfLWwX9BbHTnyoW_wz7Tz4Wg6Nk-9euhannJ1hFO-x2qqRW_apdeSM9_Gln4S9DpPUWH-4xcCxbpcOgvoI5QL75WnokJiWdv1vDnKtcMOW8e5-N2Pv1hnnw8mHDzbtuzpxo7JWrDyywdLSXKYLYceX23Y_o4t5RyB5yX5-p9aR5rmV--LJ3kOof1E_BdmThs3XfdB3WxTzkSOV0P-_71rJgBU9Dh9O7Wf3ZTpZy7P3vnINLa9hnfSmDBeQiq7p96uMQ5cFJVZch--xefyHtLw1P0gSve8OoEi-ZNTsGmH4AkxezoiuJLG_KwgdLXjX-TEVnY53krMS8gGQJhe8XEhicJpTerIYTHQZDpEIvuC8eOFOfKIeQxIBIYsVbrHSPJrT1_FrafhStR7I1zrmyshaUDoNK_zadcG4aDCQzkO4aUUVxDJNPCJmo4XPVyrcndOGj7L96y06vHH0ObcvRNcCoNUBXOfCuybQavuWsfSc9nO-C2gyibNHRPYnm415s23bh4CTmMGzFYoUoram-jRTn0tmlqcutjNe6HSKHBZf23ykJhpl-NhbB7QwM6hLFtoxDHmcsAYj2ezfp6eiJTKZMF-M-8goaxm8ZkXfdRFuAfyTdW0hdmfoEJag-b7nhR3xlNNUS-90uRIoHGvTwUhQtoZv1_Peh4ZGneaqtkgEvKvEBvDHog_qG-JwwWJH0qFnwSAkORVVN1zC_CUGJ1rvK1wvMZVa9gbGrbSWrut3jImHceMBu1dOgOqV0PZX8PfZnP-i2MNZyYU9iJ1z8hCMPBKmGk1JqitbnASjqJa0oXcs_-RBLPwfSsIv32OewBl022IET8o5UTzELAy6lNs0XUOnm-SY6NaB6yjpEI3JJ-b5vyuXsK9X5y83na7y3lt-zLL35FeLXWK4UUTaMSQlNwsSYf5DAL75PtKcVdMeYNDUTGNTjc0l80YLwZozr2k6AQtqMHw1gC6Cl_bwZiy9q2VSCBbSdlFg36CPL4bFLVUWjVNhRdTWuzDA-xs8bkDriN43ekEw0qN9mZp4GpYujkmFkEam--deOlJlOXkIBfQkMDu5NAClUgLSglbOTxQj563sHE7erZwRJwjVcEu-zWtBqykyxWeij0wGNSPvgVqhAPw64ZuemWi_TcSRcYfNyqlZUx_71_n2-5ZN12YIxu6Sw3s_oQpLJiwxUj0VgQy00C_t3mVd0E9A52Ct0rcUp1CGjBiLxvFRZ8m8LCtUhGM0EbzSIm_f6v8CqAJQrvqCta0Seipu9Weod94ZRH_QEnB07vw7Vo2Xbcbw_XMjIho3PWFMPAzbAHOy77dFrhQGJprZKxlTYoHyRfHTk0JO6_BpwKqzrwHPSENNFM85xD9zxdJYwo9pSi2LjECyu_kyF5OPweE_pri_HHdeSsSEn3Icp92JKk4Y4fJcixsmz5-ZzEjoTYQDXLd2BjtMLXB4R381gstO-tjLtp_GnSVwSlsR8t1Y6n0oG8XbnRMsxOfnvuujNAyioYAmMUirerN8OrwQCJML-8xwqnXJIej0ABNaClhdYzfu-BVBINwKWiXFsy9sG4cxgkGpIpEtYFkvYSws6vyj2deSo6yVWInQv5R_r-yA8d8LBqJZy-AScx19us83ZiCoha2f_e7u7Ts9ZDj-HIawRmluv3b2dAB5em1DZMvorZl-fmiznisUr_7DqapDKVjO7eANSZqvXIiy6IcJNhi64ZnfrJJHhKbrowyIHD-UP-vLeQPoj0Mq6yZq1SM7qwhv4OaQ0v3fqkiaj_iZlB-oxhS-bo-sY6AkMT3rwoGCLOwc9QV2ZxnS6XAjCHNY8br5-brv7r_BTijviFJgq4dQtB6MCjf_i3bsEbD5xoY9raVZPubiDsacpwgeOP8ysAm7oVkE3Xh04i0ZZHh53mluGjrQOIavfiHEWCXMzCKsVa0i1Xua9H4ay0hNDoFUIbYjX-8i_d5gcMPiBZ3qhuP4FjZTW7EuD8xeRXXOVxH7NoueOckWt_sl1l4MvX8KrSshFXcTxutpGOD7SI6g7nCDVaoEKTzHmSQbuwEPSfJjeqv3K4gaTKSgSEf6FMbU77gBm34JufGoTWqhIpy9Npjupp87eSs8ArgumUXvkJhIRPlnMfcJEJ6Z11VvfkC2AmXht4DFxxjGWcF1nuJcdxikWT8pGrt525mCYs2XOVkcO_Fy4kvOqhsdieOn3EGlglA-5b1Np6y9-rF_5lYcyPyUwaickod_VUlh3KpQJxeXN9J1iQ5yd1TEErC9VycwmgKfibEUqjN1FxNGucq8COEbF0S70yJIz43_rryRCvWxv06lcuR35SKuVK7oSdARzJHee3x67l_4zf8MO6sTf9hjqqV8oMesHOe7dei14XYDAaM2jhDSECDkf_iHhWnMiBk4_8Bcp74axA9T-ZivCtIgLyRERJ5bgX_dTYjpiwBElfH3js1JsTD-bGqGN82VrySGOoxjnQjh4xAdJCSgylNME0XhezY0jli0XH1mhQM8s86R0SX_yG6ZqxbbWo6NCxig3Ij-AWyR4l86nQAC8Vu0OVgcrvpvMYooANJaIgSBfF1sIB0a_pC33-IntdrkCWALuMgfrpfoNbikXJOOhBdpgJ0gy1uO9gpzShnQ303l9-C0CZLT5cbWonY-BfSWsgBGali_uwqGTWxTOBnwIjUGtjH_JlTq&cid=CAASFeRoMZS8pMTep8fLa86zNeNvebQRuw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240
Frame ID: 6EA57AC8193F1A97CA0E6860CC4F85DC
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CC6D3DAECD4E09633C6901DF4D0433CE
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 883626D1A909B1CFAFC328864DB414C7
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Онлайн бібліотека Gumoreska: гуморески, байки, казки, вірші

Page URL History Show full URLs

http://gumoreska.in.ua/ HTTP 301
https://gumoreska.in.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Page Statistics

192
Requests

90 %
HTTPS

43 %
IPv6

28
Domains

45
Subdomains

40
IPs

8
Countries

2208 kB
Transfer

5795 kB
Size

31
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https://gumoreska.in.ua/

Search URL Search Domain Scan URL

URL: https://telegram.me/share/url?url=https://gumoreska.in.ua/&text=%D0%95%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0+%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD+%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0+Gumoreska

Search URL Search Domain Scan URL

URL: http://vk.com/share.php?url=https://gumoreska.in.ua/&title=%D0%95%D0%BB%D0%B5%D0%BA%D1%82%D1%80%D0%BE%D0%BD%D0%BD%D0%B0+%D0%BE%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD+%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0+Gumoreska&comment=%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8+%C2%A0%D0%9F%D0%B0%D0%B2%D0%BB%D0%BE+%D0%93%D0%BB%D0%B0%D0%B7%D0%BE%D0%B2%D0%B8%D0%B9+%26%238211%3B%C2%A0%D0%91%D1%96%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D1%96%D1%8F+%26%238211%3B%C2%A0%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8+%D0%BF%D1%80%D0%BE+%D0%BA%D1%83%D0%BC%D1%96%D0%B2+%26%238211%3B%C2%A0%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8+%D0%BF%D1%80%D0%BE+%D0%B6%D1%96%D0%BD%D0%BE%D0%BA+%26%238211%3B%C2%A0%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8+%D0%B4%D0%BB%D1%8F+%D0%B4%D1%96%D1%82%D0%B5%D0%B9+%C2%A0%D0%9E%D1%81%D1%82%D0%B0%D0%BF+%D0%92%D0%B8%D1%88%D0%BD%D1%8F+%26%238211%3B%C2%A0%D0%91%D1%96%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D1%96%D1%8F+%26%238211%3B%C2%A0%D0%9C%D0%B8%D1%81%D0%BB%D0%B8%D0%B2%D1%81%D1%8C%D0%BA%D1%96+%D1%83%D1%81%D0%BC%D1%96%D1%88%D0%BA%D0%B8+%C2%A0%D0%9F%D0%B5%D1%82%D1%80%D0%BE+%D0%A0%D0%B5%D0%B1%D1%80%D0%BE+%26%238211%3B%C2%A0%D0%91%D1%96%D0%BE%D0%B3%D1%80%D0%B0%D1%84%D1%96%D1%8F+%26%238211%3B%C2%A0%D0%9A%D0%BE%D0%B7%D0%B0%D1%86%D1%8C%D0%BA%D1%96+%D0%B6%D0%B0%D1%80%D1%82%D0%B8+%D0%92%D1%96%D1%80%D1%88%D0%BE%D0%B2%D0%B0%D0%BD%D1%96+%D0%93%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8...

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?text=https://gumoreska.in.ua/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/gumoreskaua
Title: Facebook Підписуйтесь на мене!

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gumoreska.in.ua/ HTTP 301
https://gumoreska.in.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_165/https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png HTTP 302
https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png

Request Chain 45

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27811680.336108188;dc_trk_aid=528517444;dc_trk_cid=171754254;ord=4291053352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27811680.336108188;dc_pre=CNzziKPK-vcCFfys3godiD0LKQ;dc_trk_aid=528517444;dc_trk_cid=171754254;ord=4291053352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=

Request Chain 64

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP9cENcuOXiTWn37aKBABg&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP9cENcuOXiTWn37aKBABg&google_cver=1&C=1

Request Chain 65

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yo4XY2Se.mDgxD1dySoSSQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1&google_hm=2

Request Chain 66

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFv-buBylYH9L9kitqy0evw&google_cver=1

Request Chain 67

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0MzUzMDQyMzk3OTgxMTM1NQ%3D%3D

Request Chain 100

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1

Request Chain 102

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yo4XY2Se.mDgxD1dySoSSQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1&google_hm=2

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEJasIO7t1vi0geIazK-vzkU&google_cver=1

Request Chain 104

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0MzUzMDQyMzk3OTgxMTM1NQ%3D%3D

Request Chain 118

https://adrta.com/i?cb=628e1761ed37afc880c4a176d5c1afa0&clid=co&paid=co&avid=2378&caid=307306&plid=11117111&publisherId=141477&kv1=1160X280&kv2=https://googleads.g.doubleclick.net/&kv3=d36b1949-4de7-4caf-9fd7-d4d6fab85a42&kv4=2001:ac8:21::&kv7=314&kv11=628e1761ed37afc880c4a176d5c1afa0&kv12=1129791&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web HTTP 302
https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGIBHAJMLMMLNKGJGNNLJHJML@FNLHKOOHKMIIHBLLJNKMMFGQFHJFIPEKOAGKJKKLPJLNFGKBGLNMJMFQJIKKJHLIKKJBILKHIOPGMPGHH@HBEBH&cb=628e1761ed37afc880c4a176d5c1afa0&clid=co&paid=co&avid=2378&caid=307306&plid=11117111&publisherId=141477&kv1=1160X280&kv2=https://googleads.g.doubleclick.net/&kv3=d36b1949-4de7-4caf-9fd7-d4d6fab85a42&kv4=2001:ac8:21::&kv7=314&kv11=628e1761ed37afc880c4a176d5c1afa0&kv12=1129791&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web

Request Chain 137

https://fw.adsafeprotected.com/rfw/st/991453/61640716/skeleton.js?ias_dspID=3&ias_campId=27074181&ias_pubId=pub-9735848914219258&ias_chanId=1&ias_placementId=16471451744&bidurl=https://gumoreska.in.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gTkJ62OqdLJzqN6UsJ2dJh&adsafe_url=https%3A%2F%2Fgumoreska.in.ua&adsafe_type=g&adsafe_url=https%3A%2F%2Fgumoreska.in.ua%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9735848914219258%26output%3Dhtml%26h%3D250%26slotname%3D3497597976%26adk%3D4253229104%26adf%3D3524019181%26pi%3Dt.ma~as.3497597976%26w%3D332%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1653379815%26rafmt%3D1%26psa%3D0%26format%3D332x250%26url%3Dhttps%253A%252F%252Fgumoreska.in.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.%26dt%3D1653479266507%26bpp%3D1%26bdt%3D381%26idt%3D321%26shv%3Dr20220523%26mjsv%3Dm202205190101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C1160x280%252C808x280%252C808x280%26nras%3D1%26correlator%3D8243374390886%26frm%3D20%26pv%3D1%26ga_vid%3D1441253783.1653479267%26ga_sid%3D1653479267%26ga_hid%3D1782647438%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D1068%26ady%3D503%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44761793%252C42531557%252C31067628%26oid%3D2%26pvsid%3D1002224364046702%26pem%3D54%26tmod%3D2031833035%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D5%26uci%3Da!5%26fsb%3D1%26xpc%3DBlodd5nRZm%26p%3Dhttps%253A%2F%2Fgumoreska.in.ua%26dtd%3D323&adsafe_type=bd&adsafe_jsinfo=,id:8a998bc6-dcd9-05c3-4d8b-b3aea20e2e45,c:dCRSp2,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-58499bf7cc-j66dv,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,nbld:0,mtim:270,fm:t6Quv6C+11%7C12%7C131%7C141%7C1511%7C1512%7C161*.991453-61640716%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:283,oid:7f72b2bf-dc20-11ec-a4f8-220f782ebeb4,v:19.8.309,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 168

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAoLQQAxEoJ6c_GH1C_RHLQ&google_cver=1

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMoS-XgdW1eBcXNQbPowDS8&google_cver=1

Request Chain 180

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKUDjlqIBmxWS-RV8xfpt8UsJ8GLMiIEXFqjFJYWE4FEEw3ZPMfY0nf9zWuB6bMcm-2k_OZcjtPH3YVs0PGOx0kYXU2g4In&google_gid=CAESEH8exd8IvoN36XUYCBWgY8k&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKUDjlqIBmxWS-RV8xfpt8UsJ8GLMiIEXFqjFJYWE4FEEw3ZPMfY0nf9zWuB6bMcm-2k_OZcjtPH3YVs0PGOx0kYXU2g4In&google_gid=CAESEH8exd8IvoN36XUYCBWgY8k&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjUxMTQ3NTEwMDAzMTIwMTQyNDk3MA%3D%3D&google_push=AYg5qPKUDjlqIBmxWS-RV8xfpt8UsJ8GLMiIEXFqjFJYWE4FEEw3ZPMfY0nf9zWuB6bMcm-2k_OZcjtPH3YVs0PGOx0kYXU2g4In

Request Chain 183

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELm2cHGAgU2xiHHqzVFjCk4&google_cver=1&google_push=AYg5qPLqPHg0JgjneZhd3h1CXCzlmuOBZpTAezTa3vXso9ogEjesHWDJug4ooM_9in5hO6VwYT2BIohu_TdZNrke3el7KfDZJFiY HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELm2cHGAgU2xiHHqzVFjCk4&google_cver=1&google_push=AYg5qPLqPHg0JgjneZhd3h1CXCzlmuOBZpTAezTa3vXso9ogEjesHWDJug4ooM_9in5hO6VwYT2BIohu_TdZNrke3el7KfDZJFiY&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GDvuIDL_Q0uvU1yzvgpDMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqPHg0JgjneZhd3h1CXCzlmuOBZpTAezTa3vXso9ogEjesHWDJug4ooM_9in5hO6VwYT2BIohu_TdZNrke3el7KfDZJFiY

Request Chain 184

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBCWKN8mEmHX0CQQOq8MQ8E&google_cver=1&google_push=AYg5qPKlaCgVuSpOEny8PSXzwfI4ExMsKv5T1V_dk2d_kU7C06fMpc-sh0bXcjUVaCf-xGfi9wIhdf23WVfYBJ0nxufV4pTKd4k HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMSVY2S1otOS0xQVZJ&google_push=AYg5qPKlaCgVuSpOEny8PSXzwfI4ExMsKv5T1V_dk2d_kU7C06fMpc-sh0bXcjUVaCf-xGfi9wIhdf23WVfYBJ0nxufV4pTKd4k

Request Chain 185

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFEbCHGtxojsOT1dWi5G-B0&google_cver=1&google_push=AYg5qPIue4MJfs0oBShUc-C_1Kbf6R-dIl-IOSbVBJM100ZE86qnXTcwtBRB_t_3Sw--qdmDBGzyFgfB8g0_Ygf5_h1grAeSycTY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo4XY2Se-mDgxD1dySoSSQAAB0AAAAAB&google_gid=CAESEFEbCHGtxojsOT1dWi5G-B0&google_push=AYg5qPIue4MJfs0oBShUc-C_1Kbf6R-dIl-IOSbVBJM100ZE86qnXTcwtBRB_t_3Sw--qdmDBGzyFgfB8g0_Ygf5_h1grAeSycTY&google_cver=1

192 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
gumoreska.in.ua/
Redirect Chain

http://gumoreska.in.ua/
https://gumoreska.in.ua/

386 KB
63 KB

172ms
56ms

Document
text/html

77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 65912c2446c2c863ea5e434169232ac7f8f720593bf79c6036fa3f2abb9728c7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: br
content-length: 63644
content-type: text/html
date: Wed, 25 May 2022 11:47:46 GMT
expires: Mon, 29 Oct 1923 20:30:00 GMT
last-modified: Tue, 24 May 2022 08:10:15 GMT
pragma: no-cache
server: LiteSpeed
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
content-type: text/html
date: Wed, 25 May 2022 11:47:45 GMT
location: https://gumoreska.in.ua/
server: LiteSpeed
vary: User-Agent

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 112 KB
42 KB 146ms
56ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Z22TQ8

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2dc399c8db705fc1b29b9cb04ef0e2144b9ea28d3e5483d4b5e5de914bdc47a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42918
x-xss-protection: 0
last-modified: Wed, 25 May 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 25 May 2022 11:47:46 GMT

GET
H2 200 fontawesome-webfont.woff2
gumoreska.in.ua/wp-content/themes/veen/assets/fonts/ 75 KB
76 KB 58ms
57ms Font
application/font-woff2 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/themes/veen/assets/fonts/fontawesome-webfont.woff2
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://gumoreska.in.ua/
Origin: https://gumoreska.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
last-modified: Thu, 20 Aug 2020 18:28:12 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/font-woff2
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 77160
expires: max-age=A10368000, public

GET
H3

200

logo-g-165.png
gumoreska.in.ua/wp-content/uploads/2021/10/
Redirect Chain

https://sp-ao.shortpixel.ai/client/to_webp,q_glossy,ret_img,w_165/https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png
https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png

10 KB
10 KB

57ms
57ms

Image
image/png

77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to Show image

Full URL: https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H3
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: a2f085163f7ed9d5df9e579bde6589a6dd605b62a9e6bfdeb086b136c74380ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
last-modified: Wed, 27 Oct 2021 15:01:14 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 9745
expires: max-age=A10368000, public

Redirect headers

date: Wed, 25 May 2022 11:47:46 GMT
cdn-edgestorageid: 887
access-control-allow-origin: *
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-cachedat: 05/24/2022 20:28:19
cdn-pullzone: 257218
cdn-tag: 0; Domain: gumoreska.in.ua; 302
content-length: 0
server: BunnyCDN-CZ1-887
pragma: cache
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-proxyver: 1.02
cdn-requestpullcode: 302
location: https://gumoreska.in.ua/wp-content/uploads/2021/10/logo-g-165.png
content-type: text/html; charset=utf-8
cdn-cache: HIT
cdn-uid: ceac3dab-9909-4315-8d54-a27751b54dd0
cache-control: public, max-age=86400
cdn-requestid: f6994832effdf4efe2a3c86c6785e57b
cdn-requestcountrycode: GB
cdn-status: 302
cdn-requestpullsuccess: True

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 140 KB
51 KB 157ms
69ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

206f04b942d9cbaf682b101e328129a1b0f89176a6b91c225ea23573e342812a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Origin: https://gumoreska.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51450
x-xss-protection: 0
server: cafe
etag: 11776397896532778602
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 11:47:46 GMT

GET
H2 200 kn0c.css
gumoreska.in.ua/wp-content/cache/gumoreska.in.ua/wpfc-minified/1bt90yh4/ 30 KB
6 KB 104ms
104ms Stylesheet
text/css 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/gumoreska.in.ua/wpfc-minified/1bt90yh4/kn0c.css
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 43cc4405f112007891ce897704a3c51090f06518ec5f412abdc41a6946972723

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:59:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 6546
expires: max-age=A10368000, public

