test-otvet.com.ua Open in urlscan Pro
2a00:f940:2:2:1:3:0:128 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://test-otvet.com.ua/
Effective URL:
https://test-otvet.com.ua/
Submission: On October 15 via api (October 15th 2022, 5:48:43 am UTC) from GB — Scanned from GB

Summary HTTP 125 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 20 domains to perform 125 HTTP transactions. The main IP is 2a00:f940:2:2:1:3:0:128, located in Russian Federation and belongs to AS-REG, RU. The main domain is test-otvet.com.ua.
TLS certificate: Issued by R3 on August 12th 2022. Valid for: 3 months.

This is the only time test-otvet.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 15	2a00:f940:2:2... 2a00:f940:2:2:1:3:0:128	197695 (AS-REG) (AS-REG)
15	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1 2	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
2	74.125.140.157 74.125.140.157	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5ed4:8d5d:fed7:f5ef	16509 (AMAZON-02) (AMAZON-02)
2 2	2.18.232.236 2.18.232.236	16625 (AKAMAI-AS) (AKAMAI-AS)
8	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
4 4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:5::6	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:1d::6	15169 (GOOGLE) (GOOGLE)
125	24

15 2a00:f940:2:2:1:3:0:128 (Russian Federation) 1 redirects

ASN197695 (AS-REG, RU)

test-otvet.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.140.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wq-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.236 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-236.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 4 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:5::6 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r1---sn-aigl6nsd.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:1d::6 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r1---sn-aigzrnze.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 147	539 KB
23	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 bid.g.doubleclick.net — Cisco Umbrella Rank: 444 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	165 KB
15	test-otvet.com.ua 1 redirects test-otvet.com.ua	409 KB
11	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com	66 KB
8	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 44 imasdk.googleapis.com — Cisco Umbrella Rank: 435	258 KB
8	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 78 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 933 r1---sn-aigl6nsd.c.2mdn.net r1---sn-aigzrnze.c.2mdn.net — Cisco Umbrella Rank: 125459	4 MB
4	casalemedia.com 4 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439	4 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3510	58 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5147	1 KB
2	rlcdn.com 2 redirects id.rlcdn.com — Cisco Umbrella Rank: 584	571 B
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 347	914 B
2	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 671	207 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1521	486 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1445	1 KB
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 729	929 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 193	93 KB
2	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 9029	2 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 888	704 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
125	20

	Domain	Requested by
25	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net test-otvet.com.ua tpc.googlesyndication.com imasdk.googleapis.com
16	pagead2.googlesyndication.com	test-otvet.com.ua pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
15	test-otvet.com.ua	1 redirects test-otvet.com.ua
13	googleads.g.doubleclick.net	test-otvet.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net
8	cm.g.doubleclick.net	googleads.g.doubleclick.net
5	www.google.com	2 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	fonts.gstatic.com	fonts.googleapis.com
4	csi.gstatic.com	imasdk.googleapis.com
4	imasdk.googleapis.com	googleads.g.doubleclick.net
4	fonts.googleapis.com	googleads.g.doubleclick.net
4	mc.yandex.ru	1 redirects test-otvet.com.ua
3	www.gstatic.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
2	r1---sn-aigzrnze.c.2mdn.net
2	r1---sn-aigl6nsd.c.2mdn.net
2	gcdn.2mdn.net	2 redirects
2	id.rlcdn.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	googleads.g.doubleclick.net
2	rtb.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	googleads.g.doubleclick.net
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	counter.yadro.ru	1 redirects test-otvet.com.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
125	29

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
test-otvet.com.ua R3	`2022-08-12` - `2022-11-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-09-27` - `2022-12-06`	2 months	crt.sh

This page contains 17 frames:

Primary Page: https://test-otvet.com.ua/
Frame ID: 43EFC0A084900CE1F3DD7D92EE50BB53
Requests: 30 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html
Frame ID: 368373DFA246BFD7D3126052D73EB6D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&adk=3692517673&adf=3459230834&lmt=1665812917&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftest-otvet.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812917032&bpp=2&bdt=488&idt=278&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1430334803695&frm=20&pv=2&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=297
Frame ID: 6BBBF9BDF75A09D50024267BDE01F8D8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=2202782542&adf=3104713314&pi=t.aa~a.3276947282~i.18~rp.1&w=508&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=508x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=127&rw=508&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=3&bdt=1457&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0&nras=2&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TbxjmHxHLW&p=https%3A//test-otvet.com.ua&dtd=22
Frame ID: C5B8696908572B62FBEDF1550CE54FF7
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=4015807509&adf=3490668099&pi=t.aa~a.3648596900~i.24~rp.1&w=585&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=585x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=147&rw=585&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=1&bdt=1457&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0%2C508x280&nras=3&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=92ZqZswQ3x&p=https%3A//test-otvet.com.ua&dtd=29
Frame ID: 3F1C6391EB22CF25C86BD4EFDB70B8E9
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: 0E3A535F995155D87029D53EB674F6C2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Frame ID: 9DA06FFE43D4B013018FE88D2B2E13F3
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/index.html
Frame ID: 46581F1EF8F5C4B8EC81C0C5AAD73E57
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9DFBC62E6637A9812798BF5D1FD5E95E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6629C227D2148F790D14F6FDFF0EC0CD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7E569B97FA1FB85BA2B6068F15D29D6F
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: E5ABB942719F6067F0FC1AE9261BC683
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 21ADD418E47200C3E6A29CFB87E4D44B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D3065F54332788CDD03F21E1F9018CDF
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B3DA589564C808F7E556161FDC2EC5F5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B9F79A73E8ACC7EAA8F198D65BF32A05
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B3A44FEEA0225F8D693FF5343CCCEA73
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Тест ответ - Учебные сборники - студентам и школьникам

Page URL History Show full URLs

http://test-otvet.com.ua/ HTTP 301
https://test-otvet.com.ua/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

125
Requests

90 %
HTTPS

64 %
IPv6

20
Domains

29
Subdomains

24
IPs

5
Countries

5972 kB
Transfer

8816 kB
Size

32
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://test-otvet.com.ua/ HTTP 301
https://test-otvet.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//test-otvet.com.ua/;h%u0422%u0435%u0441%u0442%20%u043E%u0442%u0432%u0435%u0442%20-%20%u0423%u0447%u0435%u0431%u043D%u044B%u0435%20%u0441%u0431%u043E%u0440%u043D%u0438%u043A%u0438%20-%20%u0441%u0442%u0443%u0434%u0435%u043D%u0442%u0430%u043C%20%u0438%20%u0448%u043A%u043E%u043B%u044C%u043D%u0438%u043A%u0430%u043C;0.42203732179441245 HTTP 302
https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//test-otvet.com.ua/;h%u0422%u0435%u0441%u0442%20%u043E%u0442%u0432%u0435%u0442%20-%20%u0423%u0447%u0435%u0431%u043D%u044B%u0435%20%u0441%u0431%u043E%u0440%u043D%u0438%u043A%u0438%20-%20%u0441%u0442%u0443%u0434%u0435%u043D%u0442%u0430%u043C%20%u0438%20%u0448%u043A%u043E%u043B%u044C%u043D%u0438%u043A%u0430%u043C;0.42203732179441245

Request Chain 21

https://mc.yandex.ru/watch/29840259?wmode=7&page-url=https%3A%2F%2Ftest-otvet.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8lptml46owy1i81m1iing%3Afp%3A929%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A533584947280%3Ahid%3A131652398%3Az%3A0%3Ai%3A20221015054837%3Aet%3A1665812918%3Ac%3A1%3Arn%3A6141095%3Arqn%3A1%3Au%3A1665812918353702821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C167%2C291%2C3%2C229%2C0%2C%2C511%2C14%2C%2C%2C%2C1203%3Acpf%3A1%3Ans%3A1665812915847%3Arqnl%3A1%3Ast%3A1665812918%3At%3A%D0%A2%D0%B5%D1%81%D1%82%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D1%8B%D0%B5%20%D1%81%D0%B1%D0%BE%D1%80%D0%BD%D0%B8%D0%BA%D0%B8%20-%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20%D0%B8%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0%D0%BC&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/29840259/1?wmode=7&page-url=https%3A%2F%2Ftest-otvet.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8lptml46owy1i81m1iing%3Afp%3A929%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A533584947280%3Ahid%3A131652398%3Az%3A0%3Ai%3A20221015054837%3Aet%3A1665812918%3Ac%3A1%3Arn%3A6141095%3Arqn%3A1%3Au%3A1665812918353702821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C167%2C291%2C3%2C229%2C0%2C%2C511%2C14%2C%2C%2C%2C1203%3Acpf%3A1%3Ans%3A1665812915847%3Arqnl%3A1%3Ast%3A1665812918%3At%3A%D0%A2%D0%B5%D1%81%D1%82%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D1%8B%D0%B5%20%D1%81%D0%B1%D0%BE%D1%80%D0%BD%D0%B8%D0%BA%D0%B8%20-%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20%D0%B8%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Request Chain 55

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 96

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9QuLjzwc3sQCJnBBFXFMFWqvDb7urplJrLvi8JYS6JeNNcuO51oMWzKVG3mzpIcK1I9kpQlsjgGcZ7PZ_cnOs1nyQoVTAw&google_gid=CAESEFQk4QlIIx8gxJqoWp4EJWQ&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9QuLjzwc3sQCJnBBFXFMFWqvDb7urplJrLvi8JYS6JeNNcuO51oMWzKVG3mzpIcK1I9kpQlsjgGcZ7PZ_cnOs1nyQoVTAw&google_gid=CAESEFQk4QlIIx8gxJqoWp4EJWQ&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTUwNTQ4MzkwMDA2NDYyODAzNzU3MA%3D%3D&google_push=AZmPxg9QuLjzwc3sQCJnBBFXFMFWqvDb7urplJrLvi8JYS6JeNNcuO51oMWzKVG3mzpIcK1I9kpQlsjgGcZ7PZ_cnOs1nyQoVTAw

Request Chain 99

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGFANbjaOFqrhUmHt1t8RTM&google_cver=1&google_push=AZmPxg9O9wlzA33QEeQ6pbMW4CpRI1UkmZjBLF0DQx8VvMlMPsmjXhi1-LJG6ubWuuQ0PRG2Ioda6Ir5TpC6Ubhj2xcCmSZdIW7H HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk5STAySU4tSS1DQTU0&google_push=AZmPxg9O9wlzA33QEeQ6pbMW4CpRI1UkmZjBLF0DQx8VvMlMPsmjXhi1-LJG6ubWuuQ0PRG2Ioda6Ir5TpC6Ubhj2xcCmSZdIW7H

Request Chain 100

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHy4dz6ReMeCElfvAe-fgHE&google_cver=1&google_push=AZmPxg9-3ISxOwkr8iKl5nDmiP4mHvc6Se-kciLCv2o4c4Asn_iQspfW5HLErXLywQw34IXdrpDKcyTcq22HU8y15DLNlXo51VAR HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHy4dz6ReMeCElfvAe-fgHE&google_push=AZmPxg9-3ISxOwkr8iKl5nDmiP4mHvc6Se-kciLCv2o4c4Asn_iQspfW5HLErXLywQw34IXdrpDKcyTcq22HU8y15DLNlXo51VAR&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHy4dz6ReMeCElfvAe-fgHE&google_hm=Y0pJttBNX9X39YJ6TfbKBQAAERgAAAAB&google_nid=index&google_push=AZmPxg9-3ISxOwkr8iKl5nDmiP4mHvc6Se-kciLCv2o4c4Asn_iQspfW5HLErXLywQw34IXdrpDKcyTcq22HU8y15DLNlXo51VAR

Request Chain 104

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-wVfr_wDpBZPAkWtpk2kMl6ETb8yu3aRyxc9useF-Ki4LH7fjE0kV6lbh174-TrgV_VygEWHaV9o8SNbhi0k2f3twPBrAM&google_gid=CAESEElZyuHf6yFq5qekGRjlKpo&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLaTqZoGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWm1QeGctd1Zmcl93RHBCWlBBa1d0cGsya01sNkVUYjh5dTNhUnl4Yzl1c2VGLUtpNExIN2ZqRTBrVjZsYmgxNzQtVHJnVl9WeWdFV0hhVjlvOFNOYmhpMGsyZjN0d1BCckFN HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUVBHTGpZeGxqOEc3c2NaTi0za1BtZnlxdWpybU5NdzB5bHZFelZxVFpiVQ==&google_push

Request Chain 107

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDZwk4KrcVjxYvTwTZUuuRo&google_cver=1&google_push=AZmPxg_3tZbbanYp2a4mmareTZi2ui6WZ_LegRG-D-cDG9zijXZhOw0q1SUuiF53JcAUL84zVu93ASZuLW6P9Yv93kH6ItmxBNzX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk5STAySVAtOS1MU0JP&google_push=AZmPxg_3tZbbanYp2a4mmareTZi2ui6WZ_LegRG-D-cDG9zijXZhOw0q1SUuiF53JcAUL84zVu93ASZuLW6P9Yv93kH6ItmxBNzX

