1ua.com.ua Open in urlscan Pro
91.235.129.12 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://1ua.com.ua/
Effective URL:
https://1ua.com.ua/
Submission: On May 07 via api (May 7th 2022, 7:01:02 am UTC) from GB — Scanned from GB

Summary HTTP 166 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 28 IPs in 8 countries across 27 domains to perform 166 HTTP transactions. The main IP is 91.235.129.12, located in Amsterdam, Netherlands and belongs to ITLDC-NL, UA. The main domain is 1ua.com.ua.
TLS certificate: Issued by R3 on March 4th 2022. Valid for: 3 months.

This is the only time 1ua.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 34	91.235.129.12 91.235.129.12	21100 (ITLDC-NL) (ITLDC-NL)
20	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:f820:425::3 2a00:f820:425::3	34549 (MEER-AS m...) (MEER-AS meerfarbig GmbH & Co. KG)
1	95.163.118.168 95.163.118.168	12695 (DINET-AS) (DINET-AS)
2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	142.251.39.98 142.251.39.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	188.120.230.147 188.120.230.147	29182 (THEFIRST-...) (THEFIRST-AS Moscow)
1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
2 3	23.32.59.171 23.32.59.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	23.32.59.174 23.32.59.174	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
17	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3 15	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
7 9	104.102.29.65 104.102.29.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3 4	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	2620:116:800d... 2620:116:800d:21:3175:5196:e3fd:8c1d	16509 (AMAZON-02) (AMAZON-02)
1 1	18.202.199.206 18.202.199.206	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
4 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
166	28

34 91.235.129.12 (Amsterdam, Netherlands) 2 redirects

ASN21100 (ITLDC-NL, UA)
PTR: 1ua.com.ua

1ua.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:f820:425::3 (Germany)

ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE)

ra.revolvermaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.163.118.168 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)
PTR: ulogin.ru

ulogin.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.39.98 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.120.230.147 (Russian Federation)

ASN29182 (THEFIRST-AS Moscow, Russia, RU)
PTR: belesta2003.ru

visitnet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

cdn.smntq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.32.59.171 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-171.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
best.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.59.174 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-59-174.deploy.static.akamaitechnologies.com

sale.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.66 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.102.29.65 (Milan, Italy) 7 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-29-65.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.37 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:3175:5196:e3fd:8c1d (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.199.206 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-199-206.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 4 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 119 tpc.googlesyndication.com — Cisco Umbrella Rank: 171	475 KB
34	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 cm.g.doubleclick.net — Cisco Umbrella Rank: 289 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 354	128 KB
34	1ua.com.ua 2 redirects 1ua.com.ua	66 KB
16	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 338	206 KB
11	revolvermaps.com ra.revolvermaps.com — Cisco Umbrella Rank: 232226	284 KB
9	casalemedia.com 7 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 901 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 821	8 KB
7	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 128 www.google.com — Cisco Umbrella Rank: 20	1 KB
4	pubmatic.com 4 redirects image6.pubmatic.com — Cisco Umbrella Rank: 857	2 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 326	4 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	24 KB
4	aliexpress.com 3 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 20451 sale.aliexpress.com — Cisco Umbrella Rank: 27649 www.aliexpress.com — Cisco Umbrella Rank: 19563 best.aliexpress.com — Cisco Umbrella Rank: 59968	5 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2327	52 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 227	110 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	2 KB
3	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 3762	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 478	912 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 2213	415 B
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2703	1 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1596	793 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1299	356 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 4323	376 B
1	smntq.com cdn.smntq.com — Cisco Umbrella Rank: 190522	489 B
1	visitnet.ru visitnet.ru — Cisco Umbrella Rank: 217818	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 940	644 B
1	ulogin.ru ulogin.ru — Cisco Umbrella Rank: 115654	19 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
166	27