GET
H2 200 kn0c.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/ 87 KB
30 KB 102ms
100ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/kn0c.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: d70c2766b7c42f0b2418b6ea551262fb3750ec117c5183e02a388c2bb6a34b4d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:59:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 30223
expires: max-age=A10368000, public

GET
H2 200 kn0c.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/dsdtja46/ 11 KB
4 KB 106ms
103ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/dsdtja46/kn0c.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 6cd9dcadb5a76a70af536b935023e99ee8e851bbf6913eac749abc254272c036

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:59:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 3945
expires: max-age=A10368000, public

GET
H2 200 kn0c.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/qvbwl34w/ 3 KB
1 KB 106ms
103ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/qvbwl34w/kn0c.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: ef47db6f7de15432f0ef629e32f414d08c3b0043a02bae98e9d498caffdec420

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:59:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 1259
expires: max-age=A10368000, public

GET
H2 200 kn0c.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/kkws8pzc/ 7 KB
2 KB 106ms
103ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/kkws8pzc/kn0c.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 50d82014097d60e740173746edeb6cbcfedd31a3006e2ff34954435284fd663a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:59:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 1669
expires: max-age=A10368000, public

GET
H2 200 kn0c.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/8mlq88pd/ 1 KB
611 B 106ms
103ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/8mlq88pd/kn0c.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 4563cd1462210ae5ce2caf2ae9f5568b5ccfd8cfcb57c1a3c9cab732687a6f94

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:59:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 578
expires: max-age=A10368000, public

GET
H2 200 kn0c.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/lpnrz4fk/ 25 KB
6 KB 106ms
104ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/lpnrz4fk/kn0c.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 7a5f808ab3e1d2ecf9ae2f1cc8528b9043d988d489f51f98719ad8948cf8b89c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:59:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 6063
expires: max-age=A10368000, public

GET
H2 200 kn0c.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/zc93027/ 174 KB
46 KB 106ms
104ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/zc93027/kn0c.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 19be0b2a57a018298533c06588dabd658bff8fb35de91f1cd0127686ccdc0d5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Wed, 27 Apr 2022 11:59:30 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 47199
expires: max-age=A10368000, public

GET
H2 200 4lzbb.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/g5st8d7r/ 36 KB
9 KB 154ms
152ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/g5st8d7r/4lzbb.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 04471a19851d1bd80c63586258e952df84a5b9ee31e9552a9d6c8be2a5d3592a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Mon, 23 May 2022 06:40:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 9250
expires: max-age=A10368000, public

GET
H2 200 4lzbb.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/7ahwqnzl/ 19 KB
6 KB 155ms
153ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/7ahwqnzl/4lzbb.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 9f77f47af2cbbef45f776a30aef7b5ffcc107181ccb8fc07761e6cdb9efa78f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Mon, 23 May 2022 06:40:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 5887
expires: max-age=A10368000, public

GET
H2 200 4lzbb.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/rurwfww/ 37 KB
10 KB 154ms
153ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/rurwfww/4lzbb.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 73c42d1190408001106121e223a86bddf1750b6ec887b3369a3e62fe84c76057

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Mon, 23 May 2022 06:40:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 9741
expires: max-age=A10368000, public

GET
H2 200 4lzbb.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/6y1dpho0/ 1 KB
621 B 154ms
153ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/6y1dpho0/4lzbb.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 3b79d583caf65f067bf6eb7e0f6dd1570470467f8842d60c714c6bc3025576fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Mon, 23 May 2022 06:40:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 588
expires: max-age=A10368000, public

GET
H2 200 4lzbb.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/f5754n28/ 70 B
101 B 154ms
153ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/f5754n28/4lzbb.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 21a255600c3db0fc218dd70d517547e470f0d15883870a880da4013b94c6c5f2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
last-modified: Mon, 23 May 2022 06:40:07 GMT
server: LiteSpeed
vary: User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 70
expires: max-age=A10368000, public

GET
H2 200 4lzbb.js Show response
gumoreska.in.ua/wp-content/cache/wpfc-minified/lozsipjk/ 5 KB
2 KB 154ms
154ms Script
application/javascript 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/lozsipjk/4lzbb.js
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 882694532f0d27cd63361bc581224c2dd19f063f6d91b6dd80bdbb53bcea9eff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
last-modified: Mon, 23 May 2022 06:40:07 GMT
server: LiteSpeed
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 1643
expires: max-age=A10368000, public

GET
H2 200 inactive.svg
gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 238 B
305 B 114ms
114ms Image
image/svg+xml 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to Show image

Full URL: https://gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/inactive.svg
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
last-modified: Mon, 23 May 2022 06:38:37 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/svg+xml
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 238
expires: max-age=A10368000, public

GET
H2 200 active.svg
gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/ 246 B
278 B 116ms
115ms Image
image/svg+xml 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to Show image

Full URL: https://gumoreska.in.ua/wp-content/plugins/kk-star-ratings/src/core/public/svg/active.svg
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: bed6cef3a2a83b0bfc42310907aa856549a86c15b7f3103d936c3d436bdd0655

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
last-modified: Mon, 23 May 2022 06:38:37 GMT
server: LiteSpeed
vary: User-Agent
content-type: image/svg+xml
cache-control: public, max-age=10368000
accept-ranges: bytes
content-length: 246
expires: max-age=A10368000, public

GET
H2 200 fontawesome-webfont.woff
gumoreska.in.ua/wp-content/plugins/print-post-and-page/fonts/ 64 KB
64 KB 113ms
113ms Font
x-font/woff 77.83.100.33
ATMAN-OFFICE-INTE...

General

Check archive.org

Download Go to

Full URL: https://gumoreska.in.ua/wp-content/plugins/print-post-and-page/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 77.83.100.33 Warsaw, Poland, ASN24723 (ATMAN-OFFICE-INTERNET-AS ATMAN, PL),
Reverse DNS: pl-rocket-da1.hostsila.org
Software: LiteSpeed /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://gumoreska.in.ua/
Origin: https://gumoreska.in.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
last-modified: Mon, 25 Mar 2019 16:54:20 GMT
server: LiteSpeed
vary: User-Agent
content-type: x-font/woff
cache-control: public, max-age=0
accept-ranges: bytes
content-length: 65452
expires: max-age=A10368000, public

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 139ms
50ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans%7COpen+Sans&display=swap

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17ab18efb06d6e99214141753b3d058c23239473ac62acdbe307faba26c88c82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 25 May 2022 11:47:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 25 May 2022 11:47:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 25 May 2022 11:47:46 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 103 KB
40 KB 137ms
55ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-131431071-1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Z22TQ8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7437cbcb36e9f74c1634b3c5b3f6ed625a4207b27b33cb7e00b4ee0ca77c4edf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40463
x-xss-protection: 0
expires: Wed, 25 May 2022 11:47:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 316 KB
113 KB 149ms
67ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9968816b26563fa1858c9627dbde9f80ca44437d0fd310772b1fa7d2e089f77b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115455
x-xss-protection: 0
server: cafe
etag: 7800024817246880327
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 May 2022 11:47:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220523/r20190131/ Frame 789E 10 KB
5 KB 132ms
44ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220523/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9735848914219258

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 36011
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 01:47:35 GMT
etag: 3347421328414474149
expires: Wed, 08 Jun 2022 01:47:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XD2CSE5HNH&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131431071-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

74b1c71319c781e28f3faafb579bf375b20d5292a4e0904581a5bfb686dee8e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69922
x-xss-protection: 0
expires: Wed, 25 May 2022 11:47:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 219 B
648 B 196ms
52ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gumoreska.in.ua&callback=_gfp_s_&client=ca-pub-9735848914219258

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-9735848914219258&plah=gumoreska.in.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

81793db9b3623360b1c454a4c5b8a03f54f392e355e841fcabf1de95421bd5bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 150ms
49ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=gumoreska.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 143ms
49ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gumoreska.in.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 11:47:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame EB4B 85 KB
34 KB 580ms
499ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&adk=1812271804&adf=3025194257&lmt=1653379815&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgumoreska.in.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266501&bpp=3&bdt=375&idt=247&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8243374390886&frm=20&pv=2&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=265

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95897a93ea857f25e92442aee83961bb0e91ef60ed306d4b359bab6ead422934

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34961
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
expires: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F0E9 23 KB
10 KB 547ms
476ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266504&bpp=2&bdt=378&idt=267&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aXlrfypkgo&p=https%3A//gumoreska.in.ua&dtd=272

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50c97905c37e0a6a473efd962e67194321451ceec82f7cef77c1ba18d52e72ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9891
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
expires: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
171 B 147ms
54ms Ping
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XD2CSE5HNH&gtm=2oe5n0&_p=1782647438&_z=ccd.NNB&cid=1441253783.1653479267&ul=en-us&sr=1600x1200&_s=1&sid=1653479266&sct=1&seg=0&dl=https%3A%2F%2Fgumoreska.in.ua%2F&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Gumoreska%3A%20%D0%B3%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8%2C%20%D0%B1%D0%B0%D0%B9%D0%BA%D0%B8%2C%20%D0%BA%D0%B0%D0%B7%D0%BA%D0%B8%2C%20%D0%B2%D1%96%D1%80%D1%88%D1%96&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XD2CSE5HNH&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:46 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gumoreska.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-131431071-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 780
date: Wed, 25 May 2022 11:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 25 May 2022 13:34:46 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 23EB 23 KB
10 KB 571ms
538ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266506&bpp=1&bdt=380&idt=306&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KIGojFSH19&p=https%3A//gumoreska.in.ua&dtd=309

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

16aa0b2d5b82c4e44d35ee4230749197bc4b838daaad7e6542630d597028e066

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9900
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
expires: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 536B 147 KB
47 KB 484ms
461ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b634060d018ebb3ee84c850101cf4088c4ec6440eff21ea95a2d1b848e267e8f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIHf5aLK-vcCFTsLigMdLE4DHg&gqi=YheOYrPgNdaItgf-mYCgAg&layout=/sadbundle/%24csp%253Der3%24/16661089946031320726/970x250.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 48194
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CIHf5aLK-vcCFTsLigMdLE4DHg&gqi=YheOYrPgNdaItgf-mYCgAg&layout=/sadbundle/%24csp%253Der3%24/16661089946031320726/970x250.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
expires: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D141 17 KB
8 KB 546ms
530ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c946d2644c0436839ade7d707cc45c87b7fec1085acddc74f48d3d9835888a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 8145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
expires: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 129ms
47ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1782647438&t=pageview&_s=1&dl=https%3A%2F%2Fgumoreska.in.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9E%D0%BD%D0%BB%D0%B0%D0%B9%D0%BD%20%D0%B1%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20Gumoreska%3A%20%D0%B3%D1%83%D0%BC%D0%BE%D1%80%D0%B5%D1%81%D0%BA%D0%B8%2C%20%D0%B1%D0%B0%D0%B9%D0%BA%D0%B8%2C%20%D0%BA%D0%B0%D0%B7%D0%BA%D0%B8%2C%20%D0%B2%D1%96%D1%80%D1%88%D1%96&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1841628507&gjid=785142837&cid=1441253783.1653479267&tid=UA-131431071-1&_gid=1370562590.1653479267&_r=1&gtm=2ou5n0&z=1610685588

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumoreska.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gumoreska.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
439 B 108ms
37ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-131431071-1&cid=1441253783.1653479267&jid=1841628507&gjid=785142837&_gid=1370562590.1653479267&_u=YADAAUAAAAAAAC~&z=1728490055

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gumoreska.in.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 25 May 2022 11:47:47 GMT
content-type: text/plain
access-control-allow-origin: https://gumoreska.in.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame F0E9 3 KB
1 KB 184ms
95ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266504&bpp=2&bdt=378&idt=267&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aXlrfypkgo&p=https%3A//gumoreska.in.ua&dtd=272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame F0E9 17 KB
8 KB 132ms
43ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F0E9 136 KB
42 KB 142ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F0E9 0
0 81ms
81ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COg0sYheOYqK2OZO_o9kP79KucOSP0rFct8DJx9kBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQI1-JBalAy1PqgDAaoEugFP0EmdI6LMu55hXXsgN7dGmuV57s4TtKNZmUFECUGwf7Miygc3NhnhpTB0HZjnXx1xBvMt86SMLmxugJ0wuZp4f-Y56ZvQ2RrHzEZbFGYlapQ113hcj4b-RWEokZlPI6-1Z7vM4P1lIs6OMKSss9MONV-xhx2iMMtw_7vWZVPGJ5CoAmR6LEdX5rl9sEyM1FPls92fRk3vmdq9aktC6abmiGBDFrVPml0Mz0lfKpCKquR4aZIFK-D91XKABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi05NzM1ODQ4OTE0MjE5MjU4GAA&sigh=wnIh-wyT2z0&uach_m=[UACH]&cid=CAQSGwCNIrLMoB-i8f6ii7GZt4gL7m5xNAa2u3GY5hgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=2334401640&adf=4175459245&pi=t.ma~as.8258600178&w=1160&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=1160x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266504&bpp=2&bdt=378&idt=267&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=220&ady=150&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=aXlrfypkgo&p=https%3A//gumoreska.in.ua&dtd=272
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame F0E9 0
0 180ms
55ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOrgEr_6RIgJmAKH-lcYAgAAAJKYg5qP0Cx6EGAXjmLlfZsjMDSAAYItMAASAAA&wp=Yo4XYgAOWyIFKN-TAAupb_ljHR9KzraLJAPIyw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 277596
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1959 143 KB
47 KB 391ms
260ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4XYgAOWyIFKN-TAAupb_ljHR9KzraLJAPIyw&u=%7C5ZMWlKK%2B3Bia1B6%2FRcXTXLUvAWUCfCQ%2BCSRvP9f9oHE%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxkpc6-zjlPVPR7akiQ8WiPVSpIkn7p715cBdnfCoOkee9YGCdAUOoZNjEJ131GhWVZBvcmd03yjJGrBRMueomGpFfZRZQSFXWxH3Rn5HmfDDdlp7Ns2NExv863DdlB08uwQOqyj4GqHts_cg4S8wvPW81PIFiOG7R0Jiye-cE7-N_NlD-U1v9LcIRHT6OaEvFvFZytdBOom04kgDoDiaupq9_4YTyCkVJcSuu9BJ7I6emgUC0HhbkYm9Zr4_YKhX57CbG2ksIHw4QX7XnoCHPP0NlZRJ4ZUUeEcT8AW-GDStohZs1FKB4z89Fi_KlaVJdkjlnibwOJPSDFu-PAwtHcPhljq3xRT-MBzCGx_3ebsbHsLCR_2BpRkh5aZtJR1P4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM7RWYheOYqK2OZO_o9kP79KucOSP0rFct8DJx9kBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQI1-JBalAy1PqgDAaoEvQFP0EmdI6LMu55hXXsgN7dGmuV57s4TtKNZmUFECUGwf7Miygc3NhnhpTB0HZjnXx1xBvMt86SMLmxugJ0wuZp4f-Y56ZvQ2RrHzEZbFGYlapQ113hcj4b-RWEokZlPI6-1Z7vM4P1lIs6OMKSss9MONV-xhx2iMMtw_7vWZVPGJ5CoAmR6LEdX5rl9sEyM1FPls92fBE_OCwkfmE7RG6l-CwTfvbZbkOEG4VGEpAvuNkXHd74d-mcX0OGpzY-ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H4_8B9CHKGhd251_nbpmBzkVheA%26client%3Dca-pub-9735848914219258%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

16f8fac4314d8885286e342f4def4212b2f6054a76f95a344d0678dddf6b3546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=FHlZ6udmFiJLxHA2g5TylQ4BewVH3YwGoW75oHv_8s_HM850DYubSBUskxb-U2PYrlhH88S-C41QFI10nNayEjsbUiU8jR1mXSKk2aPidw9VXPJ4-5vzK6hXgVWhTjqbZHWQdh-mGZsGIEiC2BMgyJsPueYds6mb58_CMf1fyZutYP3cr00pMk68cH5P2cUOfb0JPVvWeZkD8PCdwHZCF3tLKotRNnrllNDnKdakeuntOqOrxgURI9SLguWbB8SC7CeIng"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 128522143
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 970x250.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/ Frame CF7D 3 KB
3 KB 145ms
98ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

257ba01470698af9564b506aa1b1e7f7542a4f824108ebacf0741ae61e57a85a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 135358
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1387
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Mon, 23 May 2022 22:11:49 GMT
expires: Tue, 23 May 2023 22:11:49 GMT
last-modified: Fri, 13 May 2022 14:54:17 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3

200

B27811680.336108188;dc_pre=CNzziKPK-vcCFfys3godiD0LKQ;dc_trk_aid=528517444;dc_trk_cid=171754254;ord=4291053352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd= Show response
ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/ Frame 5744
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27811680.336108188;dc_trk_aid=528517444;dc_trk_cid=171754254;ord=4291053352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfu...
https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27811680.336108188;dc_pre=CNzziKPK-vcCFfys3godiD0LKQ;dc_trk_aid=528517444;dc_trk_cid=171754254;ord=4291053352;dc_lat=;dc_rdid=;tag...

42 B
63 B

156ms
64ms

Fetch
image/gif

142.250.186.70
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27811680.336108188;dc_pre=CNzziKPK-vcCFfys3godiD0LKQ;dc_trk_aid=528517444;dc_trk_cid=171754254;ord=4291053352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Protocol

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N463808.3493422GOOGLE-GDN/B27811680.336108188;dc_pre=CNzziKPK-vcCFfys3godiD0LKQ;dc_trk_aid=528517444;dc_trk_cid=171754254;ord=4291053352;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=;gdpr_consent=;ltd=?
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5744 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cdq4mYheOYoGmObuWqMwPrJyN8AHNkLijas2r3JXpD9rZHhABIKWvh29gu4aAgNAKoAH0uL_FA8gBCagDAcgDSKoEzgFP0OVoDVoyu5kDGoVDGKlWJdYxkPaeqQbaqVNRIp4GXpzmOFrDDu1OfrwVi830UAPagF5CY2m2Vl9xJAtxvjtUCwcZi-vZMOqnx0Xdw78Qh832gkHSmOiQ6I3E5xdTEm1kAF0xEbgvX4MYh0hzxLsTIW5uoC4tz6sIP1B6KJiLWjk6xKQxZorZzMejeLuQDBtk94o4mrGNi3PXBrCIHuVGKTLU1NzVmQTyux3F2KgTRcGg15OQ66poMwq686jmJ3-EDMa5kln18h2qlNuvqMAE0beVr4IEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5nqkaMBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQzJcE0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTk3MzU4NDg5MTQyMTkyNTgYAA&sigh=nkuqxSADsbA&uach_m=[UACH]&template_id=419

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 5744 21 KB
9 KB 93ms
48ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8674
x-xss-protection: 0
server: cafe
etag: 5611795670272045494
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:38:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5744 3 KB
1 KB 145ms
100ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5744 136 KB
42 KB 202ms
157ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5744 17 KB
7 KB 98ms
54ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:58 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/ 148 KB
53 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205190101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

44b9fb5102cbc5a2eae8b6dc3cf76183fbfe0edca2ee463a325264d2cc85e4b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53762
x-xss-protection: 0
server: cafe
etag: 16634720565946868788
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 23EB 3 KB
1 KB 118ms
96ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266506&bpp=1&bdt=380&idt=306&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KIGojFSH19&p=https%3A//gumoreska.in.ua&dtd=309