Request Chain 108

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOIM5LWQSgXbS5hR-Hh7SXs&google_cver=1&google_push=AZmPxg_Cm7qQ0t4nlDbVORtEd5jEK96tg2tnmFn_BS8c-6WJg4i7_Qw1fRoo5MLIkOOAlEer87sCCM6CwNXhslBgAbuYjd_Dri72 HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOIM5LWQSgXbS5hR-Hh7SXs&google_push=AZmPxg_Cm7qQ0t4nlDbVORtEd5jEK96tg2tnmFn_BS8c-6WJg4i7_Qw1fRoo5MLIkOOAlEer87sCCM6CwNXhslBgAbuYjd_Dri72&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOIM5LWQSgXbS5hR-Hh7SXs&google_hm=Y0pJttBNX9X39YJ6TfbKBQAAERgAAAAB&google_nid=index&google_push=AZmPxg_Cm7qQ0t4nlDbVORtEd5jEK96tg2tnmFn_BS8c-6WJg4i7_Qw1fRoo5MLIkOOAlEer87sCCM6CwNXhslBgAbuYjd_Dri72

Request Chain 112

https://gcdn.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/946590151425C62A62E1B1BF7D07E3FB6943A717.563A6D3B8483B213DE5049CB71861B6E5E87FDAD/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-aigl6nsd.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/44A1F82CC4679AEE750A812453D98905FE212309.50F7BE1A0886E76D99FBF79B78D37094DE0E0A5D/key/cms1/cms_redirect/yes/mh/is/mip/2001:ac8:21:e::13/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1665812466/mv/m/mvi/1/pl/48/file/file.mp4

Request Chain 114

https://gcdn.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/946590151425C62A62E1B1BF7D07E3FB6943A717.563A6D3B8483B213DE5049CB71861B6E5E87FDAD/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-aigzrnze.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A7E2175241B6A5E9844CE41E3F3C701D81A5F9F.3D8B097C99607CB88B3B40698EA5061DD65CC394/key/cms1/cms_redirect/yes/mh/is/mip/2001:ac8:21:e::13/mm/42/mn/sn-aigzrnze/ms/onc/mt/1665812699/mv/m/mvi/1/pl/48/file/file.mp4

125 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
test-otvet.com.ua/
Redirect Chain

http://test-otvet.com.ua/
https://test-otvet.com.ua/

44 KB
12 KB

459ms
290ms

Document
text/html

2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://test-otvet.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx / PHP/7.4.28
Resource Hash: 037b2fff7e998f0a8c98c7449d15cdb5ec74c5ffe1ce3680d8cd25d996f5c428

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 public
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 15 Oct 2022 05:48:36 GMT
expires: Wed, 17 Aug 2005 00:00:00 GMT
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
pragma: no-cache
server: nginx
vary: Accept-Encoding
x-powered-by: PHP/7.4.28

Redirect headers

Cache-Control: max-age=0
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Sat, 15 Oct 2022 05:48:36 GMT
Expires: Sat, 15 Oct 2022 05:48:36 GMT
Location: https://test-otvet.com.ua/
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 644ab50e6ce4af648faf84035722450d_0.css
test-otvet.com.ua/media/plg_jchoptimize/cache/css/ 272 KB
45 KB 87ms
85ms Stylesheet
text/css 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: bc750641a189ad856c6910f822b39a3834fb7cace178555ee7af274593c16fed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
content-encoding: gzip
last-modified: Sat, 15 Oct 2022 03:31:12 GMT
server: nginx
etag: W/"634a2980-43e43"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=3888000
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 s5_logo.png
test-otvet.com.ua/templates/lime_light/images/ 3 KB
3 KB 170ms
169ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/templates/lime_light/images/s5_logo.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: b5ca09c1a36c4e7ff4aed9cc76882c34299f80953e00d982667d0ba4cc52e335

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Sun, 01 Jul 2018 18:09:02 GMT
server: nginx
etag: "5b3918be-bb0"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 2992
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 Zakazat_reshenie_testov.png
test-otvet.com.ua/images/ 3 KB
4 KB 210ms
210ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/images/Zakazat_reshenie_testov.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9a1c79f5e04e5d78b3596e1a5773f8b83a2a7cfdd91b9c1a36aad224870a39d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Sun, 01 Jul 2018 18:08:58 GMT
server: nginx
etag: "5b3918ba-da3"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 3491
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 a8979d929044bb91eb3489a0ff4dc6fb_0.js Show response
test-otvet.com.ua/media/plg_jchoptimize/cache/js/ 873 KB
250 KB 133ms
132ms Script
application/javascript 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to

Full URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/js/a8979d929044bb91eb3489a0ff4dc6fb_0.js
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9ca795de14129d5018599b260f43582cd61c39fa42e074dee2aa94a00dc9f3bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
content-encoding: gzip
last-modified: Sat, 15 Oct 2022 03:31:12 GMT
server: nginx
etag: W/"634a2980-da587"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3888000
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 menu_light.png
test-otvet.com.ua/templates/lime_light/images/vertex/responsive/ 144 B
318 B 147ms
146ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/templates/lime_light/images/vertex/responsive/menu_light.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4bec24bbc582347cbfa534b01b950acd13121d87490c22cb67b96cadb626adfb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Thu, 19 Jul 2018 05:53:46 GMT
server: nginx
etag: "5b50276a-90"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 144
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 search_light.png
test-otvet.com.ua/templates/lime_light/images/vertex/responsive/ 524 B
698 B 148ms
148ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/templates/lime_light/images/vertex/responsive/search_light.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0cb2d4644235cb73c578f98f16f65ff6fcca5bf1a4dc35f71b912401dd200450

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Thu, 19 Jul 2018 05:53:56 GMT
server: nginx
etag: "5b502774-20c"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 524
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 top_bg.jpg
test-otvet.com.ua/images/ 39 KB
39 KB 148ms
148ms Image
image/jpeg 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/images/top_bg.jpg
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: d63799bb2899133a11378af34a9a4859050405e79a3dd6b8a34d0c3735bf5945

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Thu, 19 Jul 2018 05:53:10 GMT
server: nginx
etag: "5b502746-9b41"
content-type: image/jpeg
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 39745
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 s5_lines.png
test-otvet.com.ua/templates/lime_light/images/ 186 B
359 B 149ms
148ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/templates/lime_light/images/s5_lines.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 85d4d9d923f54a443663389daacd25f5ac16ddbe2445db430b138383858d3dea

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Sun, 01 Jul 2018 18:09:02 GMT
server: nginx
etag: "5b3918be-ba"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 186
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 s5_search.png
test-otvet.com.ua/templates/lime_light/images/ 253 B
427 B 150ms
149ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/templates/lime_light/images/s5_search.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1edb17b69d4f2ddf4fbe4d84585bea9e13f272cc1304b245f3ecfde2f1b21eed

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Thu, 19 Jul 2018 05:54:14 GMT
server: nginx
etag: "5b502786-fd"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 253
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 s5_white_area.jpg
test-otvet.com.ua/templates/lime_light/images/ 330 B
504 B 150ms
150ms Image
image/jpeg 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/templates/lime_light/images/s5_white_area.jpg
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2acf25de59efc408a7824673f2e75a63f8b2130bce70181ccdd0d7c1a9d182e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Sun, 01 Jul 2018 18:09:02 GMT
server: nginx
etag: "5b3918be-14a"
content-type: image/jpeg
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 330
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 s5_bottom_bg.png
test-otvet.com.ua/templates/lime_light/images/ 6 KB
6 KB 151ms
150ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/templates/lime_light/images/s5_bottom_bg.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 1494ac3b493ec92b6b30a07a15082d92fe0f0cc64472f456362d131e1ed65e0d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Sun, 01 Jul 2018 18:09:02 GMT
server: nginx
etag: "5b3918be-1804"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 6148
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 s5_bottom_glow.png
test-otvet.com.ua/templates/lime_light/images/ 46 KB
46 KB 152ms
151ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/templates/lime_light/images/s5_bottom_glow.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0248573f7874737562dbca0fa10ff6779fd16ff30b2d32d1648a6cde7c113d43

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/media/plg_jchoptimize/cache/css/644ab50e6ce4af648faf84035722450d_0.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:36 GMT
last-modified: Sun, 01 Jul 2018 18:09:02 GMT
server: nginx
etag: "5b3918be-b8c7"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 47303
expires: Tue, 29 Nov 2022 05:48:36 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/ Frame 3683 10 KB
5 KB 144ms
55ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20190131/zrt_lookup.html

Requested by

Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/js/a8979d929044bb91eb3489a0ff4dc6fb_0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://test-otvet.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 50118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 15:53:19 GMT
etag: 9671129459699598864
expires: Fri, 28 Oct 2022 15:53:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 352 KB
125 KB 159ms
70ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Requested by

Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/js/a8979d929044bb91eb3489a0ff4dc6fb_0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

20549eb65e2235d9835585c6184cf302fd6af6523e3d650691d775e8cb94909c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127401
x-xss-protection: 0
server: cafe
etag: 2954247610841629686
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 05:48:37 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 160 KB
56 KB 379ms
195ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/media/plg_jchoptimize/cache/js/a8979d929044bb91eb3489a0ff4dc6fb_0.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

2db242022d57be8e8db08f15eb6966b8dcff5b40b4eff546198481ac0778e58c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-e076"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 57462
expires: Sat, 15 Oct 2022 06:48:37 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t14.11;r;s1600*1200*24;uhttps%3A//test-otvet.com.ua/;h%u0422%u0435%u0441%u0442%20%u043E%u0442%u0432%u0435%u0442%20-%20%u0423%u0447%u0435%u0431%u043D%u044B%u0435%20%u044...
https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//test-otvet.com.ua/;h%u0422%u0435%u0441%u0442%20%u043E%u0442%u0432%u0435%u0442%20-%20%u0423%u0447%u0435%u0431%u043D%u044B%u0435%20%u0...

232 B
718 B

71ms
70ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//test-otvet.com.ua/;h%u0422%u0435%u0441%u0442%20%u043E%u0442%u0432%u0435%u0442%20-%20%u0423%u0447%u0435%u0431%u043D%u044B%u0435%20%u0441%u0431%u043E%u0440%u043D%u0438%u043A%u0438%20-%20%u0441%u0442%u0443%u0434%u0435%u043D%u0442%u0430%u043C%20%u0438%20%u0448%u043A%u043E%u043B%u044C%u043D%u0438%u043A%u0430%u043C;0.42203732179441245

Requested by

Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

7d550054af94715ae3a21086cf52bb1d9c25d74f9c8aeaa7cc94615661db6871

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 15 Oct 2022 05:48:37 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 232
Expires: Thu, 14 Oct 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 15 Oct 2022 05:48:37 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;t14.11;r;s1600*1200*24;uhttps%3A//test-otvet.com.ua/;h%u0422%u0435%u0441%u0442%20%u043E%u0442%u0432%u0435%u0442%20-%20%u0423%u0447%u0435%u0431%u043D%u044B%u0435%20%u0441%u0431%u043E%u0440%u043D%u0438%u043A%u0438%20-%20%u0441%u0442%u0443%u0434%u0435%u043D%u0442%u0430%u043C%20%u0438%20%u0448%u043A%u043E%u043B%u044C%u043D%u0438%u043A%u0430%u043C;0.42203732179441245
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Thu, 14 Oct 2021 21:00:00 GMT

GET
H2 200 scroll-to-top-4.png
test-otvet.com.ua/images/ 140 B
314 B 81ms
81ms Image
image/png 2a00:f940:2:2:1:3:0:128
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-otvet.com.ua/images/scroll-to-top-4.png
Requested by: Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a00:f940:2:2:1:3:0:128 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: nginx /
Resource Hash: c4951ce38388092914b2fed2a015e8f16e5e19376d4bc4c6594aa85f9112afbe

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:37 GMT
last-modified: Thu, 19 Jul 2018 05:54:34 GMT
server: nginx
etag: "5b50279a-8c"
content-type: image/png
cache-control: max-age=3888000
accept-ranges: bytes
content-length: 140
expires: Tue, 29 Nov 2022 05:48:37 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
704 B 164ms
51ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=test-otvet.com.ua&callback=_gfp_s_&client=ca-pub-9839722309204686&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2dd5404ffe26ae8c7ee6a762bdae578486953e0769ba5cddb372413b028b8abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 195ms
50ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=test-otvet.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 151ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=test-otvet.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BBB 274 KB
68 KB 537ms
536ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&adk=3692517673&adf=3459230834&lmt=1665812917&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Ftest-otvet.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812917032&bpp=2&bdt=488&idt=278&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1430334803695&frm=20&pv=2&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=297

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8de4d3b7a75c6e184a6895b1d2590a5f12ae6602b8c085255bfa36f05d5d0241

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://test-otvet.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 69583
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 05:48:37 GMT
expires: Sat, 15 Oct 2022 05:48:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/29840259/
Redirect Chain

https://mc.yandex.ru/watch/29840259?wmode=7&page-url=https%3A%2F%2Ftest-otvet.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8lptml46owy1i81m1iing%3Afp%3A929%3Afu%3A0%3Aen%3Autf-8%3...
https://mc.yandex.ru/watch/29840259/1?wmode=7&page-url=https%3A%2F%2Ftest-otvet.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8lptml46owy1i81m1iing%3Afp%3A929%3Afu%3A0%3Aen%3Autf-8...