	Domain	Requested by
34	1ua.com.ua	2 redirects 1ua.com.ua
20	pagead2.googlesyndication.com	1ua.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
17	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
17	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
16	s0.2mdn.net	1ua.com.ua googleads.g.doubleclick.net s0.2mdn.net
15	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net 1ua.com.ua
11	ra.revolvermaps.com	1ua.com.ua ra.revolvermaps.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	ssum-sec.casalemedia.com	4 redirects
4	image6.pubmatic.com	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	www.google.com	2 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
4	mc.yandex.ru	1 redirects ulogin.ru 1ua.com.ua
3	www.googletagservices.com	googleads.g.doubleclick.net
3	www.gstatic.com	googleads.g.doubleclick.net
3	fonts.googleapis.com	googleads.g.doubleclick.net s0.2mdn.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.co.uk	pagead2.googlesyndication.com
2	googleads4.g.doubleclick.net	1ua.com.ua
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	e.dlx.addthis.com	2 redirects
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.google-analytics.com	1ua.com.ua www.google-analytics.com
1	fonts.gstatic.com	fonts.googleapis.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	best.aliexpress.com	visitnet.ru
1	www.aliexpress.com	1 redirects
1	sale.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	cdn.smntq.com	ulogin.ru
1	visitnet.ru	ulogin.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	ulogin.ru	1ua.com.ua
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
166	36

This site contains links to these domains. Also see Links.

Domain
hyperhost.ua

Subject Issuer	Validity	Valid
1ua.com.ua R3	`2022-03-04` - `2022-06-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.revolvermaps.com R3	`2022-03-29` - `2022-06-27`	3 months	crt.sh
ulogin.ru R3	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
visitnet.ru R3	`2022-05-04` - `2022-08-02`	3 months	crt.sh
smntq.com R3	`2022-03-21` - `2022-06-19`	3 months	crt.sh
ru.aliexpress.com DigiCert SHA2 Secure Server CA	`2022-02-15` - `2023-02-16`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://1ua.com.ua/
Frame ID: 318635DE89C7DC18B3BF0B43B6AA500F
Requests: 62 HTTP requests in this frame