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 23EB 136 KB
42 KB 151ms
128ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 23EB 17 KB
7 KB 104ms
82ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:58 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 101F 624 B
300 B 51ms
50ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIvMz8UBMAE&v=APEucNW8eLOcVA7nFdO971rcjkJNemjQBrsZYPEouPEOZX0JzUL_TNio_8N4G6OL0BqXYI45YzHgtTIYNfv5K69tTAE6W8sdpnsxiDE2uMMn3xgiw7coxGtA8UYlM2EvMEY3Xkr5sinZmxFT1Uk7zcFl5Kohm0xqfXZLheXU9YvkAjs-6OknDIE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
expires: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 3526 89 KB
35 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwIDz1NT36om4kS1CQoAYZIJLDTtWSYmSTQ8d9JDNLVaZMICTtq5CtutmgCcn6A7xdXOzvYmohw9G9hEUdFoHSvU0YhHWahqNuWP6sOIEVLamsHT4pe2Q4PwAauXlH5020MRGVlkKtzDyji_rlTkAvB9IVRg&dbm_d=AKAmf-BPvOO4zTLv_rhDLHAMstfep-LSy4DEsD4aOsmH_o_F5u9eX8bogMC3YC_cz3-sUNgW4_HGPcLSrDuMOMvRxtbyNBjL5fHBQxYLC8RLAwNAAqzRJQ2kE_sFgzgSv_LCSMju1nr5Pmfcq3dyjqPMyhfFFd3iMUYrEFr1WEIxGOFrMtBvSMEUR1OVK6YK8ivPmk5vfikjGHwZDSQmSuHNssur0m5VAyOaMbEYB31LlP4n8kzX9LxcfwUByQcR6kX4Ig-8SDIRzDAp1exN-QYmtFsNgTkyDot4lVJMAcnnbCa5BdQpNC_PUEzC6dUyF2KQEls-xx0nOzUQpr_l6QxoGe9VoGJikVtzJL3wRlbvF19K0ctsTS38LFQ71T8u_XRxO2YdDx1J5PIYtXWij7rmEgjvBryUw3LOuGU0nEEj6eHJ35Hgx3EU3l9v2IBJqCGBxij2noUIQA5JHUKlgU3O5ds7bn3_EJqslWYUzMoQL3gHX9rsTaM9PpYelYWEhWWaFphRbXCjd6KDFCKisgeIlraP0JwkgK9vduocmtPSN6c-PQZM3yaFkmQHT-9pP7_brDHUBSnbM8aCyD0BV9lKiE98Ve1dgeh8zuIusmptIChXlhxZ7j7cJj1_s3XUSyhLicicCGqWCBH566A9PJ5J9JkabN9_MqmGkgUG6_CnKJM6iAWtcXK9sPpf-fihl1zRob-kpsvT8-lfCnTnH9SarIO2EjT9gMwcY2C5KDBd3wF85jHxQPqWhloa8tDYqPjBCKwOw476UqoFZTy3mb8DSWPDIZ3880jid3isuHj6Cl_pwzAZNyKoKrL8jzjjIsOSdufOlzQ4P23bRo-4GxeRhhwydBBX_UwEn2nwm7-7VTaPdryRF3QoGqflPXTCheGPCUwQ8dM7tHzVqyYhvdNtLXNHEVlFvqv79ETkC6i-e7WosbwmGa2Ebt_7lLQODbgKCIez0vEh2Eu36tyTsxCiZ1GVxvIeUc8YgKH5Nb2frabbS4CuSlaP2MlwV-Y2rIoiZU9P_3Go7EpIWzeS895NyjCXdEG6QmD6pr4DxufJwlimaw1vm59z_fTyNqGStOdfuuMOgBVvWUYX7y5oC0NpOcyp-T7w8oa1ddFfFZOSL1p2GA7M13YdXgi_QISG1Nnem6tCJduwFVEqHfCY_ojxUeoJYKwKbZBMXg1RRJ2dsbenpmyN824xjg1HV1UvxK1s379Sn7SaBBOwyopEUKAChqAgI3xBcYIp-unjsvrhb3tktfuJqBp4jJ_mW-vBTOJEYpUvFsHDYl_DWfnV04wTvLnCfdITA7mXbWOBDaMiQqQTYM_rJHWj4omVRfP1rDyyhBMNWz-GPFQpYa1aILBFhJNJIAttLUSS7hTYDPYRpflkFlrpYLZw8WUtmjKV7RysJ-zaA0Jtvq5WNqUraUwUcqs7v9t6w83xKSiOKbSsXwsxEv9bfnDuWBtqFi-NzpwKI0WIKTyCEkiu6cKIKI44vnzC6iGArYlmCHUQcIcZM1-AXvh_iiFIKwrAMVKpxVAfM95kItoMjy53Tdwc7MvBUsGa0YvGzXv0XEcPkkbiWxmANjY324vd-7auZawDBJWHT9vfUEwZVZctWLfE0yz6hMand0HTkUofub9Rb2zplIJnoXn6WHBuraxdOx-a7Ril0ry6KQIxsWFi8mxICu1J8WJMYtaGxhl8UO5a16x1XVIZq8y0i6K-49Rbq_A1QaC9aWPbzsXrbXejg7E4UAwyzYSCemK4N81w-qvZHEPDIdwaG9ClITdaScd2VzJftOsYKHVROj25Pksrl5fgyGqXiYe-b8f-u7kcZW7x_Q4rIzRoGS3bzLCeve0RHkj0O_NMpi_SZnqfxWu3ghw5HA6imk22UzBE5fzY8vPEfwhvY1R7QBng994tk8JtdbU3mW4dBbeFq8j_Hl5ThilWxwB5ztR729_uZZ5PELa256nyzJ7aYe6oVQWvLjl9fviRakeiHmAAE1TCwunIg0IotJX4jaySmsuLmYkXQFlRQwI6Lh216f-vyKF3lHXzlsa3LgtKMHxvLVc_JoezSo03bz2aI-Z1AogL2chxrd4vYrdO9uucmmtq9xriJ8KXsKSfFITBk_A_QBSjo_7Mxk1NWwK7dobaTSseazTvjil3e43b96gpuan0EO3KLoSVDLVX-5fovmygPZUNhlic3_9TLeHdgNxs7hG9HS0-KMdRbN3zivfWNmiVm79wOkc6xAjGiT3Wcqbae1nqC_MOSYVmDfvG0jSa8lexfJ7OAlRDjTVHV5h2mU4Za0TxWKBNS0dHDGOtTbvDKmedObJYKmcClqgf0viWHmTaScMzQrc1PTg3u9_I7odg6HL6cCZRm51CHTCspp8Duv2Fn7vpJMziNMfvgu1lYA6DrejKARiE6WrFUK5A1QzU6v_ywV_CybdATwFys6eIYIE7JZiiayB1-DRhkw1ijX5Aa2_j6ifnJ39kl1twubyEzbfxO85VrtKU2pXkYU526esMBz5uWANQpYLqKtfWsHLHqMK8zorN3cBhOvgcjFN39ygKxlIvpq029RIlB5imTY5GeIFWokbFGCgCB5W7kqWStB6dqv8bNPj_Mka8pgFHtvL9jd0XEnT7O6W55kgQxmgIlVP-Q6VTxFp98B9EwZKXBPoebatsjD27_U7OFVcOayLdZrn7pEmThrVBXa-F0Zr0Idb0YOsDYGeG64cGBR7fOZvAkrCj2Zk5DFRwhdYIYi7WyedE1y-f8zQ8oqtlg1MDv4JlPOeSgjSDQUSwUfIZRSoiNxBNDPkj41XuCnsOG2NFYM5iIQvKfVNhjAAhfWEaq8ZAh6oIqiodHF_vR20fnvK0hZuXEiRVV-7QV3DxKzsg8yXbwK0iSzKaJMecZUhdgXo_R9a0V9mxjWUsBmGh7DUiT62S0Jz2BtXwgyrc8dw3DAAC6q0TOlBonGJIBSaUiPlJpldSEsrjvBdgcvrBvQS7xJqvJJE_xwaE2CJOQV0bRxcKgOOZuA8Uq0AAE83eTlzUWnBF1mZxlqSUiTGl_5fxuF9cM_NvtvxRiBPoFT_d_7bin6WSOZfPl4IoI93GzvZn3Za3Ktsj-qkFjHwG9g&cid=CAASBORoTS0&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dab97bab75dff08fffa02146ba15959d05781c4e786ac6ac714c906297b3f4aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35767
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 3526 3 KB
1 KB 114ms
101ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:53 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3526 136 KB
42 KB 118ms
104ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 3526 17 KB
7 KB 101ms
88ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:58 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3526 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CIMKcmnEs6lnlhw9PitCkJVoSrrR7yTXrmGPQgDP1mOVKYjvFQaaU5gM5SV3Sf_98KaQgGJ7Mc9RQPSWSuD1qt8defLROhq5ttDKKi8BmXPnzeq-8

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 23EB 0
0 84ms
83ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CXxBxYheOYt_AOY_po9kP-ZKO0AXkj9KxXJ_Z5oSzAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCR8iXI3UCtT6oAwGqBLUBT9DhIYvzkwnecGHW9BGAI7RpstFLfLVhKuqz-ZASov8ncRiVAHQRwXOk-6NCrJa_Pvz39Sp5AFPtomlGhPUZvRprD0eLY05Yg0he_cjlN4qd1GU-M9-eVA42n__Brvui5jHZt3rnKEsT60Irzv_mlzf8hgzL8qUo3VLlubaeCL8ERCVCx9rgdPYQXdHRQbHxLAZ56FTBeZw7qzjavF8vQG0e2mk9bVyNYNs2nVtDz-N58JteL4AG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTk3MzU4NDg5MTQyMTkyNTgYAA&sigh=GdY6gHDwj7E&uach_m=[UACH]&cid=CAQSGwCNIrLMCBaU0D7kPmbehUxvkeflONijwdixbxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=9796530553&adk=293745757&adf=3400386631&pi=t.ma~as.9796530553&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266506&bpp=1&bdt=380&idt=306&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=799&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=KIGojFSH19&p=https%3A//gumoreska.in.ua&dtd=309
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 23EB 0
0 105ms
55ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOrgEr_6RKgGmAKH-lcYAgAAAE5v2bdso649EGAXjmKKIQRAwTEkeluB6QASAAA&wp=Yo4XYgAOYF8FKPSPAAOJeTdEXsGkLLDajMD9QA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
server: Kestrel
server-processing-duration-in-ticks: 301712
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AA59 135 KB
45 KB 213ms
158ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4XYgAOYF8FKPSPAAOJeTdEXsGkLLDajMD9QA&u=%7C5ZMWlKK%2B3Bj94rzS4IBY5YXtjQFdSBGLEpVtrU1m0%2B0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvhlCtBCGtqTo4H7ltPR11hSXF-j0wHEC9S68KeW7iahhFMu4yL_7t0BBP2CCheMnvoJNiGcuzRMI0BTEZ3cygxR2nyE-cLoKN7v6aF11WtnPDv93clR2wYTFNHXJJHL2WVhSdwyaRjdgbt65YMkioMjATCVK2vnmJIq_EuD4tPkEsIMhMrg2lTzJCuq5dawPW8-pGUNv23GJ-_-JaoB_2ijnrI2yUBQaZhz2OD-ysO24NX23n-2_4CGkfp2hjsBEyEpH_DaXhrmPa-CnqKmFXtlGHr1w5Bg6p3NdhwrJjZh1cxSf-CKjLevwyzLVIEZ6RlqZbYXDcbrI3ABmfZi2NKc1XlbuzZ9uRH03Xj3hLMw8Byswfmy0n4_QoYu2P57HfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtTE4YheOYt_AOY_po9kP-ZKO0AXkj9KxXJ_Z5oSzAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCR8iXI3UCtT6oAwGqBLgBT9DhIYvzkwnecGHW9BGAI7RpstFLfLVhKuqz-ZASov8ncRiVAHQRwXOk-6NCrJa_Pvz39Sp5AFPtomlGhPUZvRprD0eLY05Yg0he_cjlN4qd1GU-M9-eVA42n__Brvui5jHZt3rnKEsT60Irzv_mlzf8hgzL8qUo3VLlubaeCL8ERCVCx9rgdPYQXdHRQbGzLifrO_YzfA_JpKBZ2MOEQ3kUZmMTdYcD-7-qPORd4_uod3FbvA99Y4AG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SY_357hggiQw3TVF9bc3zd2pyLw%26client%3Dca-pub-9735848914219258%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5a07e11698e0f855a292f7fb02360f0bf188b6eb39d429f7c1649d85356408cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=R78bUOdmFiJLxHA2KheVE2eLbSPBDyhWXUPrgUXpSK9XGXonHmWs8iEYBQev0N9XG_jWgxVkCQWoA1WHIP0w9dQdI4puPRPEkTRrE-KMIeHhT5GiCDhcKWW-yeqIqEatf37UqoOz9NPxZVLtjFzFrFKgL3nu6jA3tMJCF0_gBwcnrPioIg1kWYQOS1f8tFWkCr39U8yt275PYsSDQawswxQIL6F6zLuWOetv-ATeBd8hux5hmLoXIcthoRIeiAFMs7WfUw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 97711117
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 101F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP9cENcuOXiTWn37aKBABg&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP9cENcuOXiTWn37aKBABg&google_cver=1&C=1

43 B
1012 B

56ms
56ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP9cENcuOXiTWn37aKBABg&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIvMz8UBMAE&v=APEucNW8eLOcVA7nFdO971rcjkJNemjQBrsZYPEouPEOZX0JzUL_TNio_8N4G6OL0BqXYI45YzHgtTIYNfv5K69tTAE6W8sdpnsxiDE2uMMn3xgiw7coxGtA8UYlM2EvMEY3Xkr5sinZmxFT1Uk7zcFl5Kohm0xqfXZLheXU9YvkAjs-6OknDIE
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 11:47:47 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:47 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENP9cENcuOXiTWn37aKBABg&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Wed, 25 May 2022 11:47:47 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 101F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yo4XY2Se.mDgxD1dySoSSQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1&google_hm=2

43 B
893 B

53ms
53ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIvMz8UBMAE&v=APEucNW8eLOcVA7nFdO971rcjkJNemjQBrsZYPEouPEOZX0JzUL_TNio_8N4G6OL0BqXYI45YzHgtTIYNfv5K69tTAE6W8sdpnsxiDE2uMMn3xgiw7coxGtA8UYlM2EvMEY3Xkr5sinZmxFT1Uk7zcFl5Kohm0xqfXZLheXU9YvkAjs-6OknDIE
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 11:47:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 101F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFv-buBylYH9L9kitqy0evw&google_cver=1

43 B
1020 B

160ms
98ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFv-buBylYH9L9kitqy0evw&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvOfRD184EBGIvMz8UBMAE&v=APEucNW8eLOcVA7nFdO971rcjkJNemjQBrsZYPEouPEOZX0JzUL_TNio_8N4G6OL0BqXYI45YzHgtTIYNfv5K69tTAE6W8sdpnsxiDE2uMMn3xgiw7coxGtA8UYlM2EvMEY3Xkr5sinZmxFT1Uk7zcFl5Kohm0xqfXZLheXU9YvkAjs-6OknDIE

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:47 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7a0a706e-8d21-478e-87fa-f7de8a9fb8dd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFv-buBylYH9L9kitqy0evw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 101F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0MzUzMDQyMzk3OTgxMTM1NQ%3D%3D

170 B
188 B

145ms
67ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0MzUzMDQyMzk3OTgxMTM1NQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:47 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3f058b48-2df5-44f3-8548-52ade2510be4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0MzUzMDQyMzk3OTgxMTM1NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 149ms
49ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=gumoreska.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 148ms
50ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gumoreska.in.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220523/r20110914/ Frame 1BD3 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220523/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 36508
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 01:39:19 GMT
etag: 3347421328414474149
expires: Wed, 08 Jun 2022 01:39:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame F0E9 213 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02204a26a8262757edb06b5bab32bc67ccaba9a71c4c677caa42cf225496582c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D3CA 143 B
163 B 51ms
51ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1356
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 11:25:11 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/991453/61640716/ Frame 3526 46 KB
12 KB 153ms
43ms Script
application/javascript 34.243.58.169
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/991453/61640716/skeleton.js?ias_dspID=3&ias_campId=27074181&ias_pubId=pub-9735848914219258&ias_chanId=1&ias_placementId=16471451744&bidurl=https://gumoreska.in.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gTkJ62OqdLJzqN6UsJ2dJh
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.58.169 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-58-169.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 83f0300efb4ee0d8592e9d5186babb32509738e1d7d7a2f5b270ca9fd2fc99e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 3526 170 KB
59 KB 141ms
46ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 May 2022 11:18:39 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/ Frame 3526 8 KB
3 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AwIDz1NT36om4kS1CQoAYZIJLDTtWSYmSTQ8d9JDNLVaZMICTtq5CtutmgCcn6A7xdXOzvYmohw9G9hEUdFoHSvU0YhHWahqNuWP6sOIEVLamsHT4pe2Q4PwAauXlH5020MRGVlkKtzDyji_rlTkAvB9IVRg&dbm_d=AKAmf-BPvOO4zTLv_rhDLHAMstfep-LSy4DEsD4aOsmH_o_F5u9eX8bogMC3YC_cz3-sUNgW4_HGPcLSrDuMOMvRxtbyNBjL5fHBQxYLC8RLAwNAAqzRJQ2kE_sFgzgSv_LCSMju1nr5Pmfcq3dyjqPMyhfFFd3iMUYrEFr1WEIxGOFrMtBvSMEUR1OVK6YK8ivPmk5vfikjGHwZDSQmSuHNssur0m5VAyOaMbEYB31LlP4n8kzX9LxcfwUByQcR6kX4Ig-8SDIRzDAp1exN-QYmtFsNgTkyDot4lVJMAcnnbCa5BdQpNC_PUEzC6dUyF2KQEls-xx0nOzUQpr_l6QxoGe9VoGJikVtzJL3wRlbvF19K0ctsTS38LFQ71T8u_XRxO2YdDx1J5PIYtXWij7rmEgjvBryUw3LOuGU0nEEj6eHJ35Hgx3EU3l9v2IBJqCGBxij2noUIQA5JHUKlgU3O5ds7bn3_EJqslWYUzMoQL3gHX9rsTaM9PpYelYWEhWWaFphRbXCjd6KDFCKisgeIlraP0JwkgK9vduocmtPSN6c-PQZM3yaFkmQHT-9pP7_brDHUBSnbM8aCyD0BV9lKiE98Ve1dgeh8zuIusmptIChXlhxZ7j7cJj1_s3XUSyhLicicCGqWCBH566A9PJ5J9JkabN9_MqmGkgUG6_CnKJM6iAWtcXK9sPpf-fihl1zRob-kpsvT8-lfCnTnH9SarIO2EjT9gMwcY2C5KDBd3wF85jHxQPqWhloa8tDYqPjBCKwOw476UqoFZTy3mb8DSWPDIZ3880jid3isuHj6Cl_pwzAZNyKoKrL8jzjjIsOSdufOlzQ4P23bRo-4GxeRhhwydBBX_UwEn2nwm7-7VTaPdryRF3QoGqflPXTCheGPCUwQ8dM7tHzVqyYhvdNtLXNHEVlFvqv79ETkC6i-e7WosbwmGa2Ebt_7lLQODbgKCIez0vEh2Eu36tyTsxCiZ1GVxvIeUc8YgKH5Nb2frabbS4CuSlaP2MlwV-Y2rIoiZU9P_3Go7EpIWzeS895NyjCXdEG6QmD6pr4DxufJwlimaw1vm59z_fTyNqGStOdfuuMOgBVvWUYX7y5oC0NpOcyp-T7w8oa1ddFfFZOSL1p2GA7M13YdXgi_QISG1Nnem6tCJduwFVEqHfCY_ojxUeoJYKwKbZBMXg1RRJ2dsbenpmyN824xjg1HV1UvxK1s379Sn7SaBBOwyopEUKAChqAgI3xBcYIp-unjsvrhb3tktfuJqBp4jJ_mW-vBTOJEYpUvFsHDYl_DWfnV04wTvLnCfdITA7mXbWOBDaMiQqQTYM_rJHWj4omVRfP1rDyyhBMNWz-GPFQpYa1aILBFhJNJIAttLUSS7hTYDPYRpflkFlrpYLZw8WUtmjKV7RysJ-zaA0Jtvq5WNqUraUwUcqs7v9t6w83xKSiOKbSsXwsxEv9bfnDuWBtqFi-NzpwKI0WIKTyCEkiu6cKIKI44vnzC6iGArYlmCHUQcIcZM1-AXvh_iiFIKwrAMVKpxVAfM95kItoMjy53Tdwc7MvBUsGa0YvGzXv0XEcPkkbiWxmANjY324vd-7auZawDBJWHT9vfUEwZVZctWLfE0yz6hMand0HTkUofub9Rb2zplIJnoXn6WHBuraxdOx-a7Ril0ry6KQIxsWFi8mxICu1J8WJMYtaGxhl8UO5a16x1XVIZq8y0i6K-49Rbq_A1QaC9aWPbzsXrbXejg7E4UAwyzYSCemK4N81w-qvZHEPDIdwaG9ClITdaScd2VzJftOsYKHVROj25Pksrl5fgyGqXiYe-b8f-u7kcZW7x_Q4rIzRoGS3bzLCeve0RHkj0O_NMpi_SZnqfxWu3ghw5HA6imk22UzBE5fzY8vPEfwhvY1R7QBng994tk8JtdbU3mW4dBbeFq8j_Hl5ThilWxwB5ztR729_uZZ5PELa256nyzJ7aYe6oVQWvLjl9fviRakeiHmAAE1TCwunIg0IotJX4jaySmsuLmYkXQFlRQwI6Lh216f-vyKF3lHXzlsa3LgtKMHxvLVc_JoezSo03bz2aI-Z1AogL2chxrd4vYrdO9uucmmtq9xriJ8KXsKSfFITBk_A_QBSjo_7Mxk1NWwK7dobaTSseazTvjil3e43b96gpuan0EO3KLoSVDLVX-5fovmygPZUNhlic3_9TLeHdgNxs7hG9HS0-KMdRbN3zivfWNmiVm79wOkc6xAjGiT3Wcqbae1nqC_MOSYVmDfvG0jSa8lexfJ7OAlRDjTVHV5h2mU4Za0TxWKBNS0dHDGOtTbvDKmedObJYKmcClqgf0viWHmTaScMzQrc1PTg3u9_I7odg6HL6cCZRm51CHTCspp8Duv2Fn7vpJMziNMfvgu1lYA6DrejKARiE6WrFUK5A1QzU6v_ywV_CybdATwFys6eIYIE7JZiiayB1-DRhkw1ijX5Aa2_j6ifnJ39kl1twubyEzbfxO85VrtKU2pXkYU526esMBz5uWANQpYLqKtfWsHLHqMK8zorN3cBhOvgcjFN39ygKxlIvpq029RIlB5imTY5GeIFWokbFGCgCB5W7kqWStB6dqv8bNPj_Mka8pgFHtvL9jd0XEnT7O6W55kgQxmgIlVP-Q6VTxFp98B9EwZKXBPoebatsjD27_U7OFVcOayLdZrn7pEmThrVBXa-F0Zr0Idb0YOsDYGeG64cGBR7fOZvAkrCj2Zk5DFRwhdYIYi7WyedE1y-f8zQ8oqtlg1MDv4JlPOeSgjSDQUSwUfIZRSoiNxBNDPkj41XuCnsOG2NFYM5iIQvKfVNhjAAhfWEaq8ZAh6oIqiodHF_vR20fnvK0hZuXEiRVV-7QV3DxKzsg8yXbwK0iSzKaJMecZUhdgXo_R9a0V9mxjWUsBmGh7DUiT62S0Jz2BtXwgyrc8dw3DAAC6q0TOlBonGJIBSaUiPlJpldSEsrjvBdgcvrBvQS7xJqvJJE_xwaE2CJOQV0bRxcKgOOZuA8Uq0AAE83eTlzUWnBF1mZxlqSUiTGl_5fxuF9cM_NvtvxRiBPoFT_d_7bin6WSOZfPl4IoI93GzvZn3Za3Ktsj-qkFjHwG9g&cid=CAASBORoTS0&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:42:30 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 3526 27 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f2b8c48f20b369362dc65af86c17d672285dad4012c6f0f187c49ad465812b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10524
x-xss-protection: 0
server: cafe
etag: 7053593280098290627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:43:51 GMT