446 B
528 B

93ms
92ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/29840259/1?wmode=7&page-url=https%3A%2F%2Ftest-otvet.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8lptml46owy1i81m1iing%3Afp%3A929%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A533584947280%3Ahid%3A131652398%3Az%3A0%3Ai%3A20221015054837%3Aet%3A1665812918%3Ac%3A1%3Arn%3A6141095%3Arqn%3A1%3Au%3A1665812918353702821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C167%2C291%2C3%2C229%2C0%2C%2C511%2C14%2C%2C%2C%2C1203%3Acpf%3A1%3Ans%3A1665812915847%3Arqnl%3A1%3Ast%3A1665812918%3At%3A%D0%A2%D0%B5%D1%81%D1%82%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D1%8B%D0%B5%20%D1%81%D0%B1%D0%BE%D1%80%D0%BD%D0%B8%D0%BA%D0%B8%20-%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20%D0%B8%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Requested by

Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

dd9e12e5309b4cb68cb3055fc04dfa1017d5fda8c2ba7ca0f3b82f77af30d411

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Sat, 15-Oct-2022 05:48:37 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://test-otvet.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 446
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 05:48:37 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:37 GMT
strict-transport-security: max-age=31536000
last-modified: Sat, 15-Oct-2022 05:48:37 GMT
location: /watch/29840259/1?wmode=7&page-url=https%3A%2F%2Ftest-otvet.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A8lptml46owy1i81m1iing%3Afp%3A929%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A912%3Acn%3A1%3Adp%3A0%3Als%3A533584947280%3Ahid%3A131652398%3Az%3A0%3Ai%3A20221015054837%3Aet%3A1665812918%3Ac%3A1%3Arn%3A6141095%3Arqn%3A1%3Au%3A1665812918353702821%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A0%2C167%2C291%2C3%2C229%2C0%2C%2C511%2C14%2C%2C%2C%2C1203%3Acpf%3A1%3Ans%3A1665812915847%3Arqnl%3A1%3Ast%3A1665812918%3At%3A%D0%A2%D0%B5%D1%81%D1%82%20%D0%BE%D1%82%D0%B2%D0%B5%D1%82%20-%20%D0%A3%D1%87%D0%B5%D0%B1%D0%BD%D1%8B%D0%B5%20%D1%81%D0%B1%D0%BE%D1%80%D0%BD%D0%B8%D0%BA%D0%B8%20-%20%D1%81%D1%82%D1%83%D0%B4%D0%B5%D0%BD%D1%82%D0%B0%D0%BC%20%D0%B8%20%D1%88%D0%BA%D0%BE%D0%BB%D1%8C%D0%BD%D0%B8%D0%BA%D0%B0%D0%BC&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
access-control-allow-origin: https://test-otvet.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 15-Oct-2022 05:48:37 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 98ms
98ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:37 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 07 Oct 2022 07:30:00 GMT
etag: "633fab48-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 15 Oct 2022 06:48:37 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 141ms
60ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221012&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32827f4a96b7e241a45863ef36c111a1fb0dfc8c1c57d3ab4db74dc427c2121c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11309
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/ 151 KB
54 KB 143ms
62ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73b3f230d790b487d31edc61b4223e1f9c191cee7cc1ddb6a7b95ec5ed4148e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55059
x-xss-protection: 0
server: cafe
etag: 13924632229193137678
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 05:48:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 133ms
50ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=test-otvet.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 137ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=test-otvet.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C5B8 77 KB
25 KB 396ms
395ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=2202782542&adf=3104713314&pi=t.aa~a.3276947282~i.18~rp.1&w=508&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=508x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=127&rw=508&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=3&bdt=1457&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0&nras=2&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TbxjmHxHLW&p=https%3A//test-otvet.com.ua&dtd=22

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04e35508e0592b2f2441b5d2aed335ca66859fd08ba3a4c4cfd6f2e69db561a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://test-otvet.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 25413
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 05:48:38 GMT
expires: Sat, 15 Oct 2022 05:48:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3F1C 77 KB
25 KB 402ms
402ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=4015807509&adf=3490668099&pi=t.aa~a.3648596900~i.24~rp.1&w=585&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=585x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=147&rw=585&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=1&bdt=1457&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0%2C508x280&nras=3&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=92ZqZswQ3x&p=https%3A//test-otvet.com.ua&dtd=29

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed625419f30d7f9ae1a45b420c7df57bc6a43be5fabcdbba4bac8919fea9bef9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://test-otvet.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 25607
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 05:48:38 GMT
expires: Sat, 15 Oct 2022 05:48:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 143ms
51ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Oct 2022 05:48:38 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 49ms
48ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=test-otvet.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 49ms
49ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=test-otvet.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame 0E3A 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://test-otvet.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 34405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:15:13 GMT
etag: 9671129459699598864
expires: Fri, 28 Oct 2022 20:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/ Frame 9DA0 10 KB
4 KB 40ms
40ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210100101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://test-otvet.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 34405
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 20:15:13 GMT
etag: 9671129459699598864
expires: Fri, 28 Oct 2022 20:15:13 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 0E3A 4 KB
1 KB 141ms
50ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 15 Oct 2022 05:14:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Oct 2022 05:48:38 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0E3A 205 B
743 B 134ms
40ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 02:24:06 GMT
x-content-type-options: nosniff
age: 12272
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 15 Oct 2023 02:24:06 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 0E3A 604 B
693 B 134ms
41ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:45:11 GMT
x-content-type-options: nosniff
age: 207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 15 Oct 2023 05:45:11 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/ Frame 0E3A 19 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 19:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37770
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8227
x-xss-protection: 0
server: cafe
etag: 5516984893510486959
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 19:19:08 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/ Frame 4658 167 KB
45 KB 42ms
42ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/index.html

Requested by

Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3523bc3cd5cbead929a3507ebffbd6a7c1de3dfb4cec8c158000da4b8e84dc08

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 23174
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 44143
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 23:22:24 GMT
expires: Sat, 14 Oct 2023 23:22:24 GMT
last-modified: Thu, 08 Sep 2022 10:27:01 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9DA0 0
0 84ms
84ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CeePjtUlKY4LjFo_Zx_APnJ-LsAaIgIDJbNXVn4q-EMCNtwEQASDAgqAnYLuGgIDQCqABnIyFzCjIAQmpAizKAfKLT7A-qAMByANIqgTXAU_Q16zhwG7KhLfeySkGyoizDBX7v_1MNcTYnnGdZYNlKCe0wd-51Ze6abFsQAplqGUqYrVotDL0CyA5zAuZySQMECZCNc4qJ8HeKV73nhGLAouG7Pwr6OaXTncCMljCmIy5P0QQ5gtb_MNNh0GbWE2bg_qxqN3xL_UYPM_6Y16DZ1LV-KUMkA5wBLv65VEHSqrbp0guDDBJfS6Ij3djfhFYQYZIORcI5h1APyVJjRC1W-eXFlgzz5RFcN2ra05EIgRbvanb2Cn80UKHYmkPk1B-RWvaHQPjwASZ2PfFmgSSBQQIBBgBkgUECAUYBKAGLoAHnMTVqwOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBDL5RnSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTCtAVAYAXAbIXHAoaCAASFHB1Yi05ODM5NzIyMzA5MjA0Njg2GAA&sigh=vWQIfpWw-iM&uach_m=[UACH]&cid=CAQSGwDq26N9hGzhz9m3KWNYPA3MfvSlRQvJsVmzuRgBIA4&template_id=419

Requested by

Host: test-otvet.com.ua
URL: https://test-otvet.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Oct 2022 05:48:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Oct 2022 05:48:38 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 9DA0 23 KB
9 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:58:44 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9DFB 13 KB
5 KB 127ms
42ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://test-otvet.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 37376
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 19:25:42 GMT
expires: Sat, 14 Oct 2023 19:25:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6629 783 B
1 KB 141ms
50ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

55ec7cdd5f970f2a08737a401f9403fdcde77edfdbabf38a85ce8a3b12d77016

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m6_XrwZsyuBjlPLiRAmr1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://test-otvet.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-m6_XrwZsyuBjlPLiRAmr1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 05:48:38 GMT
expires: Sat, 15 Oct 2022 05:48:38 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4658 16 KB
6 KB 120ms
55ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 10:31:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69403
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Oct 2022 10:31:55 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4658 34 KB
13 KB 105ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 09:40:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72463
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 15 Oct 2022 09:40:55 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7E56 143 B
166 B 40ms
40ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 04:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 9DA0 3 KB
1 KB 122ms
82ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 19:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 19:23:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 9DA0 17 KB
7 KB 86ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 17:09:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame E5AB 8 KB
895 B 137ms
54ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 15 Oct 2022 04:53:05 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Oct 2022 05:48:38 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame E5AB 2 KB
902 B 83ms
83ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 19:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38769
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 19:02:29 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame E5AB 23 KB
9 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:58:44 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame E5AB 3 KB
1 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 19:23:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37492
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 19:23:46 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame E5AB 17 KB
7 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 17:09:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E5AB 152 KB
47 KB 1134ms
1044ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Oct 2022 05:48:39 GMT

GET
H3 200 1d54d8cacad5994e062108e03542c880.js Show response
www.gstatic.com/mysidia/ Frame E5AB 33 KB
13 KB 124ms
41ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1d54d8cacad5994e062108e03542c880.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 06:21:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13786
x-xss-protection: 0
last-modified: Mon, 10 Oct 2022 20:37:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 12 Jan 2023 06:21:45 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7E56
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

55ms
55ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 05:48:38 GMT
expires: Sat, 15 Oct 2022 05:48:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 05:48:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame C5B8 23 KB
9 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=2202782542&adf=3104713314&pi=t.aa~a.3276947282~i.18~rp.1&w=508&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=508x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=127&rw=508&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=3&bdt=1457&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0&nras=2&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TbxjmHxHLW&p=https%3A//test-otvet.com.ua&dtd=22

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:58:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame C5B8 8 KB
716 B 88ms
57ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 15 Oct 2022 05:04:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Oct 2022 05:48:38 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame C5B8 14 KB
3 KB 134ms
45ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame C5B8 359 KB
124 KB 184ms
94ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127092
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/ Frame 3F1C 23 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=4015807509&adf=3490668099&pi=t.aa~a.3648596900~i.24~rp.1&w=585&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=585x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=147&rw=585&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=1&bdt=1457&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0%2C508x280&nras=3&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=92ZqZswQ3x&p=https%3A//test-otvet.com.ua&dtd=29

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 18:58:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38994
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9578
x-xss-protection: 0
server: cafe
etag: 2674910403068493586
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 18:58:44 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 3F1C 8 KB
716 B 65ms
51ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 15 Oct 2022 05:00:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 15 Oct 2022 05:48:38 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 3F1C 14 KB
3 KB 118ms
45ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/ Frame 3F1C 359 KB
124 KB 120ms
47ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 13:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 231903
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127092
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 10:40:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Oct 2023 13:23:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9DA0 152 KB
46 KB 1135ms
1122ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47415
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1665574756386403"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 15 Oct 2022 05:48:39 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame C5B8 17 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 17:09:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C5B8 0
0 134ms
49ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTQCAoJouNta_IliADOF1fW4T_2_6Mo858XvvB1uEB0B6jV41TITl9snpu_qeUa2Fio7bhtIu1ZBTOczDgptIPMEYWVXQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=2202782542&adf=3104713314&pi=t.aa~a.3276947282~i.18~rp.1&w=508&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=508x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=127&rw=508&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=3&bdt=1457&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0&nras=2&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TbxjmHxHLW&p=https%3A//test-otvet.com.ua&dtd=22
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21AD 143 B
166 B 46ms
40ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3484
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 04:50:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9DA0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 725a7c61f99517a7ec7d5a7dbbe868b167d7179d0c59f7ebd8e19a97d4ea898f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/ Frame 3F1C 17 KB
7 KB 45ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221012/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 17:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45576
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7570
x-xss-protection: 0
server: cafe
etag: 17992891929817281641
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 28 Oct 2022 17:09:02 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 3F1C 0
0 126ms
48ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTzZDdVnheWTD0UqWyImknr7KKhppaGyvD0b4Nu7WCC9SJC3DLTzoXM1V-iIE14IHZVHLLqFHnnkjUQEy6SuOkOz2QWiw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=4015807509&adf=3490668099&pi=t.aa~a.3648596900~i.24~rp.1&w=585&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=585x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=147&rw=585&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=1&bdt=1457&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0%2C508x280&nras=3&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=92ZqZswQ3x&p=https%3A//test-otvet.com.ua&dtd=29
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6629 0
0 74ms
74ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221012&jk=1121248758158124&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DFB 36 KB
16 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 16:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 16:52:36 GMT

GET
H3 200 7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js Show response
pagead2.googlesyndication.com/bg/ Frame 4658 36 KB
16 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/7JEUJG1jVChIMuhiOxVurQN9pIQLeBNKr_aiZz5iC5Y.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 16:52:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 46562
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15945
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 14 Oct 2023 16:52:36 GMT

GET
H3 200 NUS_20220627_Blend_London_V2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/ Frame 4658 9 KB
9 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/NUS_20220627_Blend_London_V2.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

17f6d34f4b917bb6c5b0947b47a063430213ae78192eae663f120a287be25179

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 12 Oct 2022 22:50:48 GMT
x-content-type-options: nosniff
age: 197870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8809
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 10:27:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 22:50:48 GMT

GET
H3 200 Zrzut_ekranu_2022-08-19_o_15.02.27.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/ Frame 4658 35 KB
35 KB 50ms
50ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/Zrzut_ekranu_2022-08-19_o_15.02.27.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bb57e9abaada110b98f394f10e302538e9bb3037d4773d04a459f9a4db92f5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 12 Oct 2022 22:50:48 GMT
x-content-type-options: nosniff
age: 197870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35673
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 10:27:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 22:50:48 GMT