Frame: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
Frame ID: A8542E007710214D6DAE7B27B11EBC08
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html
Frame ID: 4E969DB051B5BFD7A8974253D30D5607
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&adk=1812271804&adf=3025194257&lmt=1651906855&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2F1ua.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855450&bpp=2&bdt=240&idt=200&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5623980844458&frm=20&pv=2&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215
Frame ID: D818627B26E4C3DD892957E684CF9F64
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=280&slotname=5938872690&adk=1163135002&adf=4057977544&pi=t.ma~as.5938872690&w=436&fwrn=4&fwrnh=100&lmt=1651906855&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855453&bpp=3&bdt=244&idt=217&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9WYc4jjeBu&p=https%3A//1ua.com.ua&dtd=222
Frame ID: FC7CB2BA5890136FDE2E4105E98A1C2D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=250&slotname=3890010693&adk=2148452698&adf=412646782&pi=t.ma~as.3890010693&w=300&lmt=1651906855&psa=0&format=300x250&url=https%3A%2F%2F1ua.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855456&bpp=3&bdt=247&idt=229&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C436x280&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=423&ady=2268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=HndkI7YuNs&p=https%3A//1ua.com.ua&dtd=232
Frame ID: 090FD1C11BA9F7549F701132724A7CFE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=280&slotname=5938872690&adk=1394410205&adf=2561195495&pi=t.ma~as.5938872690&w=431&fwrn=4&fwrnh=100&lmt=1651906855&rafmt=1&psa=0&format=431x280&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855459&bpp=1&bdt=250&idt=244&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C436x280%2C300x250&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=e9uPZgtuOF&p=https%3A//1ua.com.ua&dtd=247
Frame ID: 53E9C451A237696BCD0593B9B94CD572
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=280&slotname=5938872690&adk=2633429791&adf=3295914363&pi=t.ma~as.5938872690&w=435&fwrn=4&fwrnh=100&lmt=1651906855&rafmt=1&psa=0&format=435x280&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855460&bpp=2&bdt=250&idt=324&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C436x280%2C300x250%2C431x280&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=JN4BUs2Snu&p=https%3A//1ua.com.ua&dtd=327
Frame ID: D413A642D00A1B4701EEF958E2A3AA42
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=1510&slotname=8348355093&adk=2165285112&adf=1259160824&pi=t.ma~as.8348355093&w=439&cr_col=1&cr_row=13&fwrn=2&lmt=1651906855&rafmt=9&psa=0&format=439x1510&url=https%3A%2F%2F1ua.com.ua%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855462&bpp=2&bdt=252&idt=335&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=803&ady=3676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=DN6Xw50aaa&p=https%3A//1ua.com.ua&dtd=337
Frame ID: A02473C45A4EB375AA9C0D038C74A7AE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=200&slotname=5188837210&adk=956229238&adf=1229124505&pi=t.ma~as.5188837210&w=1200&fwrn=4&lmt=1651906856&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2F1ua.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855464&bpp=2&bdt=254&idt=345&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3783&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=BiZ4XZRNov&p=https%3A//1ua.com.ua&dtd=595
Frame ID: D684618193988AD4BA89DF4ADAEAC6B0
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=100&adk=1032057749&adf=2170129710&pi=t.aa~a.249942291~rp.3&w=437&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=437x100&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=-M&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200&nras=2&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LgiYJQAjRO&p=https%3A//1ua.com.ua&dtd=15
Frame ID: 151E6C225DE5C2B8C94F5231AEE1C072
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=50&adk=4035368731&adf=3736020132&pi=t.aa~a.3434981366~rp.1&w=443&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=443x50&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=1&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200%2C437x100&nras=3&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1621&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=T3XSRP5ZSv&p=https%3A//1ua.com.ua&dtd=18
Frame ID: 6D01711DCBD9360F68788DD2F4E05B7C
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?lan=en&aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=_AqYm13&aff_trace_key=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&terminal_id=059501c279094ae7aae97bbd32f76e31
Frame ID: 79BFE16E1CCE8F3E16E31029AE12F7E2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Frame ID: 3B157724CC7CF898CACC5F0D19971A53
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGNbauMkBMAE&v=APEucNXghlvITmQnxSO90JjxVk8_MeFub9FrYiP7u_SQOAborU37SokYV6YLUEn1GPK5350IYpGB3D9tDCFB9JXYjWA4vR8ZjN7F8aZtZpWQfXdUwNDVJub58L5RXE8TeKjDfs08DXaZtuDUAh0l_-aNuTdl837Uwb86HKetThnIMQQFk31DUIY
Frame ID: 8C418BC1DF3BC8894DF9A527329002BA
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Frame ID: A9159821C406B0C333DCCC5835FED76E
Requests: 13 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 6EAAF56C5673C5F8F6AF04A358F93E35
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F81CECAAD3B2263A9A186926C83CF153
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D9E8460D7C2F3AF5AE383D2CE17F890A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: B1AA51223086889411EF4D29A7E0DB13
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: ECE679D8BB25B083D71F25B290BE3EC4
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8F167A4599B4BC998E0F68D543A4FDBF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Frame ID: A285CB2BDD77F03F06DCAD44A8C8718C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js
Frame ID: D000A7310D9B69615790B0324F304B88
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
Frame ID: 0F17D42E389A323F74102D1EC4646F36
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C55CA384C793B912FA4AA57DB8EDB62
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 64AB9935C7C8BBCB985DE1913E729A0D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Перша Всеукраїнська соціальна мережа

Page URL History Show full URLs

http://1ua.com.ua/ HTTP 301
https://1ua.com.ua/ Page URL

Detected technologies

RevolverMaps (Maps) Expand

Overall confidence: 100%
Detected patterns

\.revolvermaps\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

Page Statistics

166
Requests

89 %
HTTPS

47 %
IPv6

27
Domains

36
Subdomains

28
IPs

8
Countries

1396 kB
Transfer

3110 kB
Size

44
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://hyperhost.ua/
Title: Хостинг