GET
H3 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame CF7D 9 KB
3 KB 143ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:36:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7893
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Thu, 26 May 2022 09:36:14 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame CF7D 26 KB
10 KB 132ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 24 May 2022 16:13:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70448
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Wed, 25 May 2022 16:13:39 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame CF7D 186 KB
48 KB 49ms
49ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H3 200 970x250.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/ Frame CF7D 51 KB
10 KB 146ms
55ms Script
application/x-javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dafc5f5367611ef67921f0c48d16ef3b3202cee5b60a152855a664e1e4b9bc4

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 145368
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10228
x-xss-protection: 0
last-modified: Fri, 13 May 2022 14:54:17 GMT
server: sffe
date: Mon, 23 May 2022 19:24:59 GMT
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 May 2023 19:24:59 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B578 624 B
297 B 60ms
60ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYw5qqygEwAQ&v=APEucNWyzxplnrT9PyJNFTeCQr99WbT6rQv97vWySXrKMdXJfLij1bX8Uhx5UEz4-OPUhr8C0nXumu-XWtuN7XOEBXbi8g2yyd5gQHg6vN0iprP-Bfl8Ij2kQX2hznkwaJ7a3XCNdvUKHf3BJ8CLRxj9UF57qfkdb0eV7zRE8UlgM3UXHTZJKMU

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220523/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 5B0D 21 KB
8 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite_fy2021.js

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a05a87ffec895e210b0d9746c10e4a47d181857eabc6758fe799bc454b434d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:13:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2057
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8640
x-xss-protection: 0
server: cafe
etag: 18224008427853224413
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:13:30 GMT

GET
H2 200 14282306255161113943
s0.2mdn.net/simgad/ Frame 5B0D 59 KB
59 KB 70ms
70ms Image
image/jpeg 142.250.186.70
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/14282306255161113943

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

f2ea3341ccaba33ee5ea28ab92f80a3b62ecfa88ce547cf525a1fb01e25cfc63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 23 May 2022 23:45:46 GMT
x-content-type-options: nosniff
age: 129721
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60559
x-xss-protection: 0
last-modified: Wed, 11 May 2022 10:38:22 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 May 2023 23:45:46 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/ Frame 5B0D 6 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 08:07:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13220
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2628
x-xss-protection: 0
server: cafe
etag: 1103433747108554897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 08:07:27 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5B0D 0
622 B 196ms
84ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstXSE2zLGvQJWaaksNM3-bAcvYv5fNldDbmbzdbyrFCLdcqQtueYLDrIh04sku-radQxD48kG0TrxgEKKZFJJlgVEWeUy0jO9paEp3CKe1l6G3AcUtoDTjxuPeOq00LJiy9wUV8PRWmH4ewnDZ-Hr5lRBjnsKrGbTP3073C9diV5M_DYDfjg0T_HMVdYpy-xe6W_j-noZhcc5VwQBCR_l24uU2wHklepQeX2oIZUSu8j6jOZf0W_XDphP-xL7UI441mmE_z2Rbh2pxiHW3EDEcv_MIKuQT8dhIgwVAa0BmW6Nso8QwrMq_CoWu0jNATFyWL6wuFEN3W2MNKsiugZgEqNp1Dhcrio3lvoFAUZ3KaFKelwdK8OppSDFGbFDTqd5VfI3_AB5e60G8CDbzNDMEyJ1vR8b6892PuWM5qsWNx4Tg4ELNbT6oMXHe-IJtSyEPhLBimArqB1Y6C70VgjElWunO_mISLd3-loacGtVJNqo7wOArX38SeOBF4XX6gPmAqXFoO1YruIpeg_lmdHjNsemXDfkETHoe97Y3UqGxKeeF-mo0QOhWIFhKMsnYyxJ1z8BlV6zxdhDWle1ibOS78FsP9CmP_tRQgUGeQgJ8oRnq3yKzNqatVc_XJTwFYhwDjmJfFcKynjD_CYSf3jBFk7nHWvxtz-W9iVcsJO8IAgnCtuHWM--hBO0mNjdNf5pk2O9J5_38IyGkcJxhttnqTIjnWgE_248-sPH_mQ4XVbNWuAi_0UwZwoNBdbO8sRQrGjXDP-ApMfuImCjBUXWO33HxGwVIb36UzRLmc_-xO9IWzpL3M7sjrdXkqHIGqSV4g6Dn6CSozbG69RO4gKdnxzT9oUvpbR9OIjha8vULNbvfcXYpetlaURRJBD3j1MXgFo3XxnWnF6JlnGaCMiegReG7wLRhqKnoxnCrQo_GVe_IApATtqLIKncz9okicxh-CtOLBeSgYwhgrBU5p5H6Agi3FEb30ttxn91GgX-CuVp2zSwpoA-uBgGOXkQRNEli7Nyxig9XpCup9skTFCp6lLDcVNvm5WiWQ3pm851LsW9-R2Uu3LPvK0tToXTniYecpNJ44tUto1msM4fCCfREyx2cfOlOpSGNk8NINxNxx3l6alkvmZd7NRb3Jo98cCoUDunK4GlKK-55eq8sgmrIR8qbjhwZAaiu7_YK5HD-x1cGqk443iRl4ZcBkiZRW_hmnsQ&sai=AMfl-YRZoOK_Wqy5r8zeVxJdPo_TlD8xtBx9d1CVVTFYsq6TLm6tGX5W1EolwcPJg4K9oIxAD4Aba6kVg9TOSGcVZLDEUerTwZ7hKihn8meRFzyWaD1nfHdTUiPgnhKwGhtHOzVeNk03XDn3wF7Bp5vL72q4mILNQ4m2ZLSXOmp93MhfmZNukpu7O0E&sig=Cg0ArKJSzMGlShBpC9lvEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220523.17655&adurl=

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 5B0D 41 KB
15 KB 96ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H/1.1 204
No Content visit.jpg Show response
tps.doubleverify.com/ Frame 5B0D 0
162 B 160ms
47ms Script
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://tps.doubleverify.com/visit.jpg?ctx=13624377&cmp=27754553&sid=7787276&plc=336034191&adsrv=1&btreg=&btadsrv=&crt=&tagtype=&dvtagver=6.1.img&
Requested by: Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:47 GMT
Cache-Control: max-age=0
Connection: keep-alive
Expires: 05/24/2022 11:47:47

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B0D 136 KB
42 KB 171ms
89ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 11:47:47 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 5B0D 17 KB
7 KB 119ms
64ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

97e8589ee15d3a7b065d9dc815388983b332b2aebd095aa7240633515cd0d67b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:45:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 157
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7271
x-xss-protection: 0
server: cafe
etag: 2573367456674966785
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:45:10 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5B0D 42 B
63 B 73ms
73ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BG4tRyzyF2_MrqzEkSSIIigOFvqnzfIJRe7HWt54KHZQLCEOGBVPkrxscD5DMlDQXwmhpVv5ggQaTktEu_r49EjNu7EayAEu9uL0tEntGhyQAnKzM

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 5744 211 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41b211a84f58ff5a414efe8c566945e62584d0fa8ad36b5ea62ee3e27f18d31e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AA59 2 KB
1 KB 179ms
59ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4XYgAOYF8FKPSPAAOJeTdEXsGkLLDajMD9QA&u=%7C5ZMWlKK%2B3Bj94rzS4IBY5YXtjQFdSBGLEpVtrU1m0%2B0%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59w0UTABAYh-dYE5amGXcPCvhlCtBCGtqTo4H7ltPR11hSXF-j0wHEC9S68KeW7iahhFMu4yL_7t0BBP2CCheMnvoJNiGcuzRMI0BTEZ3cygxR2nyE-cLoKN7v6aF11WtnPDv93clR2wYTFNHXJJHL2WVhSdwyaRjdgbt65YMkioMjATCVK2vnmJIq_EuD4tPkEsIMhMrg2lTzJCuq5dawPW8-pGUNv23GJ-_-JaoB_2ijnrI2yUBQaZhz2OD-ysO24NX23n-2_4CGkfp2hjsBEyEpH_DaXhrmPa-CnqKmFXtlGHr1w5Bg6p3NdhwrJjZh1cxSf-CKjLevwyzLVIEZ6RlqZbYXDcbrI3ABmfZi2NKc1XlbuzZ9uRH03Xj3hLMw8Byswfmy0n4_QoYu2P57HfA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCtTE4YheOYt_AOY_po9kP-ZKO0AXkj9KxXJ_Z5oSzAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi05NzM1ODQ4OTE0MjE5MjU4oAG91IjrA8gBCakCR8iXI3UCtT6oAwGqBLgBT9DhIYvzkwnecGHW9BGAI7RpstFLfLVhKuqz-ZASov8ncRiVAHQRwXOk-6NCrJa_Pvz39Sp5AFPtomlGhPUZvRprD0eLY05Yg0he_cjlN4qd1GU-M9-eVA42n__Brvui5jHZt3rnKEsT60Irzv_mlzf8hgzL8qUo3VLlubaeCL8ERCVCx9rgdPYQXdHRQbGzLifrO_YzfA_JpKBZ2MOEQ3kUZmMTdYcD-7-qPORd4_uod3FbvA99Y4AG3e_p7-DShp-mAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3SY_357hggiQw3TVF9bc3zd2pyLw%26client%3Dca-pub-9735848914219258%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame AA59 2 KB
1 KB 180ms
60ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AA59 308 B
637 B 149ms
59ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame AA59 293 B
621 B 152ms
62ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame AA59 43 B
348 B 119ms
37ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=a54z-MG9Gd7sANkL-fG0XY1weY_2f8K2W-rvrJe_O_7YJu28ZBikyODEMly6EBs_Un_05yGijZqHwkL_TiBpq_B7QGFPJwPDFBidbYqIKLng5zcA4redA8kRwWY5qMsINMSwjvDvjFkC81uIVV1iTs0tD8Z-8hscHI_QhETTD6gYW4kPmTLxivxMN6c-sbUwLNMnLCQdTqYDUuHDIxsM1m_5pwYyCJMHLQr9uEsFkyVPDGRCb8XJr5v_-ElyYa1-oyvxJeVnWgvrZkotTKv83YK4mfkCY0L8CJh1nFPgxVP27BJhCka3howcMpndWzg30JPptjOZFmEcKAvwzTg8xSR2lbZ_-BPathxSjBKc8mUPlezby3lY7uriGCVVjvEvB9WKEGQVXLGUZJuVqUcjyKK-wFX3MF_Hq3hwrg-Z4eZMFbEkYXpobMQjmOKQtd3WUxU2og

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3502584
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3526 41 KB
15 KB 67ms
66ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
DATA 200
OK truncated
/ Frame 3526 219 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4ea49b00bb1fbf488281b11b8a08d3f096dae326a358e4a52cd6902f8da4eff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 23EB 212 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11fc98c2751f3c7b5e72b55d3c9e245147ac911d59ee87191d17c31520f58f78

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D3CA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

105ms
104ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 11:47:48 GMT
expires: Wed, 25 May 2022 11:47:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 25 May 2022 11:47:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B578
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1

43 B
893 B

54ms
53ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYw5qqygEwAQ&v=APEucNWyzxplnrT9PyJNFTeCQr99WbT6rQv97vWySXrKMdXJfLij1bX8Uhx5UEz4-OPUhr8C0nXumu-XWtuN7XOEBXbi8g2yyd5gQHg6vN0iprP-Bfl8Ij2kQX2hznkwaJ7a3XCNdvUKHf3BJ8CLRxj9UF57qfkdb0eV7zRE8UlgM3UXHTZJKMU
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:47 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 11:47:47 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame B578
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Yo4XY2Se.mDgxD1dySoSSQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1&google_hm=2

43 B
1013 B

59ms
58ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYw5qqygEwAQ&v=APEucNWyzxplnrT9PyJNFTeCQr99WbT6rQv97vWySXrKMdXJfLij1bX8Uhx5UEz4-OPUhr8C0nXumu-XWtuN7XOEBXbi8g2yyd5gQHg6vN0iprP-Bfl8Ij2kQX2hznkwaJ7a3XCNdvUKHf3BJ8CLRxj9UF57qfkdb0eV7zRE8UlgM3UXHTZJKMU
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Wed, 25 May 2022 11:47:48 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEOvKKVJlFjGj25ryKABuK-k&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame B578
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEJasIO7t1vi0geIazK-vzkU&google_cver=1

43 B
1020 B

59ms
59ms

Image
image/gif

37.252.172.36
ASN-APPNEX

General

Check archive.org

Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEJasIO7t1vi0geIazK-vzkU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COu99gIQ-b799QEYw5qqygEwAQ&v=APEucNWyzxplnrT9PyJNFTeCQr99WbT6rQv97vWySXrKMdXJfLij1bX8Uhx5UEz4-OPUhr8C0nXumu-XWtuN7XOEBXbi8g2yyd5gQHg6vN0iprP-Bfl8Ij2kQX2hznkwaJ7a3XCNdvUKHf3BJ8CLRxj9UF57qfkdb0eV7zRE8UlgM3UXHTZJKMU

Protocol

HTTP/1.1

Server

37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:47 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 89e53c40-0d27-4550-a39c-2a1355d228f5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEJasIO7t1vi0geIazK-vzkU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B578
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0MzUzMDQyMzk3OTgxMTM1NQ%3D%3D

170 B
188 B

57ms
57ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0MzUzMDQyMzk3OTgxMTM1NQ%3D%3D

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:47 GMT
X-Proxy-Origin: 217.138.196.104; 217.138.196.104; 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7b3e2e9e-a24e-4eb3-b0ee-3a6f249b7fd5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU0MzUzMDQyMzk3OTgxMTM1NQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AA59 12 KB
5 KB 152ms
58ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3571245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P%2Fat%2F5asLqY5a5VXjCdChiBycF6KMu8RDhnDA8yLulnjjHQJ9g1HISFD3gaQlVWsnRqd%2BF23yIeoJNidiS1WYUxs5DgsJgLNOCaLiJdV25oCf%2BA%2BTumkVO5%2FCfXNoq%2BSmAwSoo98%2FDQj4uAhZGaCMz1m"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 710e09d04a9823f7-ZRH
expires: Mon, 15 May 2023 11:47:47 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame AA59 12 KB
6 KB 167ms
112ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame AA59 27 KB
28 KB 229ms
103ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 16:51:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e175a16-6d58"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AA59 5 KB
6 KB 132ms
36ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=398&s=uZVGwO9KpKxmg0btZyUsch61

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d3fce3bfc73a6ea0b84ca2a1164990b0eeae97c638a6778cc51fb58afb50ba31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29017231
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5590
expires: Wed, 26 Apr 2023 08:08:19 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AA59 0
128 B 133ms
34ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=R78bUOdmFiJLxHA2KheVE2eLbSPBDyhWXUPrgUXpSK9XGXonHmWs8iEYBQev0N9XG_jWgxVkCQWoA1WHIP0w9dQdI4puPRPEkTRrE-KMIeHhT5GiCDhcKWW-yeqIqEatf37UqoOz9NPxZVLtjFzFrFKgL3nu6jA3tMJCF0_gBwcnrPioIg1kWYQOS1f8tFWkCr39U8yt275PYsSDQawswxQIL6F6zLuWOetv-ATeBd8hux5hmLoXIcthoRIeiAFMs7WfUw&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 11:47:47 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AA59 2 KB
1 KB 86ms
86ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AA59 2 KB
1 KB 85ms
85ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 5B0D 0
63 B 79ms
79ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 11:47:47 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1959 2 KB
1 KB 76ms
59ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4XYgAOWyIFKN-TAAupb_ljHR9KzraLJAPIyw&u=%7C5ZMWlKK%2B3Bia1B6%2FRcXTXLUvAWUCfCQ%2BCSRvP9f9oHE%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxkpc6-zjlPVPR7akiQ8WiPVSpIkn7p715cBdnfCoOkee9YGCdAUOoZNjEJ131GhWVZBvcmd03yjJGrBRMueomGpFfZRZQSFXWxH3Rn5HmfDDdlp7Ns2NExv863DdlB08uwQOqyj4GqHts_cg4S8wvPW81PIFiOG7R0Jiye-cE7-N_NlD-U1v9LcIRHT6OaEvFvFZytdBOom04kgDoDiaupq9_4YTyCkVJcSuu9BJ7I6emgUC0HhbkYm9Zr4_YKhX57CbG2ksIHw4QX7XnoCHPP0NlZRJ4ZUUeEcT8AW-GDStohZs1FKB4z89Fi_KlaVJdkjlnibwOJPSDFu-PAwtHcPhljq3xRT-MBzCGx_3ebsbHsLCR_2BpRkh5aZtJR1P4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM7RWYheOYqK2OZO_o9kP79KucOSP0rFct8DJx9kBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQI1-JBalAy1PqgDAaoEvQFP0EmdI6LMu55hXXsgN7dGmuV57s4TtKNZmUFECUGwf7Miygc3NhnhpTB0HZjnXx1xBvMt86SMLmxugJ0wuZp4f-Y56ZvQ2RrHzEZbFGYlapQ113hcj4b-RWEokZlPI6-1Z7vM4P1lIs6OMKSss9MONV-xhx2iMMtw_7vWZVPGJ5CoAmR6LEdX5rl9sEyM1FPls92fBE_OCwkfmE7RG6l-CwTfvbZbkOEG4VGEpAvuNkXHd74d-mcX0OGpzY-ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H4_8B9CHKGhd251_nbpmBzkVheA%26client%3Dca-pub-9735848914219258%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1959 2 KB
1 KB 76ms
60ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1959 308 B
636 B 64ms
63ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1959 293 B
621 B 111ms
111ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1959 43 B
347 B 38ms
37ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=CN9Zm8G9Gd7sANkL-fG0XY1weY_1MiDLYBVMnNFIvciWKYN994g3eWBJqmaeQAJQ6eBjeNi4ehXUidW4CbHEopomkx32DVKrCvlqkpgz9UKiKoLtM7bmRzpa5aLUZz7H7NHv3K9Udjn1hFVxNeQKhO03CoMyQtW2D4U1MXnLszhjkGW8Za_l368kJKkAxfaLp51_CynkbpeytR22PzYNPj9-TJ9yFgb4IEAXLvw653RlXEln23kjy8Ap_ytEgmyxiVHdR82HACU2LH-41g3SS3kwp9edA8VyoOlyfiXONk-MdVHB6cSvGiYn8nfU9m91baaGArJy3pPV22TpR6stVwBP9Foe0N6D02d8gq6IUrYZqtjAfa1ShG6b1vCMeVIou08OKK888MwOkWFaxrsi05YoRFTP-nPkEaMafTS5ONkmIaxG4RyAKBwGZ6cwlhB-Q8hHyA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:46 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3198458
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

i
ipds.adrta.com/ Frame 1959
Redirect Chain

https://adrta.com/i?cb=628e1761ed37afc880c4a176d5c1afa0&clid=co&paid=co&avid=2378&caid=307306&plid=11117111&publisherId=141477&kv1=1160X280&kv2=https://googleads.g.doubleclick.net/&kv3=d36b1949-4de...
https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGIBHAJMLMMLNKGJGNNLJHJML@FNLHKOOHKMIIHBLLJNKMMFGQFHJFIPEKOAGKJKKLPJLNFGKBGLNMJMFQJIKKJHLIKKJBILKHIOPGMPGHH@HBEBH&cb=628e1761ed37afc880c4a176d5c1afa0&clid=c...