GET
H3 200 Zrzut_ekranu_2022-08-25_o_11.32.19.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/ Frame 4658 41 KB
41 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/Zrzut_ekranu_2022-08-25_o_11.32.19.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6077d94b1a66d96407b7b8ebbaf4115a694b881b11ce200b67cb3cc8093c69e9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 12 Oct 2022 22:50:48 GMT
x-content-type-options: nosniff
age: 197870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42109
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 10:27:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Oct 2023 22:50:48 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 21AD
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

52ms
52ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 05:48:38 GMT
expires: Sat, 15 Oct 2022 05:48:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 15 Oct 2022 05:48:38 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9DFB 0
10 B 40ms
40ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7RvZEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 3F1C 0
327 B 137ms
47ms Ping
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l99i02bc&c=2466632839458&slotId=1233316419729&qqid=CJng-tnE4foCFc3gGAodIjcAgQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3F1C 9 KB
10 KB 127ms
40ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 379135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3F1C 15 KB
15 KB 171ms
86ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 59625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:14:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3F1C 0
20 B 75ms
74ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CYzm-tklKY5mtBc3BY6LugIgIpKCS-2yE9oq1lBCOicC_yjIQASDAgqAnYLuGgIDQCqABqf_lxgHIAQWoAwHIA5sEqgTyAU_QyJKgEm7BAdYOuiE9InRELYI_HRg0c8SuBKb3uu9cDaqNxOvzEzxi5dgr7cY0DOxUKQfygOemEPL4U7sUam-Gc8gePZXjcxOOaT60pKxVxii7jyCLXOFSpCOyyKeavtROCJiQnkxQlbJQf7aK0GiW3JBuHwZZNa_IDrKTzJuYnxxNP9e4Yz-yLbinjGB--pta4_T4LbDzenXIHy_fXeiZUYUdWpBEywKhqK3p8Uhvn3Tr7p94EkeMtjcY61_X7FMP_ffQ6PdTwC_oQfYRBDy_sMA6fRmC45vQ6NvqNsg9JV737f8Ek16r8qAoS57qBNYywASv1cTPigTgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBPx1uMQ2BMNiBQF2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1665812918732&ai=CYzm-tklKY5mtBc3BY6LugIgIpKCS-2yE9oq1lBCOicC_yjIQASDAgqAnYLuGgIDQCqABqf_lxgHIAQWoAwHIA5sEqgTyAU_QyJKgEm7BAdYOuiE9InRELYI_HRg0c8SuBKb3uu9cDaqNxOvzEzxi5dgr7cY0DOxUKQfygOemEPL4U7sUam-Gc8gePZXjcxOOaT60pKxVxii7jyCLXOFSpCOyyKeavtROCJiQnkxQlbJQf7aK0GiW3JBuHwZZNa_IDrKTzJuYnxxNP9e4Yz-yLbinjGB--pta4_T4LbDzenXIHy_fXeiZUYUdWpBEywKhqK3p8Uhvn3Tr7p94EkeMtjcY61_X7FMP_ffQ6PdTwC_oQfYRBDy_sMA6fRmC45vQ6NvqNsg9JV737f8Ek16r8qAoS57qBNYywASv1cTPigTgBAOQBgGgBk6AB7-AmrkCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIEQiA4YAQEAEYHzICqgI6AoBAgAoBmAsByAsBgAwBsBPx1uMQ2BMNiBQF2BQB0BUB-BYBgBcB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 3F1C 29 KB
16 KB 147ms
54ms XHR
text/xml 74.125.140.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CK0Pi7IFTCHsVO9M8AVroPZfOL1jXYc_sA3YvsmGpvIS_1R9tI2BMLcCP-1iMCvgNgxp7aixfnDUNEpsak4UWUWkEHlQ&cry=1&dbm_d=AKAmf-AAdZQ1cuoSJkyz2cIrz31CQiP2mSCv89mu9CbV0fReem3x-gvIn3TyCR0bSDK8AgHU_3LRbwnV6jn0WOWFTolYnIFeCMjrga2xLF1pRuoR5H4y4MPkYQWTnfIoO3aL3-bUUl47i0uT0Dso4UoLL9hcduflIE6-D6yB-6oIEsA2aaeUAqtmG9eMuWrCLvmmsz78k4-6n9g_jWQwwpFXUFMpbwTF1UpHuPLzf3er6oYLEy6GqNkMv-j5jD0nFi68QG0tpbypmzYXdWZJDB5yXN3pGAKTjW7vL53-_gLROw-o18rriDyg4hc6qYi1gftBoDuyYfqEI0-gC9FWlIqVAAHtwScg-Kwi-RwuEIqrA5Ex-CdSeWXQFd841wqI9PH0id_7oYpeeMcGBfyiiYchMtrT7ymQMVP56FYFHBoqRbf0KgEHjMSWy11rasImDZ1YOa8HR8MENEw_OfIci1vhp-Q1hcvDK4ULlWo9YPRRxdAbMolhHJyVI9W70jK23hcWixTBdxIAHVNhL8QFr7V7eAqhE_JPV0-j0S6N2qvF9A6C4OnqW-0I2ZfRo5NQuMwKIwoEBnu9NiyCQGaGBTdOiGzBtZhewWL2x1JGTzv0KAh6quMofzTQ_k4AbQ_wfXlazlX-EyE6_DMQodyABcbekLIsfNqty9XSqjBSWi0EjoyXaU8twV7GMeid5okkzEWT5qt4XFjctA1p2MQWljn_GUjfk1rj3_OrX_0JIm8k6qSKj24cR63IJD4WIZllNcrxVqbJfVr3RlQFY18lvOf-xPCk-hioIrVc9PMZfa3gywqPo18D2sN5pm4u00owNATKt9BD8EFNPYid-wME18kZa-LEb4BLJBAx5DYzc_sVEe9wP0XlRChb1EE_e6MB4Zs8oz53TAteTfVfDRVlb8oIkd5HnrxpK7OquOgh5Pld3tG9jzrOooH3LWy_rUyUs3Q_bJ-9hLKnLWe0K9bdNjO_VmsO_EPORRqWQEA09iIFpAqC9zh1KxoDTJs96aJMZcdGStzVWcNN7LrdN_3eZklZF7XPcS3M9Nf8t8n31uskvE5i-tVvY8KRleWKoQATtASKUrSrfU68YX7WeG918EAcdAdJbvOuzqEoAABq91CANDAbWH3ekEIfDuq7QfWs9sXQ8j2008KP5cc97PO0e3L3qsBanQDDxu99yenbZG7J5Uj1_BB-Ygrc7Pa5bsk-dIL5d674Er3goktzs2VtxtyUybKwgeYxk0j5kk3IfheMiR1jLGdN9lZptXXp-R-wJy3zXqiOTqvNd9k8BugUJChtj43X9uwiwPMu4W2OqqxDGlkzyNocaiaPS63Fxogn38S57Z6bO2cFjf1HqW2qzbQD1hT39lZcp5P2K_QDZgJtlSMQX5BjJcGzG3d2hEKr9ZG1FM7Ee6qrbNfErMtzCQtkLByUzZZ-FDS_gpQ8Zf3ydJscUWUpLz8EVXdaQGOFzgRlOSo9AtWUR9A7gl8uKHLEvbAMq039lynXc1oNyvrWtu5WkR9aIbqBBWEkxLbGpJQ8BQqKytYXFjVWpm9KGPNNxjhkGn7uuCv3mV6O9EhJx_mu6KA_0g5jN0CfmcoWaMaFQJKDA8RbRF1Fd5QJdA_x2n4wvOf9kGnG5c_YeDe2J3XNcqQIVsd9H9TlvYvry45Uu1viDLhSHd0cqJFOAG0MvGgZ7qpm3HsgC8JJPja5wF1P7sw8t1P36_6uBILuDUjtQu2Ox1RbkbSXBT8-MYXQffUy5RDconC2-KVhYWoTJYnMqzUvKOYA0ypMw2Y2zSv2fRqc-uV0ghK_a-kYGTzCFMQYPPG75cQVWbGYtZFqp0oAir_YGIQiDRbj4-NxPapa5tz4mKTO8ikspYAFkJMktYRvRGqR-OZIpnUlnpDbgBH8dfo6MqhTt3Z0apqNziBsLCs3PVIE3vi_03S37C1o-XYw_Igt1TpRttU1447nORMk9bbt9vvSEuR22b6CwnkEfffFnj9Ej5b3-uPWtn9NVWx7DijrPwhlpDYBZaQQlbdX0qDpaUzefcUZgZ-kIraGIdcMeziHzN8-CwycKBTpjoUDwdMgBrOFYAZ3HzmCqjm-N6QYNN4ip30UKr6wpsKr1eHymOb9T-khkNee3vaLUvBzH33EibKCwmd-_T5Iwjn0c3rKBdaObqNOapJpRSD-izP3UMqWXKn1k-Cdteb58jGRQqzQxiN-gOhYwe9Oyksv_YrdautYQhkGp5zrh71r0c8iHRWbcyyYdbbwa9Kordvj3Yqv8wdTGMiYSNpfj3piT8zkWMIHOW240JlN8bqsuwWJSg28EZ8TGjfVyrn0Qu-Zl2IkfyLuVfPhpPFB3eoxkq09114G49oF-xJtxZZywcUb3zGZ1CV98v6dWOAw7mc2wmPavA_f3y1ZCYZlPnNTbWUSyH0RBKrAZzY_K-YE_E-0D-LJgeE2tjAL4w6V7zZso8zeUplJaJqsbl99KXqTFXNamRoCZ-KUW20XVT_OQpq5PEXwAcZJGPLX2z3vZXAOKxofaJndQSsE2Lrl2Z9TkMVnaIkLCsJDyjR0J7GxVwu5XHLEsQyWm9G-mFQiFB1lejQZAsk9ll90DtndI6HRXvM-oL5OAlIg_VPtM6pxYEa8BTZeW99ecoBR4nZKKBe1nCwuhb2_ZaZY9ci0FhmpJ-Ot16PxE2TL8riSFsEyq9rWnBO99wIJa07JauecH968JqUREzraxVXL667Qz9EGZVxFXrG4Y8UECbbvOWY-Y1vPK_DyJG7CoBYilt9XYo7ylo_ce0ltRGsa2qEwCERbkFMdxIy2w4YPTH_3b2yhckB2crTUcm6CDaQlQqPX7H6ypnDJscuaahSZR_lLHMsFJS2gZlFLWFIHxbA5v0ju9eeSTZC6j5ng3nKIfdmlL16V75yxfc1HWU4UHDyiq_CcZTVOvTZgiCWyksHgAMCois4zYGmPKWBncIY8kSIqmgG0TaDH7NhY73oh3BrDKwOqnB2Gh70WRYsO3PI8XO2L5H9LdV15SkxFGoLXZgMUje1v5sOp0uSY8AaHCuFkCttyuOTUIfpfSFfQzyPyc0-b61f19wH2lFCgkViXl-aABCDfyeZphs8ticVFLg2OjUvQEco05mMckSHkTsxwvLWTLkdptJUxC29PjKH4UjecNJap7hy3XFs1WAQ8c73GvyJbmA43Mme-nBRk0fbNKWkOWLq0OHHgIomqKxhrOtXJc1TKwNdHZ_JiiaP0xrjhO182BC7W1ARMC-0X5Ylq4Rr_m27z2z5l790ClJXhRT-Nh8U_AtG-h40H8csJd49Rrell0zmSW7_pBrYXBU6Z0iBH18hkv0O8spjqXd2XOLD54RU7TLTN2OoJ9WKcTytgKfGgX6MCb70&cid=CAQSOwCsnQUxoURw0JppcowGO7qIehdyBhRhAEFGWgd4scCLLOiOYTVl_3fpyeHTsnOKX8mkvRaphuGJSBnZGAEgDg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f157.1e100.net