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://1ua.com.ua/ HTTP 301
https://1ua.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://1ua.com.ua/avatar/s.jpg HTTP 302
https://1ua.com.ua/404.shtml

Request Chain 59

https://mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2F1ua.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A465%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A576127778609%3Ahid%3A113256077%3Az%3A0%3Ai%3A20220507070056%3Aet%3A1651906856%3Ac%3A1%3Arn%3A333888391%3Arqn%3A1%3Au%3A1651906856936886214%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651906854785%3Ads%3A0%2C117%2C191%2C1%2C113%2C0%2C%2C170%2C0%2C%2C%2C%2C593%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651906856%3At%3A%D0%9F%D0%B5%D1%80%D1%88%D0%B0%20%D0%92%D1%81%D0%B5%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D1%81%D0%BE%D1%86%D1%96%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%20%D0%BC%D0%B5%D1%80%D0%B5%D0%B6%D0%B0&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/82412725/1?wmode=7&page-url=https%3A%2F%2F1ua.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A465%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A576127778609%3Ahid%3A113256077%3Az%3A0%3Ai%3A20220507070056%3Aet%3A1651906856%3Ac%3A1%3Arn%3A333888391%3Arqn%3A1%3Au%3A1651906856936886214%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651906854785%3Ads%3A0%2C117%2C191%2C1%2C113%2C0%2C%2C170%2C0%2C%2C%2C%2C593%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651906856%3At%3A%D0%9F%D0%B5%D1%80%D1%88%D0%B0%20%D0%92%D1%81%D0%B5%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D1%81%D0%BE%D1%86%D1%96%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%20%D0%BC%D0%B5%D1%80%D0%B5%D0%B6%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 68

https://s.click.aliexpress.com/e/_AqYm13 HTTP 302
https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=_AqYm13&aff_trace_key=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&terminal_id=059501c279094ae7aae97bbd32f76e31 HTTP 302
https://www.aliexpress.com/?aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=_AqYm13&aff_trace_key=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&terminal_id=059501c279094ae7aae97bbd32f76e31 HTTP 302
https://best.aliexpress.com/?lan=en&aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=_AqYm13&aff_trace_key=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&terminal_id=059501c279094ae7aae97bbd32f76e31

Request Chain 95

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_PKRg5P1nJiL_kdJtC9LU&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_PKRg5P1nJiL_kdJtC9LU&google_cver=1&C=1

Request Chain 96

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnYZKKcBSE7CYr2AJU5N0gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-13h7d-AAP1wbQ-K1gVYg&google_cver=1

Request Chain 97

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBg0qNhnNHtuhDbUTXi_QP8&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBg0qNhnNHtuhDbUTXi_QP8%26google_cver%3D1

Request Chain 98

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzU4NDc3ODc5MjUwMzcyNg%3D%3D

Request Chain 108

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIE084r8H5AE4HiKkSwK_P-8n0T9Zx59ob4XHrKdzZzJ1JA21enSJzz-Ejd5DoI7PEtuVxfSU6OmqJdcNR2XYLfKnX-2oAO&google_gid=CAESENt_MGHG9iUkX91IA3yy0p4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW5ZWktBQUFCTlQ5T2xzbg&google_push=AYg5qPIE084r8H5AE4HiKkSwK_P-8n0T9Zx59ob4XHrKdzZzJ1JA21enSJzz-Ejd5DoI7PEtuVxfSU6OmqJdcNR2XYLfKnX-2oAO