43 B
211 B

323ms
105ms

Image
image/gif

2600:1f18:26d4:7e03:946e:138d:214b:806
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGIBHAJMLMMLNKGJGNNLJHJML@FNLHKOOHKMIIHBLLJNKMMFGQFHJFIPEKOAGKJKKLPJLNFGKBGLNMJMFQJIKKJHLIKKJBILKHIOPGMPGHH@HBEBH&cb=628e1761ed37afc880c4a176d5c1afa0&clid=co&paid=co&avid=2378&caid=307306&plid=11117111&publisherId=141477&kv1=1160X280&kv2=https://googleads.g.doubleclick.net/&kv3=d36b1949-4de7-4caf-9fd7-d4d6fab85a42&kv4=2001:ac8:21::&kv7=314&kv11=628e1761ed37afc880c4a176d5c1afa0&kv12=1129791&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yo4XYgAOWyIFKN-TAAupb_ljHR9KzraLJAPIyw&u=%7C5ZMWlKK%2B3Bia1B6%2FRcXTXLUvAWUCfCQ%2BCSRvP9f9oHE%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCjPcKo2Ky-sWbNgxUWC59wKvzFoJM6vPjRsEZEp4aXxkpc6-zjlPVPR7akiQ8WiPVSpIkn7p715cBdnfCoOkee9YGCdAUOoZNjEJ131GhWVZBvcmd03yjJGrBRMueomGpFfZRZQSFXWxH3Rn5HmfDDdlp7Ns2NExv863DdlB08uwQOqyj4GqHts_cg4S8wvPW81PIFiOG7R0Jiye-cE7-N_NlD-U1v9LcIRHT6OaEvFvFZytdBOom04kgDoDiaupq9_4YTyCkVJcSuu9BJ7I6emgUC0HhbkYm9Zr4_YKhX57CbG2ksIHw4QX7XnoCHPP0NlZRJ4ZUUeEcT8AW-GDStohZs1FKB4z89Fi_KlaVJdkjlnibwOJPSDFu-PAwtHcPhljq3xRT-MBzCGx_3ebsbHsLCR_2BpRkh5aZtJR1P4g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM7RWYheOYqK2OZO_o9kP79KucOSP0rFct8DJx9kBwI23ARABIABgu4aAgNAKggEXY2EtcHViLTk3MzU4NDg5MTQyMTkyNTigAb3UiOsDyAEJqQI1-JBalAy1PqgDAaoEvQFP0EmdI6LMu55hXXsgN7dGmuV57s4TtKNZmUFECUGwf7Miygc3NhnhpTB0HZjnXx1xBvMt86SMLmxugJ0wuZp4f-Y56ZvQ2RrHzEZbFGYlapQ113hcj4b-RWEokZlPI6-1Z7vM4P1lIs6OMKSss9MONV-xhx2iMMtw_7vWZVPGJ5CoAmR6LEdX5rl9sEyM1FPls92fBE_OCwkfmE7RG6l-CwTfvbZbkOEG4VGEpAvuNkXHd74d-mcX0OGpzY-ABt3v6e_g0oafpgGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2H4_8B9CHKGhd251_nbpmBzkVheA%26client%3Dca-pub-9735848914219258%26adurl%3D
Protocol: H2
Server: 2600:1f18:26d4:7e03:946e:138d:214b:806 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:48 GMT
cache-control: no-cache
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-type: image/gif
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://ipds.adrta.com/i?__x=HFLFHHOFGOKCIGIBHAJMLMMLNKGJGNNLJHJML@FNLHKOOHKMIIHBLLJNKMMFGQFHJFIPEKOAGKJKKLPJLNFGKBGLNMJMFQJIKKJHLIKKJBILKHIOPGMPGHH@HBEBH&cb=628e1761ed37afc880c4a176d5c1afa0&clid=co&paid=co&avid=2378&caid=307306&plid=11117111&publisherId=141477&kv1=1160X280&kv2=https://googleads.g.doubleclick.net/&kv3=d36b1949-4de7-4caf-9fd7-d4d6fab85a42&kv4=2001:ac8:21::&kv7=314&kv11=628e1761ed37afc880c4a176d5c1afa0&kv12=1129791&kv19=&kv27=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/99.0.4844.51%20Safari/537.36&kv24=Windows_Web
date: Wed, 25 May 2022 11:47:48 GMT
server: Apache/2.4.46 (Amazon) OpenSSL/1.0.2k-fips
content-length: 0

GET
H2 200 main.gr.19.8.309.js Show response
static.adsafeprotected.com/ Frame 3526 191 KB
61 KB 147ms
45ms Script
application/javascript 2600:9000:2156:2a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.309.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/991453/61640716/skeleton.js?ias_dspID=3&ias_campId=27074181&ias_pubId=pub-9735848914219258&ias_chanId=1&ias_placementId=16471451744&bidurl=https://gumoreska.in.ua/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gTkJ62OqdLJzqN6UsJ2dJh
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 19 May 2022 07:18:23 GMT
content-encoding: gzip
age: 534564
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 05 May 2022 17:31:51 GMT
server: AmazonS3
etag: W/"25d0c2239b60642eaeddad303e621bd4"
vary: Accept-Encoding
x-amz-version-id: mjEd7PtHn1L574wGfHZ2vjRyhTR.v7IU
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: RvmYdx0PjXLjuwkWVgchhj0ctnmAaQwka1oRJFwu_F-7AUBFgwzZDw==

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62050916/20220317062459771/ Frame 4E8C 75 KB
20 KB 52ms
51ms Document
text/html 142.250.186.70
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62050916/20220317062459771/index.html?e=69&leftOffset=0&topOffset=0&c=utM3WiLWuV&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

6f6bcfa894cf2bbefe87309b0ae3adff05ee391cfccbb2da5d68c594274ce332

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 20793
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:47 GMT
expires: Thu, 26 May 2022 11:47:47 GMT
last-modified: Thu, 17 Mar 2022 13:24:59 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3526 0
27 B 171ms
82ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumQiToUyW0qOmZwxepTtVWvlhqaQE9t49Rg0G7xAblSKOVeT1_MHeBiPu20_POdAhtE-fLVybWaosXdkx4z0PjIr_gMqKsqSwMiFixGUAtk6QOx-0-FKno3uDgYT6QlkLCE_qpRFp7gNkZw2wCOdmLBdVqrQvrGkWQK3OuXVjYoToNChvv7XJe6_prpny2ZRKD_5wEjzwNb8H_HL7JWOI3sn6VfEHxlx-K8MGxJWG7jxLzRrHMRfoGJyG-omxf-ZXYojU8W3ndEHecAWFbF10Yn_ogYsx6tJJ-FdmX_oU9ANAWYwIW1u2TQHv_uKiY6vGaRr_FLdcpXVqXx5zIyPnxdIlv_lpo9OfBxTKX4_uxtr3YUnKhXCge1OCNNSwR9PUBOoOrs_JXSWG_VSG_eyQKF9x5R4MHBPWoEsQMtssWmq9H44SYQDZ9QiqBBTStG0bswWdSTwrqFUGG_Pubvevee6HvzGy8qUgZWyQhTCvYMWTZ8H-b-0GO6FcViLPAkFyNXBC0FqTEQO7TKfMPzUhHXmqEWpZdrjiVkTG7OEbqkMnXWKorHeXcMct5Zj1fVMmTCrFxbW4Gt3HD5yZEjV2LCHaq-xYfXwWAsy93AD6cmb4XCDU0tfesjNyLJPMDtvZkaUeweEzpzK2XdHqQBJCVolKeGvIOLiEVrGuFLPLw5gOT1ryK0NPouuY8U8x0BMF0s6XrqDilvleglx96pNGbB4OG7zYNjrZiupa1eJwi0WMIiQViJ8b-SK5Ou4IpXquGCX1pjRGmu7uAF3PmlK54XjJKqLL3IaafySjiYI5bg8NaTnsNKUvQY7y2YOmk3BFihTcMKhdCEuk9cfy0Ue4zYZGkdYxhn7JyEaNjKBw5WaeyMFB1KVYgyRwj8Tk2c5mweinK46FwCD7QUPuzmzBOaMVKISb5Albyh1c3RZ6EwQs2n1e-vIILVSS2Ks0bbTy7m0XJc0niZrlMA6x9OSLvgwPTa0LAcACNFz1rE7i_C8GDD5rr_ZHGLGiYGRHiln3SB8GBNazoIMlIY1WPGqCHJHMSDJoMnFBqzyqbPHdiztMVGCeIvCJqLlMm-onDFwsmU5QfV6R3Kn9n27t-SDtW0BtL3BMHwOqZa4qXzErys_0J-rE0vi0L4Xf5cxvUS9YmayPsfMC963HMn7siKSHNQLg&sai=AMfl-YSjFYEDEDQSv160qCrmYPjvjLGJKuLNPf-8QGQlrS1zUi9C-YFcuxaNEysSrTlCmK2cEfRDCRQIHjrOTFxfLGc4Y56cBxh6WR3lrPzo-ZgXQnmenrk-0cltsFsENbA6t1A_&sig=Cg0ArKJSzAsU3hDThlPiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=284&cbvp=1&cstd=278&cisv=r20220523.78803&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 25 May 2022 11:47:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5F3A 22 KB
8 KB 43ms
43ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 20490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:06:17 GMT
expires: Thu, 25 May 2023 06:06:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CBF9 22 KB
8 KB 42ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 20490
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:06:17 GMT
expires: Thu, 25 May 2023 06:06:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5B0D 216 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b70dc4acfeccca51f2a9d3602ba753ad2583cbc79518982a0a31d92f701c16c

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 970x250_atlas_NP_.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/ Frame CF7D 153 KB
153 KB 46ms
42ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16661089946031320726/970x250_atlas_NP_.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=280&slotname=8258600178&adk=1934161925&adf=3390593775&pi=t.ma~as.8258600178&w=808&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=808x280&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=382&idt=315&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3559&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=SABFQp6mLk&p=https%3A//gumoreska.in.ua&dtd=318

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50d7c75e56650fe19ab4c2c193bb14f99785c7d2dafe43316f9283b773e8fb8e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 159792
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 156771
x-xss-protection: 0
last-modified: Fri, 13 May 2022 14:54:17 GMT
server: sffe
date: Mon, 23 May 2022 15:24:35 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 May 2023 15:24:35 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1959 12 KB
5 KB 57ms
49ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3571245
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7mx4zvGXzTCd%2Bfbg%2BHROigm4rqBw4VwpqGPq9O4qzqrLfY939WWNpM3Mq5XZMSpREd4NTLZMpVHM5k35Xp5rWBkhMtY6k2bELj413bCd3S8ZPk6YwRWN3VTQIcSl5rakyKVGuzQ%2B7Me5WOUbYlzsiK%2BP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 710e09d08b2123f7-ZRH
expires: Mon, 15 May 2023 11:47:47 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1959 12 KB
6 KB 69ms
64ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame 1959 27 KB
28 KB 125ms
123ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Thu, 09 Jan 2020 16:51:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e175a16-6d58"
strict-transport-security: max-age=31536000; preload;
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1959 7 KB
7 KB 35ms
35ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

dc08e684f06e2f566c9db513023cfddd5809a3cb6467f9575704a8fdac9e1991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29017231
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7284
expires: Wed, 26 Apr 2023 08:08:19 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1959 0
127 B 35ms
35ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=FHlZ6udmFiJLxHA2g5TylQ4BewVH3YwGoW75oHv_8s_HM850DYubSBUskxb-U2PYrlhH88S-C41QFI10nNayEjsbUiU8jR1mXSKk2aPidw9VXPJ4-5vzK6hXgVWhTjqbZHWQdh-mGZsGIEiC2BMgyJsPueYds6mb58_CMf1fyZutYP3cr00pMk68cH5P2cUOfb0JPVvWeZkD8PCdwHZCF3tLKotRNnrllNDnKdakeuntOqOrxgURI9SLguWbB8SC7CeIng&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 11:47:47 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1959 2 KB
1 KB 57ms
57ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1959 2 KB
1 KB 59ms
59ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:47 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 20 May 2023 11:47:47 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 4E8C 118 KB
40 KB 41ms
40ms Script
text/javascript 142.250.186.70
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62050916/20220317062459771/index.html?e=69&leftOffset=0&topOffset=0&c=utM3WiLWuV&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62050916/20220317062459771/index.html?e=69&leftOffset=0&topOffset=0&c=utM3WiLWuV&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 09:38:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7733
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 26 May 2022 09:38:54 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame CF7D 35 KB
13 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 10:08:56 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 5F3A 35 KB
13 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 10:08:56 GMT

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame CBF9 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5932
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 10:08:56 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 3526
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/991453/61640716/skeleton.js?ias_dspID=3&ias_campId=27074181&ias_pubId=pub-9735848914219258&ias_chanId=1&ias_placementId=16471451744&bidurl=https://gumoreska.in...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

40ms
40ms

Script
application/javascript

2600:9000:2156:2a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Server: 2600:9000:2156:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
age: 8545785
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: O543ZSjBi0ryet4syEkc5q-hgAemvDQwQZwZ33XN_qNl3NtoD_QvSQ==

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:48 GMT
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame E33E 80 KB
21 KB 45ms
44ms Script
application/javascript 2600:9000:2156:2a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:2a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 16 May 2022 08:34:34 GMT
content-encoding: gzip
age: 789195
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: lymkfOCWNbmMDKenpoZgwP8ITB5cSve4Mk-T3C0MLNeV2UCvjNZ0lg==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3526 43 B
216 B 541ms
174ms Image
image/gif 44.231.35.126
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=8a998bc6-dcd9-05c3-4d8b-b3aea20e2e45&tv=%7Bc:dCRSpS,pingTime:-3,time:334,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:282%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:334,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B61~0%5D,as:%5B61~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t6Quv6C+11%7C12%7C131%7C141%7C1511%7C1512%7C161*.991453-61640716%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,rmeas:1,rend:0,renddet:na%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.35.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-35-126.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:48 GMT
x-server-name: dt08.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3526 43 B
215 B 540ms
175ms Image
image/gif 44.231.35.126
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=8a998bc6-dcd9-05c3-4d8b-b3aea20e2e45&tv=%7Bc:dCRSpT,pingTime:-6,time:335,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:335,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B63~0%5D,as:%5B63~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t6Quv6C+11%7C12%7C131%7C141%7C1511%7C1512%7C161*.991453-61640716%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,rmeas:1,rend:0,renddet:na%7D&tpiLookup=ao:gumoreska.in.ua*%2Cgoogleads.g.doubleclick.net*&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.35.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-35-126.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:48 GMT
x-server-name: dt05.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3526 43 B
215 B 431ms
175ms Image
image/gif 44.231.35.126
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=991453&asId=8a998bc6-dcd9-05c3-4d8b-b3aea20e2e45&tv=%7Bc:dCRSrF,pingTime:-2,time:445,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:403,beZ:404,mfA:673,cmA:674,inA:675,inZ:677,prA:677,prZ:682,si:686,poA:687,poZ:699,cmZ:699,mfZ:699,loA:739,loZ:741,ltA:848,ltZ:848%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:282%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:445,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:282,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B172~0%5D,as:%5B172~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t6Quv6C+11%7C12%7C131%7C141%7C1511%7C1512%7C161*.991453-61640716%7C1611%7C1612%7C1613%7C1711%7C1712,idMap:161*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,sinceFw:161,readyFired:true%7D&br=c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.231.35.126 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-231-35-126.us-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:48 GMT
x-server-name: dt01.or.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3526 0
26 B 80ms
80ms Ping
image/gif 142.250.185.66
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsumQiToUyW0qOmZwxepTtVWvlhqaQE9t49Rg0G7xAblSKOVeT1_MHeBiPu20_POdAhtE-fLVybWaosXdkx4z0PjIr_gMqKsqSwMiFixGUAtk6QOx-0-FKno3uDgYT6QlkLCE_qpRFp7gNkZw2wCOdmLBdVqrQvrGkWQK3OuXVjYoToNChvv7XJe6_prpny2ZRKD_5wEjzwNb8H_HL7JWOI3sn6VfEHxlx-K8MGxJWG7jxLzRrHMRfoGJyG-omxf-ZXYojU8W3ndEHecAWFbF10Yn_ogYsx6tJJ-FdmX_oU9ANAWYwIW1u2TQHv_uKiY6vGaRr_FLdcpXVqXx5zIyPnxdIlv_lpo9OfBxTKX4_uxtr3YUnKhXCge1OCNNSwR9PUBOoOrs_JXSWG_VSG_eyQKF9x5R4MHBPWoEsQMtssWmq9H44SYQDZ9QiqBBTStG0bswWdSTwrqFUGG_Pubvevee6HvzGy8qUgZWyQhTCvYMWTZ8H-b-0GO6FcViLPAkFyNXBC0FqTEQO7TKfMPzUhHXmqEWpZdrjiVkTG7OEbqkMnXWKorHeXcMct5Zj1fVMmTCrFxbW4Gt3HD5yZEjV2LCHaq-xYfXwWAsy93AD6cmb4XCDU0tfesjNyLJPMDtvZkaUeweEzpzK2XdHqQBJCVolKeGvIOLiEVrGuFLPLw5gOT1ryK0NPouuY8U8x0BMF0s6XrqDilvleglx96pNGbB4OG7zYNjrZiupa1eJwi0WMIiQViJ8b-SK5Ou4IpXquGCX1pjRGmu7uAF3PmlK54XjJKqLL3IaafySjiYI5bg8NaTnsNKUvQY7y2YOmk3BFihTcMKhdCEuk9cfy0Ue4zYZGkdYxhn7JyEaNjKBw5WaeyMFB1KVYgyRwj8Tk2c5mweinK46FwCD7QUPuzmzBOaMVKISb5Albyh1c3RZ6EwQs2n1e-vIILVSS2Ks0bbTy7m0XJc0niZrlMA6x9OSLvgwPTa0LAcACNFz1rE7i_C8GDD5rr_ZHGLGiYGRHiln3SB8GBNazoIMlIY1WPGqCHJHMSDJoMnFBqzyqbPHdiztMVGCeIvCJqLlMm-onDFwsmU5QfV6R3Kn9n27t-SDtW0BtL3BMHwOqZa4qXzErys_0J-rE0vi0L4Xf5cxvUS9YmayPsfMC963HMn7siKSHNQLg&sai=AMfl-YSjFYEDEDQSv160qCrmYPjvjLGJKuLNPf-8QGQlrS1zUi9C-YFcuxaNEysSrTlCmK2cEfRDCRQIHjrOTFxfLGc4Y56cBxh6WR3lrPzo-ZgXQnmenrk-0cltsFsENbA6t1A_&sig=Cg0ArKJSzAsU3hDThlPiEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=694&vt=11&dtpt=410&dett=3&cstd=278&cisv=r20220523.78803&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 11:47:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E8C 7 KB
5 KB 134ms
52ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c816753c8f4f85ce3bb7fc3ce90697b49b057f8d2aa2ecf996e97ce42ef8a90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 11:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5514
x-xss-protection: 0

GET
H3 200 sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4E8C 17 KB
0 55ms
54ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 11:47:48 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F0E9 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstaA1uc6TVrmPwneUCIdyDHkAeN8TycgBuNV52rkxCJe17UaaSkPKeVI6KYH_2MUfSd9qDQy3CjhzBKCUMRmNETsQ&sig=Cg0ArKJSzCJKjY1NmjZMEAE&id=lidar2&mcvt=1388&p=0,0,280,1160&mtos=1388,1388,1388,1388,1388&tos=1388,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2334401640&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653479266777&rpt=828&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 23EB 42 B
64 B 73ms
73ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkpWy7ISespaSPbVafj7Gglqyi-1FEBnpbeiYlPR7sR_VU2d6leVDR6_dlAx2bZSrQP5jENNshlAzyF1zjJpe8MQ&sig=Cg0ArKJSzFtEdXRPZenlEAE&id=lidar2&mcvt=1306&p=0,0,280,808&mtos=1306,1306,1306,1306,1306&tos=1306,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=293745757&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653479266816&rpt=853&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AA59 0
127 B 36ms
35ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 11:47:48 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 1959 0
127 B 206ms
206ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 25 May 2022 11:47:49 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 3526 0
0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 326B 25 KB
11 KB 503ms
503ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/wp-content/cache/wpfc-minified/edgwxfxv/kn0c.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cac42920a6040ee2ff4ea7aad8253600fbf109888ebcadb44ffbbfd96fcda0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 11411
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:49 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 55ms
55ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220523&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c313b6531aa16e18ee7a3eeab679208deba15ef76f5c44d4db225f4f52ec5c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 May 2022 11:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10705
x-xss-protection: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5B0D 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1MR6n5w4W6oKpQM4EkLMz9hov3I-kDY491-ieunadBXy84G77CofIPAmgn0M_hfkvwWkEdpNgAHNyQqbV4xKWBWUOykCgDYKS-2mobFITLiBmgA_NRai1Gxl5&sai=AMfl-YRDdXAQaYmA-1SPqpe6SOAVo-JvN8owXTxnnP43B2Q9c2eS9BiEgusIgs7DUop0MnyE_GPxpOxPxJLR&sig=Cg0ArKJSzJu7J82IidawEAE&cid=CAASBORo30s&id=lidar2&mcvt=1152&p=0,0,90,728&mtos=469,1152,1152,1152,1152&tos=469,683,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653479267637&rpt=515&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F3A 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BHmu_YheOYoShNpbZtwev0LX4BgAAAAA4AeAEAg&bg=!JySlJGDNAAZ4vKt9WLw7ACkAdvg8WgdK1d_Vs-kY5lutwGBDLrU121oxxTwNjyRKDMJB7odvM5C6wQIAAAOXUgAAAAJoAQeZAu9Hn5nZ3FcuD5Th5pqIc7heTfSa6hSIcrS3rcQ2t59S0wxCyCkON5En27jgOjHWSbAkw_kV1b2hDDOX7B6ajCDk_f1dtwH0tzXplFzsEwROzcb1RhVNXmC20jB_9vS-Gdo7DalrvtOPHkhZH3x5ydt7N-VMxxqIAumYIkSh3254jzcWi6xqqqAA_J3JXiJtDfYTl9NhR-aMNQQpKu2Zq3UCM8nUA0w5qH3pTkHqIZ_tirHktgD2JOiL9AJL5Wp-1EtmMGCvd06Ix1nY-agxrbVB1c6JBGaMz0uJ0hilklk-ByR6Sj_TR1tbbJ0WSeJLjpqayqcBb_SW60S2DncAgWNoibSxKaE2lT2mBkLuX9Q2GvRExXYo_IkWv_ehT4R4lgRfXLz1J6I1LB-DTJfMVUn0x736Ci-t-ZnVB10QKKiziy-smHl-WIZdpiDSfMQcatVkYdDirNH3jP5HhRNURCAgkXghEUMezDzvWrVWn7R0Fp02DwBqMhsx7yhCK-Pt0tPRE4uKDy8jd86Qgnm5D4lpSEr-6wC3OL8Pe4ivg7TVlf3F08ok6qN1zHRJ52Lu4ujYwb8ZWj2yPMm0gCHokv4xXmQ7zA1iKR4h6HJeKq0CSz7TRCSj_1eSJR7YnOJX9HVL2juM_zoRKV4gN-v7Ki7Bryy8V6MqQQSVYOM3ii_xUVkEoXZyGmI6yN7Kc2YAMosWQDWw5j6jyfkw92YJ1kI8AmuOME2q-mNpXJ0hbShPAdHfghvEzNEoJ1_orVyW3x4K6hBQ6_13qP4X_QW7KnRv1YpMCOIs02xaFQ0DBnmjQzrzSe9DNKJT90szXBuA313FMJo4bHlontxfKgO-DBHsEn9W3P-0nVhrHF2B14t8ArdkUNee4b-WofQ8iRXh_Y_iZQzOGXph6d5T2djG8TyFl85BY8B8cEArdV1aQI1nN20ObranPJWEZEzXf73exCRB_qeLUECB0cfBJub2GgOpkVwJictQg6suptS98h8N