Software

cafe /

Resource Hash

ffde4319b2e752ddffccebb10ae56b9847f5b994d9a196a1b67f92ca5333bff5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16064
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3F1C 0
0 79ms
78ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CERjgtklKY5mtBc3BY6LugIgIpKCS-2yE9oq1lBCOicC_yjIQASDAgqAnYLuGgIDQCqABqf_lxgHIAQWoAwGqBO8BT9DIkqASbsEB1g66IT0idEQtgj8dGDRzxK4Epve671wNqo3E6_MTPGLl2CvtxjQM7FQpB_KA56YQ8vhTuxRqb4ZzyB49leNzE45pPrSkrFXGKLuPIItc4VKkI7LIp5q-1E4ImJCeTFCVslB_torQaJbckG4fBlk1r8gOspPMm5ifHE0_17hjP7ItuKeMYH76m1rj9PgtsPN6dcgfL99d6JlRhR1akETLAqGorenxSG-fdOvunyAT3XklpV55gT9LO81asBsNwqElNWfNwp6gUJ66RDNUAXEyZuUaHCwe5iX59WPZcKp7dofqfPX09ijABK_VxM-KBOAEA4gFq7W9jUSSBQYIAxABGAGSBQYIGxADGAGSBQoIIhACGAFImKx8kgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEKvZJBi5gPrSAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBPx1uMQyBOnlIvhA9gTDYgUBdgUAdAVAYAXAbIXHAoaCAASFHB1Yi05ODM5NzIyMzA5MjA0Njg2GAA&sigh=k8OOz6qSVwc&uach_m=[UACH]&cid=CAQSOwCsnQUxoURw0JppcowGO7qIehdyBhRhAEFGWgd4scCLLOiOYTVl_3fpyeHTsnOKX8mkvRaphuGJSBnZGAEgDg&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=4015807509&adf=3490668099&pi=t.aa~a.3648596900~i.24~rp.1&w=585&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=585x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=147&rw=585&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=1&bdt=1457&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0%2C508x280&nras=3&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=92ZqZswQ3x&p=https%3A//test-otvet.com.ua&dtd=29
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Oct 2022 05:48:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D306 1 KB
643 B 40ms
39ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 45576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 17:09:02 GMT
etag: 48472445140208031
expires: Sat, 15 Oct 2022 17:09:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame C5B8 0
54 B 115ms
48ms Ping
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l99i02bo&c=6044829452147&slotId=3022414726073.5&qqid=CL6E-tnE4foCFdELewodBSsDFA&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:38 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C5B8 9 KB
9 KB 116ms
47ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 10 Oct 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 379135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 10 Oct 2023 20:29:43 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C5B8 15 KB
15 KB 123ms
54ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 13:14:53 GMT
x-content-type-options: nosniff
age: 59625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 13:14:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C5B8 0
20 B 75ms
75ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Csx-StklKY77RBNGX7AOF1oygAaSgkvtshPaKtZQQvqLKwcMyEAEgwIKgJ2C7hoCA0AqgAan_5cYByAEFqAMByAObBKoE8gFP0GILhSu6_PBQNnwZiz7CtcYOyYcKqqSRPwwUHm9dXt0OoJi8jbwly3_cBV3MVSh5bK0k5j05qQ5wGBqForm6P9yyT6ua_-2ikCInt8CuA5eojaZip48eVTWyDsvTGJGloTYGXvNgE0g0zV1F_Ut83qkCUASiPCc-644ZLUN6NHDZ9e7uFZe7p9e182qF_Ln72b0KshLv06tkSkED0ZYZuDHbX5JWRBn8-VSeFfyzbFmudbVN_ig0OpQDXc34YvLtYXUGo6jZ20UFLVbEPmutvEMcmN299UMeHKljHnrFEkfqK5bqZP6AxeEXScr1AlwQ_sAEr9XEz4oE4AQDkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT8dbjENgTDYgUBdgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1665812918756&ai=Csx-StklKY77RBNGX7AOF1oygAaSgkvtshPaKtZQQvqLKwcMyEAEgwIKgJ2C7hoCA0AqgAan_5cYByAEFqAMByAObBKoE8gFP0GILhSu6_PBQNnwZiz7CtcYOyYcKqqSRPwwUHm9dXt0OoJi8jbwly3_cBV3MVSh5bK0k5j05qQ5wGBqForm6P9yyT6ua_-2ikCInt8CuA5eojaZip48eVTWyDsvTGJGloTYGXvNgE0g0zV1F_Ut83qkCUASiPCc-644ZLUN6NHDZ9e7uFZe7p9e182qF_Ln72b0KshLv06tkSkED0ZYZuDHbX5JWRBn8-VSeFfyzbFmudbVN_ig0OpQDXc34YvLtYXUGo6jZ20UFLVbEPmutvEMcmN299UMeHKljHnrFEkfqK5bqZP6AxeEXScr1AlwQ_sAEr9XEz4oE4AQDkAYBoAZOgAe_gJq5AqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAT8dbjENgTDYgUBdgUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C5B8 29 KB
16 KB 144ms
63ms XHR
text/xml 74.125.140.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AkpuH_SIuYZibPc1j6UP4NkDQ2AIfDhIslCGhrjLo4Y6QMa5xIHYZUPfacJ_Wk8OXxPTKuIw8tPJ1L49lSXEVAJLjrTQ&cry=1&dbm_d=AKAmf-DJEcNO7BHr6-YRnQP64UVgmMG_-DpVFJiWEqt2j1v63hs4ebz1HLI0xV1hIyoyX039VnDXLsdBcsUkaaaDW0yxm0FI5Na4PACIQEemMkSGzmbRwWWSM9wNck8HPMpFU1Mw1Ad2oCug2OaF-j2rM73QVNjuq0d2f9hWBesJQAiSpa97T4ybfeiXBFYOP3EIeFEbvjasRo3ts_nYk0wEYddFVPL_ZSlLaAixA3ToCYTMp6GbvtxEh2mgiPgXfDDQLN3BV_MG_N9fdg5ErSkw9ZHU6o4bwrD4bRWCUEKVgdBPuU0lldASHlbOEZ0iELNsCV8FV9kUVgyCpnajDJAnl7_XAJZwtkBpkRoIppIE2LGrMjkZPpnH_JLoGyKykmq9A014md4uUzLHnkdOoR2BpqGaawTkyXx9465ozmJQJTaaR_A-b8ctW0NZtaz2MsdP0f9jcd5QfV6ERqd1pg_zJ7fBjWq-Ile9bUQOmyoWDDr1hg0xZHyTPIiDiilK4pXAx1KWwyPuybZ4e8Jg5iiQyzNh_O7uKeXFRHC7MtpRBCU2hyr-NddYS4-gwhcZJO8xwo72RFG7Z0N_t9ltIZJi1eVxHKTvviBHJzG87BpYLms-evGG6j6-rfo6Y3LUxxBLpatJBWgcdr7STApfE-NTqBFQfAq-6WO79i2astop3g7Ydb5AEYScMEi2opBD6fMdya95WQag6aN6dqPfkAyndOzzYzvDxJTYTAwhNZ-39DO7xORrE9ppCKNyzfemj9o9a_Wp5koHRgw7R7sl6tluxmZNrzQO0seFKVK0DZH8IQ5ElG9Cgv3W4O1GuaeX-nInMq4qoYxptILtcnTNyIieJnaOxWM_nWeDfymtrjC3YuAzdMZR5YMkeGtSQYmUFLt8mXP_9yaDIxdo1_v9Cy-3Ias0qzL9-qxTLi7P7AMEghGr2JYMgTqLEqpLekavoMJvrQn_Fsl125F0ws-UssVxeoDUGfOC7KX_qKuc2B4l5DmN6fPRh96srmOvvfyAmtNORSreo0ZwsbMAFfHb9fU0PbJnOKCexfx84uhRcD10T7JPjf-KM0P-Vp7JEOsDS4fr2pl-7vqSaETXZ_D9t8s7xnTXUv950AbQnUALaSsARghpN5P8NCUN_EDF2QJ-VdscXdKgk5jE9TzYTqthZmi_qIMm6tn-aK0RXDEN7dolq3NZP8o_okD5BQYYRAfhWVgnVhzS8WyxsRKo44ui1CmMv3ut3_JIHO8c_E8WjkHX4dpmut7mTJk4G7ntgCu_mD6H86208-wmCx7GuDKz2eKznrck7Ku2W97FVrlAzuGKTliPJeb9vQup1e7Vx6O-1t-DzrQD3G8cfTuxcWGHAEnqsYVupTP3_JQIeAlRFGKXcnd0d6TR8CuZKqXtZp8ydkYPYG6KZMGzv_eXQOxs6OektWCv-KSOiqLoNn2MKwVQirIADEmU16JRqRTyB6uLzyjdoy4KgRPFbuWlWfFzVExC2MI72RPigoE8jldIHVtDlHexnoWqi6Qyu9phrVJSC7iC0m943XIhs-8-8SRzCakyB_ljVDHsWsXlFvcPZ9ZKCSxCYw7ge4sSRgiqpTbhLkEwWj7LEezVBGI6MXhEgA7YaxoByi7LMbHvPdKyWlRgGHmbXOIapIp4Buenb7_tqI-Xk1gZHdTII7qShvNMEwU9y0sE-LBK8Op5s91ltEjYRZPSQaXc9mL_NjE3dkslW7oJaAM2VOOSZlf7mJbWFR4AZJ4pLExh38fRm5UgsZioTPG10MzN9tbMQ1McknqiUiyI6adnqjRLk-Q67Mr-qmsjUT94KERcy2gunPwhMRyzjOn15HmJhLK1Vwq5fXbp8N5_J_lfPVxD3Q9B3szMyyIUWiDPyAaXtwzyH1vrWuukth0itQsJgk_cQTjQ9fvlWBz4sz1xWO4DWkotToKIvMyLGZ5OLAiaxKfFlq2QTe7x1g7eiSOuIzjD99LB2M-W0e5-6Fi1Vit72tBFaOuOYJbrPwqiPVqNe1-jBqNcLqlojCxp2hTGh09BSfc-Z6d6zU1TyQv0LO6v-fPBoCFuFYf7ZaDFkw-QkoVcALIrdyafm1YYlVEfMQ_5gctCnFpBiAmQOrM3uEA7vrgrdf9gFsp2tUb_HLrP0XHwRketCvciWyXBH-Kn4Etl_2QtQZ7TPCqSP5slsJa7QBcIKZfwb0zVqR7bLmjzV0LkKYYJoO82iTaud__ICHYqwL0h0E3rm7jVk3QBzFYjhNWErZIVIOILwe9dWTSovmF0kbPhyB75ZqrCQy4D55d_xhOmc-gQdImllHVvjWVVjDUOV1XjqkjRC9QisUpvc1QiyAsU1kcsSQ6deWuzgaWMzDmV5W3V8cPAWNDxhbf-Vx0FdPcJ5wZOlHdvJAFpmyGseW_tnqR2L5IfG3kwKaE1aB8Cwhy-gLxf-TSJW0-bcV0QdAIn9I6_ySPdIJvSpqvYajIZLRz12ryEcxMe3rSEH83pg381k0aUz5F_HwfUHm0FDEZe9xZc9xo39QyOBXFFED4p7N8U3XRGzpWnYXtnwyqBOPtqjiDcGNOCPWWgjBXDJ0JblJS3klyX4MqzwpeeZT4POCJw11G9BrCkcNA_8zgaH9UwM60CncH9xvCTXp9NLGsfpx3xY7ZIkoWcz7xlgyYQyc1EFzT3PuCbGLLAEW0-B54qlZ968E4_YgZ59fPBTkQydqauyDT0B7GHL1syHVwjEsY5Nn5R6vw8CL8lQWxfA-xsOrNSU6dy89kZts90FiMv76kuckkUTRgo2jYsdehIVZX8JyyYzr0hLU7gglBM93uIiKesmpffmZsntWuUlKO-Ouzbayb4mQ1Lm-0-GWen_LxOcWGyEaMmVG0EuotNsoZ7455ebTqaDOd2fAKhavdOpFMT3ugRqFJaW0uu3zcmm8EkjLz4QQUIGtHPtCLXPqlMuedJPQK1IDiPnLKnLm_wbxBTC6rm9PcGHp55NE3CsDvF5M7oBMBhJSpJej_oGSpzzRb9ofgpYHlvN7Djz5UxlJYAcRyGpYnCY1P5hJlw1WMGSAorh68fiVf3Ct9ZpzyoSJuljpLp2EUlnMi20zah5HxSxHS7ytf3fEjqu9HuowZVoV2YCGf2i5bRthWKeAcT7HbkRRc-Sfwbg2r_BhFwo8ymW-029WtC-mgnf55JWL9i4BGPiEBpu7Te4uVGvYtCqODpV2m1Q0xBFM8SWzF07_SclIRGyFLzgvAelsgyCQHMjLI7ymygvR3W2CDfREj8P7rPYZMLfP7FBg5r4YFkHnjeSSW8uPHJx0MY8423DrOUeH5QOPghdb1RlKSJAbORh2aO_kaLnv0SOlZT6cdIs1cWQHWJ5pTL-o32NZuZLjN5pwV8gOqq6Vg&cid=CAQSOwCsnQUxzelQLW02z4UjTQXXdHhywp-9Nh1Nnld35HG48h6Vk5ptGK2GJmq00UdMbJpgCVxgiGYe4-E6GAEgDg&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.140.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wq-in-f157.1e100.net