Request Chain 109

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXoVDlMs8BX5XELPq4Gzs2gOlNA27SOltiX_2nbxZ2H8Q6yv1hv4N53adsRlzql-jOWTCw2RxMh-BcnNAyX-L62Wx9pCdl&google_gid=CAESEDQGCTvDjZRBBzU9hNE9-Os&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXoVDlMs8BX5XELPq4Gzs2gOlNA27SOltiX_2nbxZ2H8Q6yv1hv4N53adsRlzql-jOWTCw2RxMh-BcnNAyX-L62Wx9pCdl&google_gid=CAESEDQGCTvDjZRBBzU9hNE9-Os&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MDcwNzAwNTcwMDAzODIwMDcxMDEzMw%3D%3D&google_push=AYg5qPJXoVDlMs8BX5XELPq4Gzs2gOlNA27SOltiX_2nbxZ2H8Q6yv1hv4N53adsRlzql-jOWTCw2RxMh-BcnNAyX-L62Wx9pCdl

Request Chain 111

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMysis3pfnkUI51L_BqWRqg&google_cver=1&google_push=AYg5qPIe3t0ym399YecthRWWu_jsClTkgqBgbZU03oaAHLpE5Bsi61BnnoPaN2Qxv01SNhyekOi6r83uq_xlkr6Suz4XkpzxKgVZ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEMysis3pfnkUI51L_BqWRqg&google_cver=1&google_push=AYg5qPIe3t0ym399YecthRWWu_jsClTkgqBgbZU03oaAHLpE5Bsi61BnnoPaN2Qxv01SNhyekOi6r83uq_xlkr6Suz4XkpzxKgVZ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2G2BNUh_QPyte8jIIi289A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIe3t0ym399YecthRWWu_jsClTkgqBgbZU03oaAHLpE5Bsi61BnnoPaN2Qxv01SNhyekOi6r83uq_xlkr6Suz4XkpzxKgVZ

Request Chain 112

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJOwreVxgwMX7qG5HEAaKhw&google_cver=1&google_push=AYg5qPJCyF8FdYRHF6WMf1e8T6lSlxpDLGe_QjBcnmyzEkkXudzgVNhg7RtLbRem15DLM340DsMkbWI0FWx-XPlXxnFNh9NikVJ5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWSU9XQlotWS1BU0Va&google_push=AYg5qPJCyF8FdYRHF6WMf1e8T6lSlxpDLGe_QjBcnmyzEkkXudzgVNhg7RtLbRem15DLM340DsMkbWI0FWx-XPlXxnFNh9NikVJ5

Request Chain 113

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI8btu4MDgrhy38nIUutyR4&google_cver=1&google_push=AYg5qPIOJvv3bwjDVj6-Fge8jSwFlmdkWkabwfQnkXGm5WOlhHa1_6bpkuILU-DkoOUmAfVGgIViBhYUTaoL28_vo1WKhzkSGxo HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI8btu4MDgrhy38nIUutyR4&google_push=AYg5qPIOJvv3bwjDVj6-Fge8jSwFlmdkWkabwfQnkXGm5WOlhHa1_6bpkuILU-DkoOUmAfVGgIViBhYUTaoL28_vo1WKhzkSGxo&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YnYZKKcBSE7CYr2AJU5N0gAAB00AAAIB&google_gid=CAESEI8btu4MDgrhy38nIUutyR4&google_cver=1&google_push=AYg5qPIOJvv3bwjDVj6-Fge8jSwFlmdkWkabwfQnkXGm5WOlhHa1_6bpkuILU-DkoOUmAfVGgIViBhYUTaoL28_vo1WKhzkSGxo

Request Chain 122

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED78Is_QYbaM8QXgSfMoL80&google_cver=1&google_push=AYg5qPIGQYV_7MPT6wo1gGrr7Ug0hP5eHzIm3Ki3vqxL5JILhEMEr52_xkrnYZ-W0zbeF1WHrHwC9eskBNmcPp5Xd8SO6igkxg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIGQYV_7MPT6wo1gGrr7Ug0hP5eHzIm3Ki3vqxL5JILhEMEr52_xkrnYZ-W0zbeF1WHrHwC9eskBNmcPp5Xd8SO6igkxg&google_hm=PHm2jfGQ6hXGGYKWrc6UJg