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 11:47:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6EA2 13 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 2241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:10:28 GMT
expires: Thu, 25 May 2023 11:10:28 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CB36 783 B
533 B 139ms
50ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eefae6cd9c7c4ae0d3334aaf4e23f9a4be901e074d21835f29d5ce2727569f94

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DrvTcmEEUk-6Bqesydss6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gumoreska.in.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-DrvTcmEEUk-6Bqesydss6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:49 GMT
expires: Wed, 25 May 2022 11:47:49 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6EA2 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 10:08:56 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CB36 0
0 81ms
81ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220523&jk=1002224364046702&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6EA2 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?H8P3lA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0316 640 B
316 B 52ms
51ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLnVksABMAE&v=APEucNVZx9FeT9WaHcxOtiGXS1gDNZB1qXKNUcPHCs_FyRI-8kqKHw7aPRGO5IIzqJDxCGc4ViyoAyiXkt9BWkR6Yg2X0qglRtTU_9z-9vWEPcnO_RpAo-F8WIl-nBkGej5_CdfNDXXc4mUhv_F0Saa4P1t208NkwI0EXeJ4-9rv1-MFvoGjCjM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 11:47:50 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6EA5 27 KB
16 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqP1Ut2mSyGgfwfDLoMegcBF94UG7Y1ygwmfzgnZ93w-DqTy2o7YU6zM7eObETxCaTBgAH0xcmlOqlIDab6RXRGIiDSIzJUj3DajsYdhowI7ACjrTT2QeAQ5tD8aj6ylUQeyW3p7YAAxftikq8neqcdYVjCw&cry=1&dbm_d=AKAmf-C88LZ6lQ3lrveDTQzxwFJnU8QzEsy8ZGszSFlykDeiQRSaXPB79BxXL_A5Alv00JhPqtHImkh_p_9sFM05IRsBx-mR5qZGPPQ3D1FsPUcTjDoLM0IMyoonkTFoUKfQu3wKNqRrgmBRVvVXMBqohkBt76awkJ397isSChgY7X5oSgcW7FnY429dCxMswiqOFbpI_5GyMvzOfqxsTaDzxWGHYM2TG8rtUnhY3Bt7Cvseyp1gzbeLZ47b5tgNF8wtuMJoA10BVtuwsRLDWN4QCI3xMcUBwx25kBW2VT3TwblF2J1dJ5tLXrCB5xRiJ3IPiAL1GXmPoKzgvdmDL25sWOpmP5F4FI1lyNjPXTnQ623G2NHOchqsn8UWquY__9F5fduepuOeX1zSUAni7aZkwHdJNfIFGjIYQojCk_nS0pP0Iywqe6wXh1TYb1YmZRWcpgZ4Vy7DgZuZVhJGRBELmBWElv84YIG0k3-x-EVjhYXAgk8gQYm2sjxvJTyt8N77iZGpn7y3OHhcNoIHAnQRQ-BygtFF79b8Kg9O1Jl1F4OG3BbKERAhaW-06Q3VyJBNYCcFwwIr9q64kQkBUqU0T1GMCOwyfVzsOalv9CtT2z1wpYeFnObifxfoB4Ay5o7jL2X6HoSasAeICVb34yn0UKfKmFp9Lu01O5SrVNlPxd1Dk7rRfct83NP_pQJ23xJFITCrlFWI6etC-0aWlh2vE8xxv6DMxSns70unmkjKjry-mPgnp_EJDmzN9c5jeBUbcLO9hKj_R6InSOzA2sQplGiTpq1eF_KMWWzqHORqv627C8voC5mmWxSdV-cw-7ZqxvALSsTYjMRfLWwX9BbHTnyoW_wz7Tz4Wg6Nk-9euhannJ1hFO-x2qqRW_apdeSM9_Gln4S9DpPUWH-4xcCxbpcOgvoI5QL75WnokJiWdv1vDnKtcMOW8e5-N2Pv1hnnw8mHDzbtuzpxo7JWrDyywdLSXKYLYceX23Y_o4t5RyB5yX5-p9aR5rmV--LJ3kOof1E_BdmThs3XfdB3WxTzkSOV0P-_71rJgBU9Dh9O7Wf3ZTpZy7P3vnINLa9hnfSmDBeQiq7p96uMQ5cFJVZch--xefyHtLw1P0gSve8OoEi-ZNTsGmH4AkxezoiuJLG_KwgdLXjX-TEVnY53krMS8gGQJhe8XEhicJpTerIYTHQZDpEIvuC8eOFOfKIeQxIBIYsVbrHSPJrT1_FrafhStR7I1zrmyshaUDoNK_zadcG4aDCQzkO4aUUVxDJNPCJmo4XPVyrcndOGj7L96y06vHH0ObcvRNcCoNUBXOfCuybQavuWsfSc9nO-C2gyibNHRPYnm415s23bh4CTmMGzFYoUoram-jRTn0tmlqcutjNe6HSKHBZf23ykJhpl-NhbB7QwM6hLFtoxDHmcsAYj2ezfp6eiJTKZMF-M-8goaxm8ZkXfdRFuAfyTdW0hdmfoEJag-b7nhR3xlNNUS-90uRIoHGvTwUhQtoZv1_Peh4ZGneaqtkgEvKvEBvDHog_qG-JwwWJH0qFnwSAkORVVN1zC_CUGJ1rvK1wvMZVa9gbGrbSWrut3jImHceMBu1dOgOqV0PZX8PfZnP-i2MNZyYU9iJ1z8hCMPBKmGk1JqitbnASjqJa0oXcs_-RBLPwfSsIv32OewBl022IET8o5UTzELAy6lNs0XUOnm-SY6NaB6yjpEI3JJ-b5vyuXsK9X5y83na7y3lt-zLL35FeLXWK4UUTaMSQlNwsSYf5DAL75PtKcVdMeYNDUTGNTjc0l80YLwZozr2k6AQtqMHw1gC6Cl_bwZiy9q2VSCBbSdlFg36CPL4bFLVUWjVNhRdTWuzDA-xs8bkDriN43ekEw0qN9mZp4GpYujkmFkEam--deOlJlOXkIBfQkMDu5NAClUgLSglbOTxQj563sHE7erZwRJwjVcEu-zWtBqykyxWeij0wGNSPvgVqhAPw64ZuemWi_TcSRcYfNyqlZUx_71_n2-5ZN12YIxu6Sw3s_oQpLJiwxUj0VgQy00C_t3mVd0E9A52Ct0rcUp1CGjBiLxvFRZ8m8LCtUhGM0EbzSIm_f6v8CqAJQrvqCta0Seipu9Weod94ZRH_QEnB07vw7Vo2Xbcbw_XMjIho3PWFMPAzbAHOy77dFrhQGJprZKxlTYoHyRfHTk0JO6_BpwKqzrwHPSENNFM85xD9zxdJYwo9pSi2LjECyu_kyF5OPweE_pri_HHdeSsSEn3Icp92JKk4Y4fJcixsmz5-ZzEjoTYQDXLd2BjtMLXB4R381gstO-tjLtp_GnSVwSlsR8t1Y6n0oG8XbnRMsxOfnvuujNAyioYAmMUirerN8OrwQCJML-8xwqnXJIej0ABNaClhdYzfu-BVBINwKWiXFsy9sG4cxgkGpIpEtYFkvYSws6vyj2deSo6yVWInQv5R_r-yA8d8LBqJZy-AScx19us83ZiCoha2f_e7u7Ts9ZDj-HIawRmluv3b2dAB5em1DZMvorZl-fmiznisUr_7DqapDKVjO7eANSZqvXIiy6IcJNhi64ZnfrJJHhKbrowyIHD-UP-vLeQPoj0Mq6yZq1SM7qwhv4OaQ0v3fqkiaj_iZlB-oxhS-bo-sY6AkMT3rwoGCLOwc9QV2ZxnS6XAjCHNY8br5-brv7r_BTijviFJgq4dQtB6MCjf_i3bsEbD5xoY9raVZPubiDsacpwgeOP8ysAm7oVkE3Xh04i0ZZHh53mluGjrQOIavfiHEWCXMzCKsVa0i1Xua9H4ay0hNDoFUIbYjX-8i_d5gcMPiBZ3qhuP4FjZTW7EuD8xeRXXOVxH7NoueOckWt_sl1l4MvX8KrSshFXcTxutpGOD7SI6g7nCDVaoEKTzHmSQbuwEPSfJjeqv3K4gaTKSgSEf6FMbU77gBm34JufGoTWqhIpy9Npjupp87eSs8ArgumUXvkJhIRPlnMfcJEJ6Z11VvfkC2AmXht4DFxxjGWcF1nuJcdxikWT8pGrt525mCYs2XOVkcO_Fy4kvOqhsdieOn3EGlglA-5b1Np6y9-rF_5lYcyPyUwaickod_VUlh3KpQJxeXN9J1iQ5yd1TEErC9VycwmgKfibEUqjN1FxNGucq8COEbF0S70yJIz43_rryRCvWxv06lcuR35SKuVK7oSdARzJHee3x67l_4zf8MO6sTf9hjqqV8oMesHOe7dei14XYDAaM2jhDSECDkf_iHhWnMiBk4_8Bcp74axA9T-ZivCtIgLyRERJ5bgX_dTYjpiwBElfH3js1JsTD-bGqGN82VrySGOoxjnQjh4xAdJCSgylNME0XhezY0jli0XH1mhQM8s86R0SX_yG6ZqxbbWo6NCxig3Ij-AWyR4l86nQAC8Vu0OVgcrvpvMYooANJaIgSBfF1sIB0a_pC33-IntdrkCWALuMgfrpfoNbikXJOOhBdpgJ0gy1uO9gpzShnQ303l9-C0CZLT5cbWonY-BfSWsgBGali_uwqGTWxTOBnwIjUGtjH_JlTq&cid=CAASFeRoMZS8pMTep8fLa86zNeNvebQRuw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240

Requested by

Host: gumoreska.in.ua
URL: https://gumoreska.in.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5421f7f64c31711561c2c1bc40911d6678142ef89997b8cc45ef8edba4d0a3cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16549
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 6EA5 15 KB
6 KB 156ms
43ms Script
text/html 3.122.23.61
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCY6kwZReOYtTnFIqitwfm55ngBY6e3_Vn5c3l65wPv4Lgir8uEAEgpa-Hb2C7hoCA0ArIAQmoAwGqBOsBT9BgXLOzOMMSXad1bUILRUDlOS940MexNA2z2EfBRvm7q-crHEm7CRfp9uGe3n6vDmkbbp2ivvu6Fwty6ezGDa5f2AaQmPHmSAIhKCq7lBZaF00mRArlyI0DXdWRn9S6VsHaC_CMMpPKjjr4BSM4KE6SENHY2ikzZFE9cowP9OEXhTbTA878xg5G8Vq3uigZjspY1kl3zIgeV8Fe7Vu7EmIpjyvz6IOJhvGdhZUoo3OtdRHQEx8NJ5JDA4-me4YFHUOkOmy3ts5jym7sZeX1Uyp_QP9sX93GUpvDVJS3jq7IQsHLx1q1_FvRNsAErtr20OgD4AQDkAYBoAZNgAe87vraAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbAT2_GYD9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoMZS8pMTep8fLa86zNeNvebQRuw%26sig%3DAOD64_0oiC1ph8q1szizbVnFnjmiI6y9iQ%26client%3Dca-pub-9735848914219258%26dbm_c%3DAKAmf-BMWMECl_MEr7ocxE8FSksJLBZ0wBNLKnrZw4FJDzGRtU7WHYA6SQLHkalV9gNxd1LxkS4hbtxw9X54XT6b3Z5dfIPJiVzwSPAKECF9dcoDbR9newb75KtnHxNaiRhH2alhUPkB6urRMAxKwKj9ufN6jiZGfQ%26cry%3D1%26dbm_d%3DAKAmf-AzSdTFvHbfbh2ptY2p0lThGTXdP8mtRn0w2DWRlvRzoH7CPMnBEwHnOe9Yu0k5dhYO3PlZJlXz86kJfbYI-s7cWS28cOUKOPqeELRl1e9kKJiHEWBuyDIg5JmIqQQ6Np9cGAhnoYqcLAvzuE-X424RF2c5cZoGNPfZGCoo8rpe9_r_U0mlfm3UlHL5Gm4moE-t9sMMLgIbrazbAssmK-nAJkUhG6AzpX-Y0BQbMCz2v4vdGSWuNPZI9g2hDGEw3R_R22aDVB2E5aQRgNgbv0g1klizDLswme_sgrOjqEpsr7KsJ1XPDuNm2CT3oFSXYfneObNmaah2k4wK9jkiai5qa-i-FEvW98Kw8GInEes31aZ9WQUTgVhE4asiw9-WAXyh8Nxs3sEQ5YExCjAHW0k9H8gIcE3B-YL6QM5hymD180cj7-iu2X59Vw2cBrDCulmtJus93HlqguQfMbuSe3V7xmtckA%26adurl%3D$$&c=28&cn=display&pli=1077553952&gdpr=&gdpr_consent=&w=300&h=250&ord=[timestamp]&ifrm=1&pcp=$$ABAjH0iZ5iCADhBVz_BX0iR1sMcK$$&z=10000
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.23.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-23-61.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2782e6af138d04dd45074527007f37557061f7fb9702449772aaf69e26276184

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
content-encoding: gzip
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: *
cache-control: no-cache, no-store
content-type: text/html; charset=UTF-8
content-length: 5840
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 6EA5 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:37:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 638
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:37:12 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EA5 136 KB
42 KB 52ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42522
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653305577626270"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 25 May 2022 11:47:50 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/ Frame 6EA5 17 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220523/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:44:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 172
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7308
x-xss-protection: 0
server: cafe
etag: 5721884612586531857
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:44:58 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6EA5 0
0 48ms
48ms Image
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQagvfRSoydkH4BlMYyshu05KpqhdYwRJF4do2ZWyvzSh0ghX6eV41mr9ZeH-XAmOlFPEtPZG1MffcKY1-Y1FAHpW7E1A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6EA5 42 B
63 B 72ms
72ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DwQ0uamAUwOmbpnOfZoquZt6zD534S1kn5_dAVCPAAnuMXU0zMxVRDhe3i89YwjERvMGjiWWMhRqlvRRUtVJkst7vyrSJHYAqmG4VPmhBCbTRPRnQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 0316
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAoLQQAxEoJ6c_GH1C_RHLQ&google_cver=1

43 B
275 B

40ms
34ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAoLQQAxEoJ6c_GH1C_RHLQ&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLnVksABMAE&v=APEucNVZx9FeT9WaHcxOtiGXS1gDNZB1qXKNUcPHCs_FyRI-8kqKHw7aPRGO5IIzqJDxCGc4ViyoAyiXkt9BWkR6Yg2X0qglRtTU_9z-9vWEPcnO_RpAo-F8WIl-nBkGej5_CdfNDXXc4mUhv_F0Saa4P1t208NkwI0EXeJ4-9rv1-MFvoGjCjM
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
via: 1.1 google
server: OXGW/1a2bd40
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAoLQQAxEoJ6c_GH1C_RHLQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 0316 43 B
145 B 101ms
35ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLnVksABMAE&v=APEucNVZx9FeT9WaHcxOtiGXS1gDNZB1qXKNUcPHCs_FyRI-8kqKHw7aPRGO5IIzqJDxCGc4ViyoAyiXkt9BWkR6Yg2X0qglRtTU_9z-9vWEPcnO_RpAo-F8WIl-nBkGej5_CdfNDXXc4mUhv_F0Saa4P1t208NkwI0EXeJ4-9rv1-MFvoGjCjM
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/1a2bd40 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
content-encoding: gzip
server: OXGW/1a2bd40
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 0316
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMoS-XgdW1eBcXNQbPowDS8&google_cver=1