Software

cafe /

Resource Hash

fbc7597e8280f931cf72a300f5f02d20d2eb7a34b97e2652792dbce78b342ba2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16173
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C5B8 0
0 80ms
79ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMiAJtklKY77RBNGX7AOF1oygAaSgkvtshPaKtZQQvqLKwcMyEAEgwIKgJ2C7hoCA0AqgAan_5cYByAEFqAMBqgTvAU_QYguFK7r88FA2fBmLPsK1xg7JhwqqpJE_DBQeb11e3Q6gmLyNvCXLf9wFXcxVKHlsrSTmPTmpDnAYGoWiubo_3LJPq5r_7aKQIie3wK4Dl6iNpmKnjx5VNbIOy9MYkaWhNgZe82ATSDTNXUX9S3zeqQJQBKI8Jz7rjhktQ3o0cNn17u4Vl7un17XzaoX8ufvZvQqyEu_Tq2RKQQPRlhm4MdtfklZEGfz5VJ4V_LNsWa51tU2mKa7PB5EbXyaKVYWj0kFoTewpoB-i2vCxz8GdSZiR9KUGkuMpW6TYUusKm0G_omXKFqjp-cuUdZ3AwASv1cTPigTgBAOIBau1vY1EkgUGCAMQARgBkgUGCBsQAxgBkgUKCCIQAhgBSJisfJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGToAHv4CauQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDB7CMYuYD60gHSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbAT8dbjEMgTp5SL4QPYEw2IFAXYFAHQFQGAFwGyFxwKGggAEhRwdWItOTgzOTcyMjMwOTIwNDY4NhgA&sigh=9JHlLqUQCyU&uach_m=[UACH]&cid=CAQSOwCsnQUxzelQLW02z4UjTQXXdHhywp-9Nh1Nnld35HG48h6Vk5ptGK2GJmq00UdMbJpgCVxgiGYe4-E6GAEgDg&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=2202782542&adf=3104713314&pi=t.aa~a.3276947282~i.18~rp.1&w=508&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=508x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=127&rw=508&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=3&bdt=1457&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0&nras=2&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TbxjmHxHLW&p=https%3A//test-otvet.com.ua&dtd=22
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 15 Oct 2022 05:48:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B3DA 1 KB
643 B 40ms
40ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 45576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 17:09:02 GMT
etag: 48472445140208031
expires: Sat, 15 Oct 2022 17:09:02 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C5B8 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48d9914dac18bd53113c9f8eadcebe0e68fa64e4d5a8377fbd654f27257c6ab7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 3F1C 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b05baa81c415b9511b2725494480c6295628323fd267c4a9a5ea0cf267b9bb7b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 dpixel
cms.quantserve.com/ Frame D306 35 B
464 B 132ms
42ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMZ3oKYYzNF1HiMss0w6jvg&google_cver=1&google_push=AZmPxg9grGEHTRBMnU7FD092FQvZyQXl0aY95nycbFR5kHg4BNFXz9lEGGX5ET8nozPuDfFymrP76sAeL3JDFSo16ie-geexkee1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D306
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9QuLjz...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg9QuLjz...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTUwNTQ4MzkwMDA2NDYyODAzNzU3MA%3D%3D&google_push=AZmPxg9QuLjzwc3sQCJnBBFXFMFWqvDb7urplJrLvi8JYS6JeNNcuO51oMWzKVG3mzpIcK...

170 B
188 B

55ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTUwNTQ4MzkwMDA2NDYyODAzNzU3MA%3D%3D&google_push=AZmPxg9QuLjzwc3sQCJnBBFXFMFWqvDb7urplJrLvi8JYS6JeNNcuO51oMWzKVG3mzpIcK1I9kpQlsjgGcZ7PZ_cnOs1nyQoVTAw

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMTUwNTQ4MzkwMDA2NDYyODAzNzU3MA%3D%3D&google_push=AZmPxg9QuLjzwc3sQCJnBBFXFMFWqvDb7urplJrLvi8JYS6JeNNcuO51oMWzKVG3mzpIcK1I9kpQlsjgGcZ7PZ_cnOs1nyQoVTAw
pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 15 Oct 2022 05:48:39 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D306 43 B
351 B 100ms
34ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPWLQ0DlqEd7VkEd0izCAqQ&google_cver=1&google_push=AZmPxg97xN2U6Gtos32ZM_022Q5a_VdcCwItrN7ZQ0QUK5PpVaR1bu-cVkLPzoaln04ab19r4pe0nLf2HKE1ENKv7mNy2RSCIxm3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=4015807509&adf=3490668099&pi=t.aa~a.3648596900~i.24~rp.1&w=585&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=585x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=147&rw=585&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=1&bdt=1457&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0%2C508x280&nras=3&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=92ZqZswQ3x&p=https%3A//test-otvet.com.ua&dtd=29
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: u900j7kfoodqtigli7a306ll2hbkpd7n

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame D306 0
41 B 99ms
30ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPT0X7FETTntco7hrxNaUFg&google_cver=1&google_push=AZmPxg866oFPc_mee_clCQ0yq27ifIn4f4puwTGxLNIjN4MY2c4FGiKLWbV85sCOI5JNen2wT-Ddx0QigmAZNyrNEfaF2HyHOdTv
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=4015807509&adf=3490668099&pi=t.aa~a.3648596900~i.24~rp.1&w=585&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=585x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=147&rw=585&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=1&bdt=1457&idt=1&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0%2C508x280&nras=3&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=256&ady=2719&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=92ZqZswQ3x&p=https%3A//test-otvet.com.ua&dtd=29
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 15 Oct 2022 05:48:37 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D306
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEGFANbjaOFqrhUmHt1t8RTM&google_cver=1&google_push=AZmPxg9O9wlzA33QEeQ6pbMW4CpRI1UkmZjBLF0DQx8VvMlMPsmjXhi1-LJG6ubWuuQ0PRG2Iod...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk5STAySU4tSS1DQTU0&google_push=AZmPxg9O9wlzA33QEeQ6pbMW4CpRI1UkmZjBLF0DQx8VvMlMPsmjXhi1-LJG6ubWuuQ0PRG2Ioda6Ir5TpC6Ubhj2xcCmSZdIW7H

170 B
188 B

135ms
51ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk5STAySU4tSS1DQTU0&google_push=AZmPxg9O9wlzA33QEeQ6pbMW4CpRI1UkmZjBLF0DQx8VvMlMPsmjXhi1-LJG6ubWuuQ0PRG2Ioda6Ir5TpC6Ubhj2xcCmSZdIW7H

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk5STAySU4tSS1DQTU0&google_push=AZmPxg9O9wlzA33QEeQ6pbMW4CpRI1UkmZjBLF0DQx8VvMlMPsmjXhi1-LJG6ubWuuQ0PRG2Ioda6Ir5TpC6Ubhj2xcCmSZdIW7H
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D306
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEHy4dz6ReMeCElfvAe-fgHE&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEHy4dz6ReMeCElfvAe-fgHE&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHy4dz6ReMeCElfvAe-fgHE&google_hm=Y0pJttBNX9X39YJ6TfbKBQAAERgAAAAB&google_nid=index&google_push=AZmPxg9-3ISxOwkr8iKl5nDmiP4mHvc6Se-kc...

170 B
188 B

86ms
86ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHy4dz6ReMeCElfvAe-fgHE&google_hm=Y0pJttBNX9X39YJ6TfbKBQAAERgAAAAB&google_nid=index&google_push=AZmPxg9-3ISxOwkr8iKl5nDmiP4mHvc6Se-kciLCv2o4c4Asn_iQspfW5HLErXLywQw34IXdrpDKcyTcq22HU8y15DLNlXo51VAR

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TxVWxzLEhgsM0VUGk72PAoXB1pyj6kxdza5vBPqf9gzyI4YmBRfhFQ9dDqOu4AC3IMqRqK8hXKt7k0wpVdMT9Exx%2BzazEvg3APazKLwPcgr8xOhV1FEPUX4lcypmDSWugZvu38VbxUl8eg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEHy4dz6ReMeCElfvAe-fgHE&google_hm=Y0pJttBNX9X39YJ6TfbKBQAAERgAAAAB&google_nid=index&google_push=AZmPxg9-3ISxOwkr8iKl5nDmiP4mHvc6Se-kciLCv2o4c4Asn_iQspfW5HLErXLywQw34IXdrpDKcyTcq22HU8y15DLNlXo51VAR
cache-control: no-cache
cf-ray: 75a64457ea47dd71-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame D306 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D306 0
232 B 153ms
48ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JU7If568iF0p78i7KX2zUoA4UGi4693hiTa4HPBkJzPaPm2n7PCKIb9BvxQEfFPeIEyY-b7Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame B3DA 35 B
465 B 120ms
40ms Image
image/gif 2620:116:800d:21:5ed4:8d5d:fed7:f5ef
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMNZhSJ07TjET7hAb_KqpkI&google_cver=1&google_push=AZmPxg9cccHXZQtQa_xPOfTCDyn589ucyfJZhe6zghBaL9dUSHIWokXJ50waf_409tNmleeHvu2bjQTS8PuP8ppar_s99zKnJcYE

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3DA
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-wVfr_wDpBZPAkWtpk2kMl6ETb8yu3aRyxc9useF-Ki4LH7fjE0kV6lbh174-TrgV_VygEWHaV9o8SNbhi0k2f3twPBrAM&google_gid=CAESEElZyuHf6yFq5qekGRjlKpo&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCLaTqZoGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWm1QeGctd1Zmcl93RHBCWlBBa1d0cGsya01sNkVUYjh5dTNhUnl4Yzl1c2VGLUtpNExIN2ZqRTBrVjZsYmgxNzQtVHJnVl9WeWdFV0hhVjlvOFNOYm...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUVBHTGpZeGxqOEc3c2NaTi0za1BtZnlxdWpybU5NdzB5bHZFelZxVFpiVQ==&google_push

170 B
188 B

80ms
53ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUVBHTGpZeGxqOEc3c2NaTi0za1BtZnlxdWpybU5NdzB5bHZFelZxVFpiVQ==&google_push

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 15 Oct 2022 05:48:39 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwUVBHTGpZeGxqOEc3c2NaTi0za1BtZnlxdWpybU5NdzB5bHZFelZxVFpiVQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 dds
rtb.openx.net/sync/ Frame B3DA 43 B
135 B 90ms
34ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEOegWCBCCFu2xqCs3jvFnsk&google_cver=1&google_push=AZmPxg_AYB9o_2-gIS0NcacOoBMnzP2I8X-EMoCPiK-zaGLHGjScGikQtoQThDPnrOQFci7osfQ75vCdaRv5NdVqakdNClvtN4hP
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=2202782542&adf=3104713314&pi=t.aa~a.3276947282~i.18~rp.1&w=508&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=508x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=127&rw=508&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=3&bdt=1457&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0&nras=2&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TbxjmHxHLW&p=https%3A//test-otvet.com.ua&dtd=22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:38 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 44rs6mb3lr7jrelae2l9ovh77trr6g3d

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B3DA 0
166 B 88ms
29ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEHk7hzXjAWw5DovxlSXkbVA&google_cver=1&google_push=AZmPxg8neF2nU93bE-MigkyluGeL5IVW47YrO_sQPIfB7PQnU4BbSr_Ofcs6pi0gpeudhpwI2ElGCJtVZ1oasYQ4vf4mUHg3woRG
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9839722309204686&output=html&h=280&adk=2202782542&adf=3104713314&pi=t.aa~a.3276947282~i.18~rp.1&w=508&fwrn=4&fwrnh=100&lmt=1665812918&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=6166156679&ad_type=text_image&format=508x280&url=https%3A%2F%2Ftest-otvet.com.ua%2F&fwr=0&pra=3&rh=127&rw=508&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665812918001&bpp=3&bdt=1457&idt=-M&shv=r20221012&mjsv=m202210100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6f3840f8f663f26f-228a637e44ce0018%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg&gpic=UID%3D00000b72d2c86b13%3AT%3D1665812917%3ART%3D1665812917%3AS%3DALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg&prev_fmts=0x0&nras=2&correlator=1430334803695&frm=20&pv=1&ga_vid=1388996253.1665812917&ga_sid=1665812917&ga_hid=39514265&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=295&ady=1241&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C42531705%2C31068921&oid=2&pvsid=1121248758158124&tmod=1632659134&uas=0&nvt=1&eae=0&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=TbxjmHxHLW&p=https%3A//test-otvet.com.ua&dtd=22
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 15 Oct 2022 05:48:38 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3DA
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDZwk4KrcVjxYvTwTZUuuRo&google_cver=1&google_push=AZmPxg_3tZbbanYp2a4mmareTZi2ui6WZ_LegRG-D-cDG9zijXZhOw0q1SUuiF53JcAUL84zVu9...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk5STAySVAtOS1MU0JP&google_push=AZmPxg_3tZbbanYp2a4mmareTZi2ui6WZ_LegRG-D-cDG9zijXZhOw0q1SUuiF53JcAUL84zVu93ASZuLW6P9Yv93kH6ItmxBNzX

170 B
188 B

129ms
52ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk5STAySVAtOS1MU0JP&google_push=AZmPxg_3tZbbanYp2a4mmareTZi2ui6WZ_LegRG-D-cDG9zijXZhOw0q1SUuiF53JcAUL84zVu93ASZuLW6P9Yv93kH6ItmxBNzX

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDk5STAySVAtOS1MU0JP&google_push=AZmPxg_3tZbbanYp2a4mmareTZi2ui6WZ_LegRG-D-cDG9zijXZhOw0q1SUuiF53JcAUL84zVu93ASZuLW6P9Yv93kH6ItmxBNzX
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B3DA
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOIM5LWQSgXbS5hR-Hh7SXs&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOIM5LWQSgXbS5hR-Hh7SXs&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOIM5LWQSgXbS5hR-Hh7SXs&google_hm=Y0pJttBNX9X39YJ6TfbKBQAAERgAAAAB&google_nid=index&google_push=AZmPxg_Cm7qQ0t4nlDbVORtEd5jEK96tg2tnm...