Request Chain 125

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOIO7THz-zriEF01lMIangw&google_cver=1&google_push=AYg5qPIJgy6vxN9FdHqrm6M86AYLzZfB1C98lqNzh4f76SyRAOIoBeqz7qc-aiS7M5jSKX3nIPGthrr4VZFZy_DTkYL6vaofAuM HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOIO7THz-zriEF01lMIangw&google_cver=1&google_push=AYg5qPIJgy6vxN9FdHqrm6M86AYLzZfB1C98lqNzh4f76SyRAOIoBeqz7qc-aiS7M5jSKX3nIPGthrr4VZFZy_DTkYL6vaofAuM&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rV4zij7UR2iIM9qRqibz_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJgy6vxN9FdHqrm6M86AYLzZfB1C98lqNzh4f76SyRAOIoBeqz7qc-aiS7M5jSKX3nIPGthrr4VZFZy_DTkYL6vaofAuM

Request Chain 126

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOW-D_Zp7yNtn9nNwYEyxZU&google_cver=1&google_push=AYg5qPLOsOOMtiNdtBUdZip23Cq0GC877kRWtjOa7_VXnfvzayd4cexVYGXJ8ZXHJwn_qWNSK0DI2NqJEDKPFBp-Aas7rvLRRw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWSU9XREEtSC1CV0U5&google_push=AYg5qPLOsOOMtiNdtBUdZip23Cq0GC877kRWtjOa7_VXnfvzayd4cexVYGXJ8ZXHJwn_qWNSK0DI2NqJEDKPFBp-Aas7rvLRRw

Request Chain 127

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAxwRu2N3cPg_Gi9ZqU_O_I&google_cver=1&google_push=AYg5qPLBBbEv1lhjrOVQ3dCdU1YXD2hcSLwNsOjjrA5tQCUUVKEJmBfZvx1tl_KsWBnhjz7m5epiT0-qN-BmdkyBL_dR10FQqUg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAxwRu2N3cPg_Gi9ZqU_O_I&google_push=AYg5qPLBBbEv1lhjrOVQ3dCdU1YXD2hcSLwNsOjjrA5tQCUUVKEJmBfZvx1tl_KsWBnhjz7m5epiT0-qN-BmdkyBL_dR10FQqUg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YnYZKUayFW-jfsLkXWqVLAAABzEAAAAB&google_gid=CAESEAxwRu2N3cPg_Gi9ZqU_O_I&google_cver=1&google_push=AYg5qPLBBbEv1lhjrOVQ3dCdU1YXD2hcSLwNsOjjrA5tQCUUVKEJmBfZvx1tl_KsWBnhjz7m5epiT0-qN-BmdkyBL_dR10FQqUg

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 132

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

166 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
1ua.com.ua/
Redirect Chain

http://1ua.com.ua/
https://1ua.com.ua/

89 KB
17 KB

309ms
191ms

Document
text/html

91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx / PHP/5.4.45

Resource Hash

e6e04aae9b9b2fe8b887972e1788c219dd8a56f8186fdb5146b0c2be54bf44e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=windows-1251
Date: Sat, 07 May 2022 07:00:55 GMT
Server: nginx
Strict-Transport-Security: max-age=31536000;
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent
X-Powered-By: PHP/5.4.45

Redirect headers

Connection: keep-alive
Content-Type: text/html
Date: Sat, 07 May 2022 07:00:54 GMT
Location: https://1ua.com.ua:443/
Server: nginx
Transfer-Encoding: chunked

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
55 KB 154ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7c24f39d73694c9a104b27a0f9172813a11f74e622514b82998f7639b344422d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55926
x-xss-protection: 0
server: cafe
etag: 370280591067499582
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s7159739.jpg
1ua.com.ua/manage/foto/20104/ 4 KB
4 KB 33ms
33ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/manage/foto/20104/s7159739.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