23 B
172 B

167ms
71ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMoS-XgdW1eBcXNQbPowDS8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLnVksABMAE&v=APEucNVZx9FeT9WaHcxOtiGXS1gDNZB1qXKNUcPHCs_FyRI-8kqKHw7aPRGO5IIzqJDxCGc4ViyoAyiXkt9BWkR6Yg2X0qglRtTU_9z-9vWEPcnO_RpAo-F8WIl-nBkGej5_CdfNDXXc4mUhv_F0Saa4P1t208NkwI0EXeJ4-9rv1-MFvoGjCjM
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 25 May 2022 11:47:50 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEMoS-XgdW1eBcXNQbPowDS8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 0316 23 B
172 B 226ms
70ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN3Y4tMCEIis7NsCGLnVksABMAE&v=APEucNVZx9FeT9WaHcxOtiGXS1gDNZB1qXKNUcPHCs_FyRI-8kqKHw7aPRGO5IIzqJDxCGc4ViyoAyiXkt9BWkR6Yg2X0qglRtTU_9z-9vWEPcnO_RpAo-F8WIl-nBkGej5_CdfNDXXc4mUhv_F0Saa4P1t208NkwI0EXeJ4-9rv1-MFvoGjCjM
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
cache-control: max-age=0, no-cache, no-store
expires: Wed, 25 May 2022 11:47:50 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/ Frame 6EA5 27 KB
10 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220523/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CqP1Ut2mSyGgfwfDLoMegcBF94UG7Y1ygwmfzgnZ93w-DqTy2o7YU6zM7eObETxCaTBgAH0xcmlOqlIDab6RXRGIiDSIzJUj3DajsYdhowI7ACjrTT2QeAQ5tD8aj6ylUQeyW3p7YAAxftikq8neqcdYVjCw&cry=1&dbm_d=AKAmf-C88LZ6lQ3lrveDTQzxwFJnU8QzEsy8ZGszSFlykDeiQRSaXPB79BxXL_A5Alv00JhPqtHImkh_p_9sFM05IRsBx-mR5qZGPPQ3D1FsPUcTjDoLM0IMyoonkTFoUKfQu3wKNqRrgmBRVvVXMBqohkBt76awkJ397isSChgY7X5oSgcW7FnY429dCxMswiqOFbpI_5GyMvzOfqxsTaDzxWGHYM2TG8rtUnhY3Bt7Cvseyp1gzbeLZ47b5tgNF8wtuMJoA10BVtuwsRLDWN4QCI3xMcUBwx25kBW2VT3TwblF2J1dJ5tLXrCB5xRiJ3IPiAL1GXmPoKzgvdmDL25sWOpmP5F4FI1lyNjPXTnQ623G2NHOchqsn8UWquY__9F5fduepuOeX1zSUAni7aZkwHdJNfIFGjIYQojCk_nS0pP0Iywqe6wXh1TYb1YmZRWcpgZ4Vy7DgZuZVhJGRBELmBWElv84YIG0k3-x-EVjhYXAgk8gQYm2sjxvJTyt8N77iZGpn7y3OHhcNoIHAnQRQ-BygtFF79b8Kg9O1Jl1F4OG3BbKERAhaW-06Q3VyJBNYCcFwwIr9q64kQkBUqU0T1GMCOwyfVzsOalv9CtT2z1wpYeFnObifxfoB4Ay5o7jL2X6HoSasAeICVb34yn0UKfKmFp9Lu01O5SrVNlPxd1Dk7rRfct83NP_pQJ23xJFITCrlFWI6etC-0aWlh2vE8xxv6DMxSns70unmkjKjry-mPgnp_EJDmzN9c5jeBUbcLO9hKj_R6InSOzA2sQplGiTpq1eF_KMWWzqHORqv627C8voC5mmWxSdV-cw-7ZqxvALSsTYjMRfLWwX9BbHTnyoW_wz7Tz4Wg6Nk-9euhannJ1hFO-x2qqRW_apdeSM9_Gln4S9DpPUWH-4xcCxbpcOgvoI5QL75WnokJiWdv1vDnKtcMOW8e5-N2Pv1hnnw8mHDzbtuzpxo7JWrDyywdLSXKYLYceX23Y_o4t5RyB5yX5-p9aR5rmV--LJ3kOof1E_BdmThs3XfdB3WxTzkSOV0P-_71rJgBU9Dh9O7Wf3ZTpZy7P3vnINLa9hnfSmDBeQiq7p96uMQ5cFJVZch--xefyHtLw1P0gSve8OoEi-ZNTsGmH4AkxezoiuJLG_KwgdLXjX-TEVnY53krMS8gGQJhe8XEhicJpTerIYTHQZDpEIvuC8eOFOfKIeQxIBIYsVbrHSPJrT1_FrafhStR7I1zrmyshaUDoNK_zadcG4aDCQzkO4aUUVxDJNPCJmo4XPVyrcndOGj7L96y06vHH0ObcvRNcCoNUBXOfCuybQavuWsfSc9nO-C2gyibNHRPYnm415s23bh4CTmMGzFYoUoram-jRTn0tmlqcutjNe6HSKHBZf23ykJhpl-NhbB7QwM6hLFtoxDHmcsAYj2ezfp6eiJTKZMF-M-8goaxm8ZkXfdRFuAfyTdW0hdmfoEJag-b7nhR3xlNNUS-90uRIoHGvTwUhQtoZv1_Peh4ZGneaqtkgEvKvEBvDHog_qG-JwwWJH0qFnwSAkORVVN1zC_CUGJ1rvK1wvMZVa9gbGrbSWrut3jImHceMBu1dOgOqV0PZX8PfZnP-i2MNZyYU9iJ1z8hCMPBKmGk1JqitbnASjqJa0oXcs_-RBLPwfSsIv32OewBl022IET8o5UTzELAy6lNs0XUOnm-SY6NaB6yjpEI3JJ-b5vyuXsK9X5y83na7y3lt-zLL35FeLXWK4UUTaMSQlNwsSYf5DAL75PtKcVdMeYNDUTGNTjc0l80YLwZozr2k6AQtqMHw1gC6Cl_bwZiy9q2VSCBbSdlFg36CPL4bFLVUWjVNhRdTWuzDA-xs8bkDriN43ekEw0qN9mZp4GpYujkmFkEam--deOlJlOXkIBfQkMDu5NAClUgLSglbOTxQj563sHE7erZwRJwjVcEu-zWtBqykyxWeij0wGNSPvgVqhAPw64ZuemWi_TcSRcYfNyqlZUx_71_n2-5ZN12YIxu6Sw3s_oQpLJiwxUj0VgQy00C_t3mVd0E9A52Ct0rcUp1CGjBiLxvFRZ8m8LCtUhGM0EbzSIm_f6v8CqAJQrvqCta0Seipu9Weod94ZRH_QEnB07vw7Vo2Xbcbw_XMjIho3PWFMPAzbAHOy77dFrhQGJprZKxlTYoHyRfHTk0JO6_BpwKqzrwHPSENNFM85xD9zxdJYwo9pSi2LjECyu_kyF5OPweE_pri_HHdeSsSEn3Icp92JKk4Y4fJcixsmz5-ZzEjoTYQDXLd2BjtMLXB4R381gstO-tjLtp_GnSVwSlsR8t1Y6n0oG8XbnRMsxOfnvuujNAyioYAmMUirerN8OrwQCJML-8xwqnXJIej0ABNaClhdYzfu-BVBINwKWiXFsy9sG4cxgkGpIpEtYFkvYSws6vyj2deSo6yVWInQv5R_r-yA8d8LBqJZy-AScx19us83ZiCoha2f_e7u7Ts9ZDj-HIawRmluv3b2dAB5em1DZMvorZl-fmiznisUr_7DqapDKVjO7eANSZqvXIiy6IcJNhi64ZnfrJJHhKbrowyIHD-UP-vLeQPoj0Mq6yZq1SM7qwhv4OaQ0v3fqkiaj_iZlB-oxhS-bo-sY6AkMT3rwoGCLOwc9QV2ZxnS6XAjCHNY8br5-brv7r_BTijviFJgq4dQtB6MCjf_i3bsEbD5xoY9raVZPubiDsacpwgeOP8ysAm7oVkE3Xh04i0ZZHh53mluGjrQOIavfiHEWCXMzCKsVa0i1Xua9H4ay0hNDoFUIbYjX-8i_d5gcMPiBZ3qhuP4FjZTW7EuD8xeRXXOVxH7NoueOckWt_sl1l4MvX8KrSshFXcTxutpGOD7SI6g7nCDVaoEKTzHmSQbuwEPSfJjeqv3K4gaTKSgSEf6FMbU77gBm34JufGoTWqhIpy9Npjupp87eSs8ArgumUXvkJhIRPlnMfcJEJ6Z11VvfkC2AmXht4DFxxjGWcF1nuJcdxikWT8pGrt525mCYs2XOVkcO_Fy4kvOqhsdieOn3EGlglA-5b1Np6y9-rF_5lYcyPyUwaickod_VUlh3KpQJxeXN9J1iQ5yd1TEErC9VycwmgKfibEUqjN1FxNGucq8COEbF0S70yJIz43_rryRCvWxv06lcuR35SKuVK7oSdARzJHee3x67l_4zf8MO6sTf9hjqqV8oMesHOe7dei14XYDAaM2jhDSECDkf_iHhWnMiBk4_8Bcp74axA9T-ZivCtIgLyRERJ5bgX_dTYjpiwBElfH3js1JsTD-bGqGN82VrySGOoxjnQjh4xAdJCSgylNME0XhezY0jli0XH1mhQM8s86R0SX_yG6ZqxbbWo6NCxig3Ij-AWyR4l86nQAC8Vu0OVgcrvpvMYooANJaIgSBfF1sIB0a_pC33-IntdrkCWALuMgfrpfoNbikXJOOhBdpgJ0gy1uO9gpzShnQ303l9-C0CZLT5cbWonY-BfSWsgBGali_uwqGTWxTOBnwIjUGtjH_JlTq&cid=CAASFeRoMZS8pMTep8fLa86zNeNvebQRuw&rfl=2%2Chttps%253A%252F%252Fgumoreska.in.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

75f2b8c48f20b369362dc65af86c17d672285dad4012c6f0f187c49ad465812b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 239
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10524
x-xss-protection: 0
server: cafe
etag: 7053593280098290627
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Jun 2022 11:43:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6EA5 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 18 May 2022 11:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 604758
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 May 2023 11:48:32 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CC6D 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 20493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 06:06:17 GMT
expires: Thu, 25 May 2023 06:06:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ebStdBanner.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ Frame 6EA5 218 KB
63 KB 162ms
45ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Requested by: Host: bs.serving-sys.com
URL: https://bs.serving-sys.com/Serving/adServer.bs?ncu=$$https://googleads.g.doubleclick.net/dbm/clk%3Fsa%3DL%26ai%3DCY6kwZReOYtTnFIqitwfm55ngBY6e3_Vn5c3l65wPv4Lgir8uEAEgpa-Hb2C7hoCA0ArIAQmoAwGqBOsBT9BgXLOzOMMSXad1bUILRUDlOS940MexNA2z2EfBRvm7q-crHEm7CRfp9uGe3n6vDmkbbp2ivvu6Fwty6ezGDa5f2AaQmPHmSAIhKCq7lBZaF00mRArlyI0DXdWRn9S6VsHaC_CMMpPKjjr4BSM4KE6SENHY2ikzZFE9cowP9OEXhTbTA878xg5G8Vq3uigZjspY1kl3zIgeV8Fe7Vu7EmIpjyvz6IOJhvGdhZUoo3OtdRHQEx8NJ5JDA4-me4YFHUOkOmy3ts5jym7sZeX1Uyp_QP9sX93GUpvDVJS3jq7IQsHLx1q1_FvRNsAErtr20OgD4AQDkAYBoAZNgAe87vraAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYH4AKAZgLAcgLAYAMAbAT2_GYD9ATANgTCtgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAASFeRoMZS8pMTep8fLa86zNeNvebQRuw%26sig%3DAOD64_0oiC1ph8q1szizbVnFnjmiI6y9iQ%26client%3Dca-pub-9735848914219258%26dbm_c%3DAKAmf-BMWMECl_MEr7ocxE8FSksJLBZ0wBNLKnrZw4FJDzGRtU7WHYA6SQLHkalV9gNxd1LxkS4hbtxw9X54XT6b3Z5dfIPJiVzwSPAKECF9dcoDbR9newb75KtnHxNaiRhH2alhUPkB6urRMAxKwKj9ufN6jiZGfQ%26cry%3D1%26dbm_d%3DAKAmf-AzSdTFvHbfbh2ptY2p0lThGTXdP8mtRn0w2DWRlvRzoH7CPMnBEwHnOe9Yu0k5dhYO3PlZJlXz86kJfbYI-s7cWS28cOUKOPqeELRl1e9kKJiHEWBuyDIg5JmIqQQ6Np9cGAhnoYqcLAvzuE-X424RF2c5cZoGNPfZGCoo8rpe9_r_U0mlfm3UlHL5Gm4moE-t9sMMLgIbrazbAssmK-nAJkUhG6AzpX-Y0BQbMCz2v4vdGSWuNPZI9g2hDGEw3R_R22aDVB2E5aQRgNgbv0g1klizDLswme_sgrOjqEpsr7KsJ1XPDuNm2CT3oFSXYfneObNmaah2k4wK9jkiai5qa-i-FEvW98Kw8GInEes31aZ9WQUTgVhE4asiw9-WAXyh8Nxs3sEQ5YExCjAHW0k9H8gIcE3B-YL6QM5hymD180cj7-iu2X59Vw2cBrDCulmtJus93HlqguQfMbuSe3V7xmtckA%26adurl%3D$$&c=28&cn=display&pli=1077553952&gdpr=&gdpr_consent=&w=300&h=250&ord=[timestamp]&ifrm=1&pcp=$$ABAjH0iZ5iCADhBVz_BX0iR1sMcK$$&z=10000
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: cd3901ec47f7973dde7eb9ff3cae27bd49cf8a3ee751db2af0d1a49a7e239cda

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:50 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 14:07:06 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
etag: W/"b43168f6a7292751e77fa865476ff920"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2001402
accept-ranges: bytes
content-length: 63902
x-amz-cf-id: NvamqRsYM_udoehH1iKyiAC2qk4-eAToWaud7IsMf2DDcTL4Kqyhvg==

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8836 1 KB
751 B 40ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 21246
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 25 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Thu, 26 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6EA5 210 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dded905c31c8f9fc7cb77276216a392daaedcd2f16573b7b842dd523df6c8ff4

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js Show response
pagead2.googlesyndication.com/bg/ Frame CC6D 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6nbJiuMIfbM3CrNY-tDIjyCddJisSKcO9ZWp-sVJINc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 10:08:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13771
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 May 2023 10:08:56 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8836 35 B
463 B 144ms
59ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEDROd-PanWr4bITQNwt9AOA&google_cver=1&google_push=AYg5qPLb_gCFX_3-kBUHXSoD7bdt1vWOO_iPMjHdM7otAr_uMTSkLIfkZ2FQ4kxBEVgrNzMN5K2n1xVfHiSbHS53KmiqzKGZxwYK

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8836
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKUDjlq...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPKUDjlq...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjUxMTQ3NTEwMDAzMTIwMTQyNDk3MA%3D%3D&google_push=AYg5qPKUDjlqIBmxWS-RV8xfpt8UsJ8GLMiIEXFqjFJYWE4FEEw3ZPMfY0nf9zWuB6bMcm...

170 B
188 B

59ms
59ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjUxMTQ3NTEwMDAzMTIwMTQyNDk3MA%3D%3D&google_push=AYg5qPKUDjlqIBmxWS-RV8xfpt8UsJ8GLMiIEXFqjFJYWE4FEEw3ZPMfY0nf9zWuB6bMcm-2k_OZcjtPH3YVs0PGOx0kYXU2g4In

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:51 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MjUxMTQ3NTEwMDAzMTIwMTQyNDk3MA%3D%3D&google_push=AYg5qPKUDjlqIBmxWS-RV8xfpt8UsJ8GLMiIEXFqjFJYWE4FEEw3ZPMfY0nf9zWuB6bMcm-2k_OZcjtPH3YVs0PGOx0kYXU2g4In
pragma: no-cache
date: Wed, 25 May 2022 11:47:51 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 25 May 2022 11:47:51 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 8836 43 B
356 B 112ms
40ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEKCBUDwBdmr6zPzVwLHEduU&google_push=AYg5qPI7s-hsrIGyHwH1C0Hl9hyY_93REdj7_udozAJ1qI-31_V_45Tal-04p-H9AGi1agQgpmMUIm3Xbw0bF6twGnTNy83MsP6f&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8836 43 B
350 B 98ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEC_mcRzfBI6LbaakhLQ5j1Q&google_cver=1&google_push=AYg5qPIrs6MBET8vkzq_LoAyazr3-2aRvDeISMGd1JWtzmPIYDtHmwCvs8WEZxdYiFTqU152Ppfe2v4CD-KH4EhlfdHLtzqdFMyW
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: a83gsaene3soucvcf7sj6pj90nljr2ls

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8836
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GDvuIDL_Q0uvU1yzvgpDMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

61ms
61ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GDvuIDL_Q0uvU1yzvgpDMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqPHg0JgjneZhd3h1CXCzlmuOBZpTAezTa3vXso9ogEjesHWDJug4ooM_9in5hO6VwYT2BIohu_TdZNrke3el7KfDZJFiY

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=GDvuIDL_Q0uvU1yzvgpDMw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLqPHg0JgjneZhd3h1CXCzlmuOBZpTAezTa3vXso9ogEjesHWDJug4ooM_9in5hO6VwYT2BIohu_TdZNrke3el7KfDZJFiY
date: Wed, 25 May 2022 11:47:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8836
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEBCWKN8mEmHX0CQQOq8MQ8E&google_cver=1&google_push=AYg5qPKlaCgVuSpOEny8PSXzwfI4ExMsKv5T1V_dk2d_kU7C06fMpc-sh0bXcjUVaCf-xGfi9wI...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMSVY2S1otOS0xQVZJ&google_push=AYg5qPKlaCgVuSpOEny8PSXzwfI4ExMsKv5T1V_dk2d_kU7C06fMpc-sh0bXcjUVaCf-xGfi9wIhdf23WVfYBJ0nxufV4pTKd4k

170 B
188 B

59ms
59ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMSVY2S1otOS0xQVZJ&google_push=AYg5qPKlaCgVuSpOEny8PSXzwfI4ExMsKv5T1V_dk2d_kU7C06fMpc-sh0bXcjUVaCf-xGfi9wIhdf23WVfYBJ0nxufV4pTKd4k

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDNMSVY2S1otOS0xQVZJ&google_push=AYg5qPKlaCgVuSpOEny8PSXzwfI4ExMsKv5T1V_dk2d_kU7C06fMpc-sh0bXcjUVaCf-xGfi9wIhdf23WVfYBJ0nxufV4pTKd4k
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8836
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFEbCHGtxojsOT1dWi5G-B0&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo4XY2Se-mDgxD1dySoSSQAAB0AAAAAB&google_gid=CAESEFEbCHGtxojsOT1dWi5G-B0&google_push=AYg5qPIue4MJfs0oBShUc-C_1Kbf6R-dIl-IOSbVBJM100ZE86q...

170 B
188 B

59ms
59ms

Image
image/png

142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo4XY2Se-mDgxD1dySoSSQAAB0AAAAAB&google_gid=CAESEFEbCHGtxojsOT1dWi5G-B0&google_push=AYg5qPIue4MJfs0oBShUc-C_1Kbf6R-dIl-IOSbVBJM100ZE86qnXTcwtBRB_t_3Sw--qdmDBGzyFgfB8g0_Ygf5_h1grAeSycTY&google_cver=1

Requested by

Protocol

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:50 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 May 2022 11:47:50 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=Yo4XY2Se-mDgxD1dySoSSQAAB0AAAAAB&google_gid=CAESEFEbCHGtxojsOT1dWi5G-B0&google_push=AYg5qPIue4MJfs0oBShUc-C_1Kbf6R-dIl-IOSbVBJM100ZE86qnXTcwtBRB_t_3Sw--qdmDBGzyFgfB8g0_Ygf5_h1grAeSycTY&google_cver=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 460
Expires: Wed, 25 May 2022 11:47:50 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8836 0
12 B 49ms
48ms Image
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KF0SU1D_bDDoaYsiTVVmSOBmQeL315ucdSzyJKt8ZqdP46OYnT52RdkIjV_l_EnfuE4rT3

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:50 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 URLUtil.js Show response
secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_87_0_0/ Frame 6EA5 7 KB
2 KB 44ms
44ms Script
application/javascript 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Modules_1_87_0_0/URLUtil.js
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:50 GMT
content-encoding: gzip
last-modified: Wed, 18 May 2022 14:07:07 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C3
etag: W/"5ac70b83663a79f3a383c3a53f62eafd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2000324
accept-ranges: bytes
content-length: 1947
x-amz-cf-id: vyHNxmJeprmXWn1t7PaDA1Yi1HtE8ETdeRUVxYxQTI-tX8yjZBLDPA==