170 B
188 B

54ms
54ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOIM5LWQSgXbS5hR-Hh7SXs&google_hm=Y0pJttBNX9X39YJ6TfbKBQAAERgAAAAB&google_nid=index&google_push=AZmPxg_Cm7qQ0t4nlDbVORtEd5jEK96tg2tnmFn_BS8c-6WJg4i7_Qw1fRoo5MLIkOOAlEer87sCCM6CwNXhslBgAbuYjd_Dri72

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FhO7Lk5YSHvprJq8hRNuQ1Ead0eY87AWTYjMdRt1DuLeIH7EQpf3uZTddwCNjTFR5LMcJLhCU%2FZBRSXCAxdarTEHQohtGLYMRskT47%2FcPON%2B9NYBw%2BufF0RZ3%2Fz17VxQuyODAGLSvmVhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOIM5LWQSgXbS5hR-Hh7SXs&google_hm=Y0pJttBNX9X39YJ6TfbKBQAAERgAAAAB&google_nid=index&google_push=AZmPxg_Cm7qQ0t4nlDbVORtEd5jEK96tg2tnmFn_BS8c-6WJg4i7_Qw1fRoo5MLIkOOAlEer87sCCM6CwNXhslBgAbuYjd_Dri72
cache-control: no-cache
cf-ray: 75a64457ea46dd71-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame B3DA 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B3DA 0
40 B 142ms
49ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYmiM7bXgPiaGLKMaQ0gy_fiJpmcZWFBA6XhgEsVAno0FTcA9eMbDH2oc6Q5ky7o-lQRQ1jw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 15 Oct 2022 05:48:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 3F1C 41 KB
15 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-aigl6nsd.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3F1C
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-aigl6nsd.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

137ms
28ms

Fetch
video/mp4

2a00:1450:4009:5::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-aigl6nsd.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/44A1F82CC4679AEE750A812453D98905FE212309.50F7BE1A0886E76D99FBF79B78D37094DE0E0A5D/key/cms1/cms_redirect/yes/mh/is/mip/2001:ac8:21:e::13/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1665812466/mv/m/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4009:5::6 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 15 Oct 2022 05:48:39 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2242080
Last-Modified: Wed, 07 Sep 2022 10:36:05 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 15 Oct 2022 05:48:39 GMT

Redirect headers

date: Sat, 15 Oct 2022 05:48:39 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 647
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-aigl6nsd.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/44A1F82CC4679AEE750A812453D98905FE212309.50F7BE1A0886E76D99FBF79B78D37094DE0E0A5D/key/cms1/cms_redirect/yes/mh/is/mip/2001:ac8:21:e::13/mm/42/mn/sn-aigl6nsd/ms/onc/mt/1665812466/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C5B8 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 14 Oct 2022 11:28:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65991
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 14 Oct 2023 11:28:47 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-aigzrnze.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C5B8
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r1---sn-aigzrnze.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

146ms
29ms

Fetch
video/mp4

2a00:1450:4009:1d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-aigzrnze.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A7E2175241B6A5E9844CE41E3F3C701D81A5F9F.3D8B097C99607CB88B3B40698EA5061DD65CC394/key/cms1/cms_redirect/yes/mh/is/mip/2001:ac8:21:e::13/mm/42/mn/sn-aigzrnze/ms/onc/mt/1665812699/mv/m/mvi/1/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4009:1d::6 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 15 Oct 2022 05:48:39 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2242080
Last-Modified: Wed, 07 Sep 2022 10:36:05 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 15 Oct 2022 05:48:39 GMT

Redirect headers

date: Sat, 15 Oct 2022 05:48:39 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 647
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-aigzrnze.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/0A7E2175241B6A5E9844CE41E3F3C701D81A5F9F.3D8B097C99607CB88B3B40698EA5061DD65CC394/key/cms1/cms_redirect/yes/mh/is/mip/2001:ac8:21:e::13/mm/42/mn/sn-aigzrnze/ms/onc/mt/1665812699/mv/m/mvi/1/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B9F7 23 KB
9 KB 42ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 104711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 00:43:27 GMT
expires: Sat, 14 Oct 2023 00:43:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B3A4 23 KB
9 KB 41ms
41ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 104712
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 14 Oct 2022 00:43:27 GMT
expires: Sat, 14 Oct 2023 00:43:27 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame B9F7 36 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

GET
H3 200 ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js Show response
pagead2.googlesyndication.com/bg/ Frame B3A4 36 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/ZEudAwKmaTNpvGbgtwbUkI0ybKz2KwCtXmqAoF5myvk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 12 Oct 2022 18:59:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15800
x-xss-protection: 0
last-modified: Tue, 11 Oct 2022 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Oct 2023 18:59:03 GMT

GET
H3 206 file.mp4
r1---sn-aigl6nsd.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 3F1C 2 MB
2 MB 60ms
29ms Media
video/mp4 2a00:1450:4009:5::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:5::6 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9c575af27d117c24751620cdd16b33d92440dd43c749eb718279f1f4fb59f876

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 15 Oct 2022 05:48:39 GMT
date: Sat, 15 Oct 2022 05:48:39 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2242079/2242080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2242080
last-modified: Wed, 07 Sep 2022 10:36:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 206 file.mp4
r1---sn-aigzrnze.c.2mdn.net/videoplayback/id/827ac4b8ce955a56/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3806995045/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C5B8 2 MB
2 MB 61ms
29ms Media
video/mp4 2a00:1450:4009:1d::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:1d::6 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

9c575af27d117c24751620cdd16b33d92440dd43c749eb718279f1f4fb59f876

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Sat, 15 Oct 2022 05:48:39 GMT
date: Sat, 15 Oct 2022 05:48:39 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2242079/2242080
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2242080
last-modified: Wed, 07 Sep 2022 10:36:05 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 76ms
76ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221012&jk=1121248758158124&bg=!x8SlxIDNAAYeOJy_Pjg7ACkAdvg8WsA3X6i5JQZB2fn2GDUkYW4fqHwrHCFOXY12YEfsqNuvPPIubwIAAACHUgAAAAJoAQcKAIR7saD9xgmgh3dz2Ayu8ch1f41QghMQ7c-hlU0I28gQHkDsyYx9US0C9wAg_N8v0RpXHfnWqFV0bUSXWn5PfJT5hYg64Ccca6Vp6kOw5W4AL82UEu1Wv9dppOV9N_jMv82USKxz2wlebpWlGFJvKLNXAFeCO2nyuGhCcDkPt_C2PjABj0SZAppeeJoYxs5fJdj21id6pqb9Dwa1onysxHhnH8MjPve71PiNaE6G10c8VzstVf-X8updi8GIO_qDk_xKJs9evQ9TdTRBi9IqyUOYICq1qGPld7qgk22TvJPNTGkbfnWDFVrQr00YWp_Cu_WzVvPVgVdO-YqfTKdyOPGeYg0fXiUxz-qSuCBUI2IUjwLj6Tl3GCzwqeLLKzmIUa7oJMXesGtLwT1Ko_v35nB3pybnLEHbbglecnudw24PIuzLXl8dv1zsgP14yZnZboM4H2nV2myja639kTUNFsNL0FJnjDDmQq5vGLXosvzsWEw6n_kumxLdBv26bMFOWCPHjnKsVY0kn0I6yCNpovpB-Ni6emZMpNVXSVXPB5MmL5lAOq3rat5IVHn_dbyEnjTTQ3ivAXRg6RR_OkaxZk8XfrJaiR4wDSLv9TBAF39qQSt6CJI0_otGzy2cHiS6q0yS5h96C_OdDBryj0swi-P1fp3iiilW9VEYfg8ZEbusfS7jPl3Csu4PYmH8U4GjhYIKRXc1f2C2IhXR0yeTtfJrDhYJjB0ZsOFmK-CaPtcy3HhrjL_h649YQLyrA5KQFw46e52hIiXxfNJXjNwtvXOdrdZb8A0cbi9f9pNjPwSXAstnj2E-D3WgbrU7pNQlKBuDw5yU_zWNgkBS9ctl4O7-Qw9WF40yEnY2ra-jyUtsEthzSOo9QSkSTeVpFtgDq3d5ltk0xmzJy01ANnUX78TLgvdPATwTD6hbv5fjNBhxCniXrikRYgoKLvRqqMsP-GPKrNcgyfrAS2OK0YIFHyP4gEarSvkU4TsjMlZKavAcNaTMm6rtpzORTSOXKBWcQpFxLLFtyocxiddV18O92PAAl5CeOKY-Bi3Zrgs1dywAOXw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://test-otvet.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9F7 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=B9r1StklKY8fkNMyP9fgPyeOymAYAAAAAOAHgBAI&bg=!KimlKW3NAAYeOJy_Pjg7ACkAdvg8Wg_vDQhiuoxqvVUtQwsp2Ni6tMJPUn963Z8hBk-eJVl8HsZ8vwIAAAB7UgAAAANoAQeZAs6Xfc6wBYvLwyiAgDqq2Yn3-ZdCw5EXJvTgwDvoFKL2KplXuvZXNp3qr_ycl-X5bEj2pOuVas_zKNWHNxCsRhntzqWPrp_nmGDUugo1_Z8wyxuGat33w0NOJPTCTHeu4WvURgak0NKN4TQ0lXNokTZOxB0WM9YGcmNL8jI6DIe010UXg5s1sGhjCnBxALPH1dT60uQTuLMkqAQ-j-KDVjxrDb7Yng264Q5ce6QvV3pcSJg-l_kkPp-E2wxyv8tb9wUY_3I6B4Wofq7ST4Z4S7iLqtFeX-BoZraRANH_cg-wvUv4p91NFCRpWwsuO_GTB05-mmFfvYCm_AtwjaFFxvU1zwNmw6vIuXq4BkROjD_K1DWvslImMNFQua9uC2NPFjlTYS9-kxQIkiB7bPmb0vYBWJ_52jPRcLfuhELyyM4zlw4FR5p6MyWPtg2BEPkxjO0glm6PYLa6SaHUkvDaR2RVcCI4BP7AQkcqAXvxHQt-s0VjrNzYrlj8GfPMlz72Ma1PINXfYSFfrXvTFPQ_fK1nO0fak3g_FYYoRKwz64ctOsWCZfJHCKqegr_N0T2wGh-h0ljrhJRKa2IyOsdPnK0VD3Z9gUxJ1RqHhsJQ41xrmixi5A4IQEHyrJXfv6MlDcz64uXwh4IaIYR2vzc-GX-l05f0SGY0oXbEsAzrnf_dnd1JgWBxJkcCAH5ccg4nZgx9ThO4MXPhfMcX7eaxthgg4kGN8MSB8lu6eg9E5TJoN_6PDo3jHfjvny56TATVPv6zO8V8LM7ZDRYDzfS6eOIOYcSvSTZ_ah2ukaaEPqkc6FfS4-4JuViiDhvrFiR2KlFYSQAd9n11me9TlolRUjtVj5Weh_PKqbNWCioJ-F1RaEF4HO7NUPN0iaIudDt2-kMRUiXVOTb3vMVIIqdEMPchoKT401ufrRTLLoimn1CxSsXwzQ0V-Ah6MJsCfX_i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B3A4 0
20 B 77ms
76ms Image
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=Byq_ltklKY_6DNaOAkdUPk5uemAEAAAAAOAHgBAI&bg=!6Oul66_NAAYeOJy_Pjg7ACkAdvg8Wn2wUweboDifeoF7VJ2siEGe1MhVNT2fqvhV21lhQpvDKrAbtAIAAAB_UgAAAAJoAQcKAHyMF-q38bmIIfl9a4euDlaGQIBPyQGA0dnLYGblKqRVWF1jlJmViCB1hnJDGOU4GFYpuxeg-LdhByXKmuywFmjNcM7ukuklGoRBw0vnCH0qLtCoKwNOqn91ZylhkfOnZ1e-B6D8T5R9WPnTx6WXvA7Ctbxv72AINtimsUQ-mQLL06CJ-6n-1EOzUw7ChP24ffswW2phTW1fFwCAC2-0iF0rDiMx8VjcjgTwLKnIZ0N6rEF-XpcZ9CrRqIb48NVjMB4pXd0PHSQRZi8EtgnxwnFtPnfPALCMLNwgV5d0B8oC2kLvLV4iLoLy9pQeR4IdtxdGlKD2OFxDYCYxsUUQwIDLUm3YxghCiTA1FKs9QVsXIIKCIJTs3V1u2f-ycfj-foQeAIdEylKYjQIxPvrFptwdqA-4iiuGsp6dzxbW-ChvyokrP420PjNBQzhTWDWdWZumWwZvDr35tBaK4Lpy6jCLxkqmYb4SEVjc-89ick0-W9OjzTDdzMC7S2P7KNUpYWW8e0wXgXnnif80wlu64bVw3WeRQVmfKR49pyI1TheWOqaKmf8-f7QR5YdNg3j-JTgPCAcbC-4G_fKzLSlMt6Okrm3W4GodMWLmmaTK71EL-EdBK7Q05lLruK884ZUZvw1bK19THjcDpNwZyQ1bQq6xFXzX98lc8wUrJBdCBlwNI5B_Kuw1W9SztSIgy32W-abWHOgDyowlLV6ALKz549CZMWVV1eeT7QgNld_AecIzv-DcbVPY3RIWN0L5XjzDNUhr6Kocegke_G2B7w0tjecVAHq48LkD3BQNxdOA483o5gsPHYg-XvuH0iCNgrJrKPJlvm09PQIPpU-fbScsRr9d-TigKIsp_JIXhQ3oZLsp6mdtAUosuRa5WglK2L5dk9yONBq5Jk1Ysyvykcs76kGkjYMBMi5XvLtwqQ2Z7tV8PWvnouhoQQKVm-DWO_ga_9ny-QlfZJ9DNMhkJMWQ9MTitD7YY74ko1ZBREeqQcp2Tc-L5nPRA58GlqJ6u0uq3E9nmA9iL8DyGX9ldlMF1eM-QAwamMfUhGILpLnDw7RDX-tHD8To0h56VE1LQhJhfzTJpvWU5X1gd8srpl_DaFm-l9zn7Ydwyx7Izw