GET
H2 200 300x250_68224221934790304.jpg
secure-ds.serving-sys.com/resources/PROD/asset/119359/IMAGE/20220120/ Frame 6EA5 7 KB
7 KB 295ms
295ms Image
image/jpeg 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/resources/PROD/asset/119359/IMAGE/20220120/300x250_68224221934790304.jpg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: ATS/7.1.0 /
Resource Hash: e1ba726ba031df4d60ce0b57ea18b8ec62b375a3963a2434e3e9e8949e384dd9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-amz-version-id: GZncNP9ENujTWZOq7y39B3jsbkn3jpl5
last-modified: Thu, 20 Jan 2022 14:37:13 GMT
server: ATS/7.1.0
x-amz-request-id: SXBZKA2T3YSN86VS
etag: "78aa37b1b21d2637a3de66115e763f74"
content-type: image/jpeg
access-control-allow-origin: *
date: Wed, 25 May 2022 11:47:51 GMT
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 7168
x-amz-id-2: iXexmSyzzT6ty1PSWLiwZVwhG4vgjIfN6cKkmYOTDgRoRM933+nFwX3hGbx2nLZykhAkTeBOCkE=
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 OBA.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame 6EA5 1 KB
2 KB 45ms
45ms Image
image/png 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: / ARR/3.0
Resource Hash: 6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:50 GMT
last-modified: Sun, 05 Jan 2020 08:33:11 GMT
server
x-powered-by: ARR/3.0
etag: "984fa9c3a2c3d51:0"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 1411
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H2 200 OBA_DEFAULT.png
secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/ Frame 6EA5 2 KB
2 KB 45ms
45ms Image
image/png 2.16.186.25
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/Res/Images_2_6_4_0//AdChoice/TopRight/OBA_DEFAULT.png
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9735848914219258&output=html&h=250&slotname=3497597976&adk=4253229104&adf=3524019181&pi=t.ma~as.3497597976&w=332&fwrn=4&fwrnh=100&lmt=1653379815&rafmt=1&psa=0&format=332x250&url=https%3A%2F%2Fgumoreska.in.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1653479266507&bpp=1&bdt=381&idt=321&shv=r20220523&mjsv=m202205190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1160x280%2C808x280%2C808x280&nras=1&correlator=8243374390886&frm=20&pv=1&ga_vid=1441253783.1653479267&ga_sid=1653479267&ga_hid=1782647438&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1068&ady=503&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761793%2C42531557%2C31067628&oid=2&pvsid=1002224364046702&pem=54&tmod=2031833035&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=Blodd5nRZm&p=https%3A//gumoreska.in.ua&dtd=323
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.25 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-186-25.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 25 May 2022 11:47:50 GMT
last-modified: Sun, 15 May 2016 06:53:22 GMT
server
x-powered-by: ARR/2.5
etag: "05d697876aed11:0"
content-type: image/png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 2198
expires: Mon, 31 Dec 2035 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220523&jk=1002224364046702&bg=!TE-lTwvNAAZ4vKt9WLw7ACkAdvg8WqPQWwvhubk8STgeW4s_UkQatwQDVY9fA1-OEVqCOzMkw8y1jQIAAAMFUgAAAAhoAQeZAqZGZd3fNsDi-5w_APc7O0D5ecT3KfvHSISRUQJKj8a3h-jw4yPU49eoNae2aQNkIyYnlgNQ2DQaGWj0oW1OmcBC94-oaxO1NgTWe8cYY15oaDnUMUQOxvA7byZqXMc3zSXoD5Pnm_Vb0ACKrZZFXyVtXpkTO61_H3_YJodmSrrkNy9LzPi9sUSvfljV9ahSIQ68JrM5oqA8Wr6vlpsVAf68Vkp1zMlOzPCQWMP30eZMXQtdpch6hFC7MZbsfM6nR7u4rPDlUihx65OkVrPZmhgXrvQVJJK0X9KFL8N9IwuW9Of5gPUVeVnaEsZz0CwHX-N-KvQRGfV-Qvqf_BQtL-G1dNwpAD_j4g3s9-s6cvFr34vA6ZIyb_1n7mJnkIo6ZddNW9aJSNSJnA5DGHw7MBumAWbrVyVyulM1unjEqvsqiFNei68ajnEspsQDw_2FFE6S52NKwao3we96Xr-FCjwHmOvAStNpIT0EzETvmRAnhg2hCu5_SLxnE83lTpVyY6C80L1iKqYbnVd4-U2EqGjy2seixnhDT-FM_EpCYerWpNoT2I4iuGXD1USrBQeVyPDaqrDlPyjilcyBuJaTKxsqzmKQLtMpeDvi5cETt_rPvsd9HNDba4oZGXf7Znat-W6Z2qufLZW-MH_TaoLUJualkfNf0xHp1huS74cI5CjonfD-KTRn2E6emun5pyt0W1LlXtGmTRhTdTW0kkBLLHa9TD-DwQmBzahxP8reYMsF1sogt20A0rWsPft6942Jd-KJLbM0F1Qv4YQeI0B-hJr2DSQpJnKRAATJC3vV5UaZMk0zV3CTr9OTmRTawzxSvneSsSJf4XRsGs_CaUV0c11nur94kXrHCw9BlWN4SizEvu31HDiIzLUtGESrTfyMP8suh8AYQnc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://gumoreska.in.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CC6D 0
22 B 76ms
75ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_paJZheOYo6aE4Dl7_UPrfKt8AkAAAAAOAHgBAI&bg=!-_il-LzNAAZ4vKt9WLw7ACkAdvg8WjoHkuf3MqCofJBEdP6bzpOuQGbL3X7VHjDWWzCcrArTSw7Y4wIAAAGcUgAAAANoAQcKADB48ARn0JiWywgoFWZPR71--RvYbE5-Htp3L57X9FvV4tWupZBadPmnnSQ2DNeICUWZAuc_zabkycUC_kuBN_DgsYxoQe1npsOrusBjHg3OO9_LUlyeP4LKT5txSjnkTXOZ8KuL_OmhY18g4Su8lqT9CjkDEHWp9go6rkfSFfhPxn2Y41kJbbLVA70XVYAbPWwQUVZkmBWOKZIa_fj-8u6jNd0NjU9lRP2F6fQ1a-hDmy8QEddqVmPd4TXHTaKrbsMg1g2AcLIGCsNuIeo_wF1ElIfENPpWDvUaQGbbpc6o5CBZk2X3wu3JXC7vDb23WEdikShqT9m0uJYK9wAkUGN1iYeDzTMjLuMf6flmyBhn4Mgs2cU22mLROOmvVOTckSp7SeI7GMtvQebjUkOBSBFh2HCUKlgpsXskxXzym0j3CwGD9l5_h6Lazy7_-3XRlBgyUWiA-z8-0sO-Paj0GiRaU5RBOpjZ_36WsBKep1-5u573H3sFvAGGmHexo3LGUZKmfoxPpj3FeID_-gkrQevb2pFxLVccSUGRHdQwzv_QCnrbycIHdgZRZ3-4ETSJdNTSS3-MVgwPpBejeV81VInOrjRI2Yo4ThoLcoNAgeSRBH0wy7br3VSBUUOHesOPmmVr3lRqCrLeaiQqxo_m7xTKDOApDHZiPERpWOIAAwsqZAy7ab8OR6piyGYxG7F8vle69l831k1-k52CTJxux5DqUXBFFndgmksFQc5MD4gxWEqamQ5UMlVxs9YOIAS4BVgqHhVn197jY9jI76yXxn_VWf_rSAxTS3ulyFiNJl1J9TT3W8H2nM00Mz4FpojdqdWQPO1Km2hOb2cPPMMWuHJ1lbKDwfQdioQJAZ27ZW0e9AOLyPnSPO81Izqw1X362MGO1zS0lOiUqVLDt008tTpfPg2iT7qOI95724aIPl3NUUWFI9DF4YlDiyZ5gwg7AIUg1SBetNZxBti8aOlX98fpx60VCqNUehEbKSPpu6_XL-21STDZ_4knqlMMSO9WPT4ZgL0eOcEuVCgwOU94T50F8uh5uraBnspF3g

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK evt Show response
lm.serving-sys.com/lm/ Frame 6EA5 0
193 B 241ms
43ms XHR
text/plain 3.125.7.203
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://lm.serving-sys.com/lm/evt
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.125.7.203 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-125-7-203.eu-central-1.compute.amazonaws.com
Software: LogModule 0.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Allow-Credentials: true
Server: LogModule 0.4
Content-Length: 0
Content-Type: text/plain

GET
H2 200 Serving Show response
bs.serving-sys.com/ Frame 6EA5 24 B
603 B 41ms
41ms XHR
text/html 3.122.23.61
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=display&c=40&sessionid=3587502747703705665&ai=1086095456&usercookie=u2=5d8ab9cf-f4e4-4900-93de-01c0edfd0262&oo=0&clsrc=2&clbv=_2_220_3_0&gdprpurposes=1023&dg=1076746635&sdg=1077498693&ctick=308&ord=0.10068472787125948
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.23.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-23-61.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: private
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 24
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2 200 adServer.bs Show response
bs.serving-sys.com/Serving/ Frame 6EA5 0
478 B 41ms
41ms XHR
text/html 3.122.23.61
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://bs.serving-sys.com/Serving/adServer.bs?cn=int&iv=2&interactionsStr=$$1086095456~~0~~1076746635~~3587502747703705665%5EActualSize~300x250x0x1x0000x0x0x300x250~0~01020~312$$&usercookie=u2=5d8ab9cf-f4e4-4900-93de-01c0edfd0262&rnd=0.2431164909465866&flv=0&res=32
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/BurstingCachedScripts//Ad_2_220_3_0/ebStdBanner.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.23.61 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-23-61.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:51 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
p3p: CP="NOI DEVa OUR BUS UNI"
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
content-length: 0
expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6EA5 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxxJCBQfUWOngsjb6OKHnAOrK7J7AUYFOhoEGKKoHnzLabMgbIZY50oz5IieStj3wOD_tDasdz0wxQWSqZFG513Px55s6bIe8WaOod5vyzKNo&sai=AMfl-YS2-eaLIBpymI7-lyLZ_M-mK4p3cSKNbwagrsE8aEHr602da2wXVZvVWCs3sIjYYJbfJR6CCLTJIyL5TUxxO3wUQDJmoZp3imhYtP4&sig=Cg0ArKJSzAT3xV8OfH9TEAE&cid=CAASFeRoMZS8pMTep8fLa86zNeNvebQRuw&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4253229104&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1653479270266&rpt=309&met=ce&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 May 2022 11:47:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMl8ZFNanpmLI7IWNcjbtXeINrGZ7-oc4Wr71ibeuR_IHbtHYWbKa7D4oaUWVO9Q4UJDBHLEkPmv9swx4fwYNohfGaoP6TY_moQeNJy1q4t35l0EGk1Gib2wqP&sai=AMfl-YR_mLbyk9NgrzpxIUQatuQQp6sV9WTnbHNrPSj44k9NaBgIlDAkp-yLtt_Rl0fflfQRAC1EX25KWdE8&sig=Cg0ArKJSzBjnKdT8FrjcEAE&cid=CAASBORoTS0&id=lidartos&mcvt=991&p=0,0,250,300&mtos=991,991,991,991,991&tos=991,0,0,0,0&v=20220523&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4253229104&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1653479267411&rpt=729&ec=0&met=mue&wmsd=0

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
gumoreska.in.ua/	1970-01-20 12:03:35	Name: pll_language Value: uk
.gumoreska.in.ua/	1970-01-20 20:49:11	Name: _ga_XD2CSE5HNH Value: GS1.1.1653479266.1.0.1653479266.0
.gumoreska.in.ua/	1970-01-20 12:39:35	Name: __gads Value: ID=ace84470901d2f33-22c06de19ccd00b7:T=1653479266:RT=1653479266:S=ALNI_MYRsvjJjbjJlZOccw6c9VrNYaZAFQ
.gumoreska.in.ua/	1970-01-20 20:49:11	Name: _ga Value: GA1.3.1441253783.1653479267
.gumoreska.in.ua/	1970-01-20 03:19:25	Name: _gid Value: GA1.3.1370562590.1653479267
.gumoreska.in.ua/	1970-01-20 03:17:59	Name: _gat_gtag_UA_131431071_1 Value: 1
.doubleclick.net/	1970-01-20 12:39:35	Name: IDE Value: AHWqTUnWhyTa64qVKNPBQIhfsbBZF5ZMl1AH1CSbew833ufPkFwDrRc5no_pMSAfctw
.adnxs.com/	1970-01-20 05:27:35	Name: uuid2 Value: 5543530423979811355
.casalemedia.com/	1970-01-20 05:27:35	Name: CMPS Value: 710
.casalemedia.com/	1970-01-20 12:03:35	Name: CMID Value: Yo4XY2Se.mDgxD1dySoSSQAA
.casalemedia.com/	1970-01-20 05:27:35	Name: CMPRO Value: 1856
.adnxs.com/	1970-01-20 05:27:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?ir^?RB!]tbPl1M>e)ZlrFUfJ+tGXxoDDc5nKL(8x7ZItS1F7D1<HLXyd[81K=72X8V3If)y3KL9D3I?+jbge0z
.doubleclick.net/	1970-01-20 03:18:02	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 12:03:35	Name: CMRUM3 Value: 2d628e17642760CAESEOvKKVJlFjGj25ryKABuK-k
.pubmatic.com/	1970-01-20 03:19:25	Name: KTPCACOOKIE Value: YES
.quantserve.com/	1970-01-20 05:27:35	Name: d Value: ECIBCQGcJoEA
.quantserve.com/	1970-01-20 12:48:13	Name: mc Value: 628e1766-979a3-0e632-81e15
.casalemedia.com/	1970-01-20 03:19:25	Name: CMST Value: Yo4XY2KOF2YA
.pubmatic.com/	1970-01-20 05:27:35	Name: KADUSERCOOKIE Value: 183BEE20-32FF-434B-AF53-5CB3BE0A4333
.e.dlx.addthis.com/	1970-01-20 12:48:13	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:48:13	Name: na_id Value: 2022052511475100031201424970
.addthis.com/	1970-01-20 12:48:13	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:48:13	Name: uid Value: 628e1767158dff56
.addthis.com/	1970-01-20 12:48:13	Name: ouid Value: 628e176700014d378ad682448243f2da777d518030b698212cec
.dlx.addthis.com/	1970-01-20 04:01:11	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 04:01:11	Name: na_sr Value: 20220525
.dlx.addthis.com/	1970-01-20 03:17:59	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 04:01:11	Name: na_sc_e Value: 0
.serving-sys.com/	1970-01-20 05:27:35	Name: A6 Value: 10L81wwVl31005xi000010000
.serving-sys.com/	1970-01-20 05:27:35	Name: u2 Value: 5d8ab9cf-f4e4-4900-93de-01c0edfd02624H106g
.serving-sys.com/	1970-01-20 05:27:35	Name: eyeblaster Value: FLV=0&RES=32

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
adrta.com
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
bs.serving-sys.com
cat.nl.eu.criteo.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
dsum-sec.casalemedia.com
dt.adsafeprotected.com
e.dlx.addthis.com
fonts.googleapis.com
fw.adsafeprotected.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gumoreska.in.ua
ib.adnxs.com
image6.pubmatic.com
ipds.adrta.com
lm.serving-sys.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
rtb.fr.eu.criteo.com
rtb.openx.net
s0.2mdn.net
secure-ds.serving-sys.com
sp-ao.shortpixel.ai
ssum-sec.casalemedia.com
static.adsafeprotected.com
static.criteo.net
stats.g.doubleclick.net
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
pagead2.googlesyndication.com
104.111.215.191
104.111.242.245
142.250.185.162
142.250.185.66
142.250.186.70
142.250.74.194
178.250.0.162
178.250.2.135
178.250.2.148
185.152.64.17
185.64.190.78
2.16.186.25
23.35.236.247
2600:1f18:26d4:7e03:946e:138d:214b:806
2600:9000:2156:2a00:8:48e:53c0:93a1
2606:4700::6811:190e
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:802::2004
2a00:1450:4001:809::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:400c:c08::9b
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
3.122.23.61
3.125.7.203
34.149.12.213
34.243.58.169
34.98.67.61
35.186.253.211
35.244.159.8
37.252.172.36
44.231.35.126
52.4.130.30
69.173.144.165
77.83.100.33
02204a26a8262757edb06b5bab32bc67ccaba9a71c4c677caa42cf225496582c
04471a19851d1bd80c63586258e952df84a5b9ee31e9552a9d6c8be2a5d3592a
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
11fc98c2751f3c7b5e72b55d3c9e245147ac911d59ee87191d17c31520f58f78
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16aa0b2d5b82c4e44d35ee4230749197bc4b838daaad7e6542630d597028e066
16f8fac4314d8885286e342f4def4212b2f6054a76f95a344d0678dddf6b3546
17ab18efb06d6e99214141753b3d058c23239473ac62acdbe307faba26c88c82
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
19be0b2a57a018298533c06588dabd658bff8fb35de91f1cd0127686ccdc0d5d
1b70dc4acfeccca51f2a9d3602ba753ad2583cbc79518982a0a31d92f701c16c
1ecfc5a4d72d8f9fc774268cda69765e8578cd3a3859b229288b10c36acb0b35
206f04b942d9cbaf682b101e328129a1b0f89176a6b91c225ea23573e342812a
21a255600c3db0fc218dd70d517547e470f0d15883870a880da4013b94c6c5f2
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
257ba01470698af9564b506aa1b1e7f7542a4f824108ebacf0741ae61e57a85a
269bd69d6c1d25e848132ecfb48ec214040e49fd45e444760c3e226ca5fd7962
2782e6af138d04dd45074527007f37557061f7fb9702449772aaf69e26276184
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c0c291bc0981ba13c0fab388914b31ab2729ab42036ef251081077a196403f6
2dafc5f5367611ef67921f0c48d16ef3b3202cee5b60a152855a664e1e4b9bc4
2dc399c8db705fc1b29b9cb04ef0e2144b9ea28d3e5483d4b5e5de914bdc47a6
2e7778c6ed3c31a131da378d6e573a1b3b6723037cdeea4c4832da83e60c9399
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
3b79d583caf65f067bf6eb7e0f6dd1570470467f8842d60c714c6bc3025576fd
3c816753c8f4f85ce3bb7fc3ce90697b49b057f8d2aa2ecf996e97ce42ef8a90
41b211a84f58ff5a414efe8c566945e62584d0fa8ad36b5ea62ee3e27f18d31e
43cc4405f112007891ce897704a3c51090f06518ec5f412abdc41a6946972723
44b9fb5102cbc5a2eae8b6dc3cf76183fbfe0edca2ee463a325264d2cc85e4b6
4563cd1462210ae5ce2caf2ae9f5568b5ccfd8cfcb57c1a3c9cab732687a6f94
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c313b6531aa16e18ee7a3eeab679208deba15ef76f5c44d4db225f4f52ec5c0
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50c97905c37e0a6a473efd962e67194321451ceec82f7cef77c1ba18d52e72ba
50d7c75e56650fe19ab4c2c193bb14f99785c7d2dafe43316f9283b773e8fb8e
50d82014097d60e740173746edeb6cbcfedd31a3006e2ff34954435284fd663a
5421f7f64c31711561c2c1bc40911d6678142ef89997b8cc45ef8edba4d0a3cd
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
5a07e11698e0f855a292f7fb02360f0bf188b6eb39d429f7c1649d85356408cd
5cac42920a6040ee2ff4ea7aad8253600fbf109888ebcadb44ffbbfd96fcda0d
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65912c2446c2c863ea5e434169232ac7f8f720593bf79c6036fa3f2abb9728c7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cd9dcadb5a76a70af536b935023e99ee8e851bbf6913eac749abc254272c036
6ef81d1a436e54449d094e62ad44dc82221a1c752069947e0a2c071b49a9c701
6f6bcfa894cf2bbefe87309b0ae3adff05ee391cfccbb2da5d68c594274ce332
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
73c42d1190408001106121e223a86bddf1750b6ec887b3369a3e62fe84c76057
7437cbcb36e9f74c1634b3c5b3f6ed625a4207b27b33cb7e00b4ee0ca77c4edf
74b1c71319c781e28f3faafb579bf375b20d5292a4e0904581a5bfb686dee8e4
75f2b8c48f20b369362dc65af86c17d672285dad4012c6f0f187c49ad465812b
7a05a87ffec895e210b0d9746c10e4a47d181857eabc6758fe799bc454b434d7
7a5f808ab3e1d2ecf9ae2f1cc8528b9043d988d489f51f98719ad8948cf8b89c
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7c946d2644c0436839ade7d707cc45c87b7fec1085acddc74f48d3d9835888a1
81793db9b3623360b1c454a4c5b8a03f54f392e355e841fcabf1de95421bd5bf
83f0300efb4ee0d8592e9d5186babb32509738e1d7d7a2f5b270ca9fd2fc99e4
882694532f0d27cd63361bc581224c2dd19f063f6d91b6dd80bdbb53bcea9eff
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
95897a93ea857f25e92442aee83961bb0e91ef60ed306d4b359bab6ead422934
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97e8589ee15d3a7b065d9dc815388983b332b2aebd095aa7240633515cd0d67b
9968816b26563fa1858c9627dbde9f80ca44437d0fd310772b1fa7d2e089f77b
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9f2e24b95c962fffb41eede228d0c5c7681cf9bc3dd3ece2440412ec4246d84e
9f77f47af2cbbef45f776a30aef7b5ffcc107181ccb8fc07761e6cdb9efa78f6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a2f085163f7ed9d5df9e579bde6589a6dd605b62a9e6bfdeb086b136c74380ac
a3e6b838865eecbe0ee045e938c1d6900646ccdd8a832cdd6cbe1a407a49df1d
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b634060d018ebb3ee84c850101cf4088c4ec6440eff21ea95a2d1b848e267e8f
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bed6cef3a2a83b0bfc42310907aa856549a86c15b7f3103d936c3d436bdd0655
c4ea49b00bb1fbf488281b11b8a08d3f096dae326a358e4a52cd6902f8da4eff
cd3901ec47f7973dde7eb9ff3cae27bd49cf8a3ee751db2af0d1a49a7e239cda
ced80dc0b36469ade9a5e4a3c86bde068904125a1162f712f20629eeadb8e53a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3fce3bfc73a6ea0b84ca2a1164990b0eeae97c638a6778cc51fb58afb50ba31
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d70c2766b7c42f0b2418b6ea551262fb3750ec117c5183e02a388c2bb6a34b4d
dab97bab75dff08fffa02146ba15959d05781c4e786ac6ac714c906297b3f4aa
dc05187f20059fb91e255cbd76de4a7e0481e2f02d15ae5c45eeed42d59e2a09
dc08e684f06e2f566c9db513023cfddd5809a3cb6467f9575704a8fdac9e1991
dded905c31c8f9fc7cb77276216a392daaedcd2f16573b7b842dd523df6c8ff4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1ba726ba031df4d60ce0b57ea18b8ec62b375a3963a2434e3e9e8949e384dd9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea76c98ae3087db3370ab358fad0c88f209d7498ac48a70ef595a9fac54920d7
eefae6cd9c7c4ae0d3334aaf4e23f9a4be901e074d21835f29d5ce2727569f94
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef47db6f7de15432f0ef629e32f414d08c3b0043a02bae98e9d498caffdec420
f2ea3341ccaba33ee5ea28ab92f80a3b62ecfa88ce547cf525a1fb01e25cfc63

gumoreska.in.ua Open in urlscan Pro 77.83.100.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

192 Requests

90 %HTTPS

43 %IPv6

28 Domains

45 Subdomains

40 IPs

8 Countries

2208 kBTransfer

5795 kBSize

31 Cookies

5 Outgoing links

Page URL History

Redirected requests

192 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gumoreska.in.ua Open in urlscan Pro
77.83.100.33 Public Scan

Screenshot
Live screenshot

Full Image

192
Requests

90 %
HTTPS

43 %
IPv6

28
Domains

45
Subdomains

40
IPs

8
Countries

2208 kB
Transfer

5795 kB
Size

31
Cookies

192 HTTP transactions
6 data transactions