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame C5B8 0
17 B 130ms
48ms Ping
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l99i02ck&c=6044829452147&slotId=3022414726073.5&qqid=CL6E-tnE4foCFdELewodBSsDFA&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=999&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 3F1C 0
17 B 49ms
48ms Ping
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l99i02by&c=2466632839458&slotId=1233316419729&qqid=CJng-tnE4foCFc3gGAodIjcAgQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=999&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=1&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221012_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9DA0 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssE_9stnbjSkZF_9pzertKrZhqeS4d3FrjNeoD59kARA5WkPDMGfycXJopb-MRkw4UkQgRtJ0fxUQf-r5PoeotQHiJL3HcdthiQ2dHBrkov5rKShEvVzOPRvz3qDvkdIlJxbEltKg&sai=AMfl-YScUDLOryVit_hPyY2Nt2fFRLB1wzvonxdyw_0BS6qmIxytZQT_3ttr4Wue-tKTyxKZTvRStNMbZQ4LD74&sig=Cg0ArKJSzF2n8pZgWjtjEAE&cid=CAQSGwDq26N9hGzhz9m3KWNYPA3MfvSlRQvJsVmzuRgBIA4&id=lidar2&mcvt=1000&p=0,1,124.25,1006&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221012&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3692517671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665812918176&rpt=1574&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Oct 2022 05:48:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIO-aI9c7q_1DzpbFl_jSBg&google_cver=1&google_push=AZmPxg90vHX_R3HQG8fVBIWINrT6we8Wffk4h6nfIV6WRR0RKPpEkHBvJIT_y9Z6p0ag396vcyW76PWtO38SnacT1_oDCWU_KAeprw

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB7UUAGNa4SurAqdnHI39I8&google_cver=1&google_push=AZmPxg-EDXMACGVHS58MSxEsvlzhoT7pOVU8X_ZnJpLmsur1wqmYrQNuynqm76G_3R44RgacbOHZPzzHOHWNYEG7xkT3j-K1T8XD

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
test-otvet.com.ua/	1969-12-31 23:59:59	Name: f37bddadf85da95a7b18e6993045893e Value: 10941a30f00886444c7a804c7d9670c7
.yadro.ru/	1970-01-20 15:28:37	Name: FTID Value: 1ZIacr1s3XeQ1ZIacr003EcQ
.yadro.ru/	1970-01-20 15:28:37	Name: VID Value: 2bf7u20QQmeQ1ZIacr003EdC
.test-otvet.com.ua/	1970-01-20 16:05:08	Name: __gads Value: ID=6f3840f8f663f26f-228a637e44ce0018:T=1665812917:RT=1665812917:S=ALNI_MZbgC2gAcqlUIyiWwYbTNh-TBEjqg
.test-otvet.com.ua/	1970-01-20 16:05:08	Name: __gpi Value: UID=00000b72d2c86b13:T=1665812917:RT=1665812917:S=ALNI_MYxoKJS_qTBPPMe4vQqr83zAIXmCg
.test-otvet.com.ua/	1970-01-20 15:29:08	Name: _ym_uid Value: 1665812918353702821
.test-otvet.com.ua/	1970-01-20 15:29:08	Name: _ym_d Value: 1665812918
.yandex.ru/	1970-01-20 15:29:08	Name: yandexuid Value: 5221581591665812917
.yandex.ru/	1970-01-20 15:29:08	Name: yuidss Value: 5221581591665812917
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 954868701665812917
.yandex.ru/	1970-01-20 16:19:32	Name: i Value: qquhrbIjsUgOsGhzfyNGLiakxyqh64oaOF/PQR/G6D7/Tia/jb/dBrBuvvyoqZhvRVXugLEoxCIq4jOYXMhqT0UQSPc=
.yandex.ru/	1970-01-20 15:29:08	Name: ymex Value: 1697348917.yrts.1665812917#1697348917.yrtsi.1665812917
.test-otvet.com.ua/	1970-01-20 06:44:44	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 16:05:08	Name: IDE Value: AHWqTUk0b4rLEEGOL0hHcwTzE50lvkP-ynVAcYEZ_mWYnVdLhd5w1wrJnklAjsAzh4c
.doubleclick.net/	1970-01-20 06:43:36	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 08:53:08	Name: d Value: EBQBCQGrJ4EA
.quantserve.com/	1970-01-20 16:13:47	Name: mc Value: 634a49b6-ded90-c612e-482f1
.casalemedia.com/	1970-01-20 15:29:08	Name: CMID Value: Y0pJttBNX9X39YJ6TfbKBQAA
.casalemedia.com/	1970-01-20 08:53:08	Name: CMPS Value: 4376
.casalemedia.com/	1970-01-20 08:53:08	Name: CMPRO Value: 4376
.rlcdn.com/	1970-01-20 15:29:08	Name: rlas3 Value: T8oMR5r7Ae7dylCgEz7gpUU4OKPxBlMoITrW6LigEUY=
.rlcdn.com/	1970-01-20 08:09:56	Name: pxrc Value: CLeTqZoGEgUI6AcQABIGCOndKhAA
.casalemedia.com/	1970-01-20 08:53:08	Name: CMTS Value: 4352
.e.dlx.addthis.com/	1970-01-20 16:13:47	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:13:47	Name: na_id Value: 2022101505483900064628037570
.addthis.com/	1970-01-20 16:13:47	Name: na_tc Value: Y
.addthis.com/	1970-01-20 16:13:47	Name: uid Value: 634a49b7add56d6e
.addthis.com/	1970-01-20 16:13:47	Name: ouid Value: 634a49b70001bc99aaf4344e7b02c22564098d0eba7065429db3
.dlx.addthis.com/	1970-01-20 07:26:44	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:26:44	Name: na_sr Value: 20221015
.dlx.addthis.com/	1970-01-20 06:43:32	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:26:44	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://googleads.g.doubleclick.net/pagead/html/r20221012/r20110914/zrt_lookup.html?fsb=1(Line 21) Message: The Content Security Policy 'child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/14788148572810818672/index.html' was delivered via a <meta> element outside the document's <head>, which is disallowed. The policy has been ignored.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIO-aI9c7q_1DzpbFl_jSBg&google_cver=1&google_push=AZmPxg90vHX_R3HQG8fVBIWINrT6we8Wffk4h6nfIV6WRR0RKPpEkHBvJIT_y9Z6p0ag396vcyW76PWtO38SnacT1_oDCWU_KAeprw Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEB7UUAGNa4SurAqdnHI39I8&google_cver=1&google_push=AZmPxg-EDXMACGVHS58MSxEsvlzhoT7pOVU8X_ZnJpLmsur1wqmYrQNuynqm76G_3R44RgacbOHZPzzHOHWNYEG7xkT3j-K1T8XD Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
bid.g.doubleclick.net
cm.g.doubleclick.net
cms.quantserve.com
counter.yadro.ru
csi.gstatic.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
id.rlcdn.com
image6.pubmatic.com
imasdk.googleapis.com
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r1---sn-aigl6nsd.c.2mdn.net
r1---sn-aigzrnze.c.2mdn.net
rtb.openx.net
ssum-sec.casalemedia.com
test-otvet.com.ua
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
104.18.19.126
142.250.185.162
142.250.186.130
185.64.190.78
2.18.232.236
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:800::2002
2a00:1450:4001:801::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2003
2a00:1450:4001:829::2003
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:4009:1d::6
2a00:1450:4009:5::6
2a00:f940:2:2:1:3:0:128
2a02:6b8::1:119
35.186.253.211
35.244.174.68
69.173.144.165
74.125.140.157
88.212.202.52
0248573f7874737562dbca0fa10ff6779fd16ff30b2d32d1648a6cde7c113d43
037b2fff7e998f0a8c98c7449d15cdb5ec74c5ffe1ce3680d8cd25d996f5c428
04e35508e0592b2f2441b5d2aed335ca66859fd08ba3a4c4cfd6f2e69db561a4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cb2d4644235cb73c578f98f16f65ff6fcca5bf1a4dc35f71b912401dd200450
1494ac3b493ec92b6b30a07a15082d92fe0f0cc64472f456362d131e1ed65e0d
17f6d34f4b917bb6c5b0947b47a063430213ae78192eae663f120a287be25179
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18ffb82a05bcd7e430f57b9428d2a6990f127948e7ff14d66c3784a84f4330ee
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1edb17b69d4f2ddf4fbe4d84585bea9e13f272cc1304b245f3ecfde2f1b21eed
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
20549eb65e2235d9835585c6184cf302fd6af6523e3d650691d775e8cb94909c
2a7f3d2c238784e955c2426069e8764f35cdbd3a88b5e06e1120a196d119e72d
2acf25de59efc408a7824673f2e75a63f8b2130bce70181ccdd0d7c1a9d182e2
2db242022d57be8e8db08f15eb6966b8dcff5b40b4eff546198481ac0778e58c
2dd5404ffe26ae8c7ee6a762bdae578486953e0769ba5cddb372413b028b8abc
32827f4a96b7e241a45863ef36c111a1fb0dfc8c1c57d3ab4db74dc427c2121c
3523bc3cd5cbead929a3507ebffbd6a7c1de3dfb4cec8c158000da4b8e84dc08
39ea310e86ee5d4b745f48121268b8848ebbc92d2b9a1a791c36c7a03512b101
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
48d9914dac18bd53113c9f8eadcebe0e68fa64e4d5a8377fbd654f27257c6ab7
4bec24bbc582347cbfa534b01b950acd13121d87490c22cb67b96cadb626adfb
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ec7cdd5f970f2a08737a401f9403fdcde77edfdbabf38a85ce8a3b12d77016
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6077d94b1a66d96407b7b8ebbaf4115a694b881b11ce200b67cb3cc8093c69e9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
644b9d0302a6693369bc66e0b706d4908d326cacf62b00ad5e6a80a05e66caf9
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
725a7c61f99517a7ec7d5a7dbbe868b167d7179d0c59f7ebd8e19a97d4ea898f
733b81ca611521c0c5664701f060df9d5486014c1dba79acb22269bfc9e06d0a
73b3f230d790b487d31edc61b4223e1f9c191cee7cc1ddb6a7b95ec5ed4148e6
7d550054af94715ae3a21086cf52bb1d9c25d74f9c8aeaa7cc94615661db6871
85d4d9d923f54a443663389daacd25f5ac16ddbe2445db430b138383858d3dea
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8de4d3b7a75c6e184a6895b1d2590a5f12ae6602b8c085255bfa36f05d5d0241
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a1c79f5e04e5d78b3596e1a5773f8b83a2a7cfdd91b9c1a36aad224870a39d6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c575af27d117c24751620cdd16b33d92440dd43c749eb718279f1f4fb59f876
9ca795de14129d5018599b260f43582cd61c39fa42e074dee2aa94a00dc9f3bb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
b05baa81c415b9511b2725494480c6295628323fd267c4a9a5ea0cf267b9bb7b
b5ca09c1a36c4e7ff4aed9cc76882c34299f80953e00d982667d0ba4cc52e335
b7e54c08be2d3028420666e9aca9074537fb351e2ece4e32b925ffca1840ce12
bc750641a189ad856c6910f822b39a3834fb7cace178555ee7af274593c16fed
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c4951ce38388092914b2fed2a015e8f16e5e19376d4bc4c6594aa85f9112afbe
c9232affad46b9ddd1239711acc6ff257591d759fd4197035f3fbc7bf511d036
d0bb57e9abaada110b98f394f10e302538e9bb3037d4773d04a459f9a4db92f5
d63799bb2899133a11378af34a9a4859050405e79a3dd6b8a34d0c3735bf5945
dd9e12e5309b4cb68cb3055fc04dfa1017d5fda8c2ba7ca0f3b82f77af30d411
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec9114246d6354284832e8623b156ead037da4840b78134aaff6a2673e620b96
ed625419f30d7f9ae1a45b420c7df57bc6a43be5fabcdbba4bac8919fea9bef9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fbc7597e8280f931cf72a300f5f02d20d2eb7a34b97e2652792dbce78b342ba2
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ffde4319b2e752ddffccebb10ae56b9847f5b994d9a196a1b67f92ca5333bff5

test-otvet.com.ua Open in urlscan Pro 2a00:f940:2:2:1:3:0:128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

125 Requests

90 %HTTPS

64 %IPv6

20 Domains

29 Subdomains

24 IPs

5 Countries

5972 kBTransfer

8816 kBSize

32 Cookies

1 Outgoing links

Page URL History

Redirected requests

125 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

test-otvet.com.ua Open in urlscan Pro
2a00:f940:2:2:1:3:0:128 Public Scan

Screenshot
Live screenshot

Full Image

125
Requests

90 %
HTTPS

64 %
IPv6

20
Domains

29
Subdomains

24
IPs

5
Countries

5972 kB
Transfer

8816 kB
Size

32
Cookies

125 HTTP transactions
3 data transactions