46069647707574f95564415daa30f5b5d369928c57fec3021b7ede73492718e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Mon, 15 Jul 2013 23:13:28 GMT
Server: nginx
ETag: "51e48218-f91"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3985
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s7321025.jpg
1ua.com.ua/manage/foto/20133/ 3 KB
3 KB 140ms
39ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/manage/foto/20133/s7321025.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

1cdfbcd034f25c4c2524188981a1724c53d99894a1ac06abde458ce24fa84ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Tue, 16 Jul 2013 01:34:07 GMT
Server: nginx
ETag: "51e4a30f-a1f"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2591
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s7103068.jpg
1ua.com.ua/manage/foto/201312/ 2 KB
2 KB 141ms
39ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/manage/foto/201312/s7103068.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

f6521fdb490adf916a3441504ddf3704bec647e8d7352152f5e30466108a5bd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Wed, 11 Dec 2013 03:07:06 GMT
Server: nginx
ETag: "52a7d6da-6c3"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1731
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s5461820.jpg
1ua.com.ua/manage/foto/201412/ 2 KB
3 KB 141ms
39ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/manage/foto/201412/s5461820.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

c44926bec65fa29a71efc412a5705d93dae59c7c3bc84030468071239c1df7e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Wed, 03 Dec 2014 19:20:33 GMT
Server: nginx
ETag: "547f6281-965"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2405
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s73120030.jpg
1ua.com.ua/avatar/ 1 KB
2 KB 178ms
34ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/avatar/s73120030.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

aa86f9e2f333264dff83538350e37ccfd0f6a452a388bad277bb5caf9169e1fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sun, 03 Feb 2019 12:18:34 GMT
Server: nginx
ETag: "5c56dc1a-51e"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1310
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s73422099.jpg
1ua.com.ua/avatar/ 1 KB
2 KB 61ms
33ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/avatar/s73422099.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

0d63ff966248f3a07a00410b32625f809dc59407499a37c2707f9a512902b6e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Mon, 02 Jan 2017 11:32:23 GMT
Server: nginx
ETag: "586a3a47-5e6"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1510
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s73307660.jpg
1ua.com.ua/avatar/ 1 KB
2 KB 105ms
43ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/avatar/s73307660.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

1691b91c2a7a7d9c76d6cab9cbb9d433f640662b6b9c9afab9e29eeb0950bbaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sat, 23 May 2015 01:50:21 GMT
Server: nginx
ETag: "555fdcdd-5d1"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1489
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s70172854.jpg
1ua.com.ua/avatar/ 2 KB
2 KB 64ms
33ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/avatar/s70172854.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

01fecc4c3c457782e634fdfd2d1f9c5dfe751e03abc5260854aa88d9c703e259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Thu, 04 Feb 2016 21:18:16 GMT
Server: nginx
ETag: "56b3c018-771"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1905
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s73545575.jpg
1ua.com.ua/avatar/ 2 KB
2 KB 65ms
33ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/avatar/s73545575.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

4c0e7d6347e6fdb4285cc8a668462b9a20b3ec649000f904d815972330850205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Fri, 06 May 2022 21:49:35 GMT
Server: nginx
ETag: "627597ef-63d"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1597
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK 1.js Show response
ra.revolvermaps.com/0/0/ 3 KB
2 KB 125ms
38ms Script
application/javascript 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/0/0/1.js?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9400c75dca241ca52b09f0de7d749e3aa2c583cf8d1f3933e00eacb46c5b1a30

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 27 Jun 2017 13:38:02 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=31536000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 1310

GET
H/1.1 200
OK flag-uk.gif
1ua.com.ua/ 1 KB
1 KB 36ms
34ms Image
image/gif 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/flag-uk.gif

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

ace9522851e72c7e6fba75afc87f376452f882ebf71b780e60fc43e1ff522bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sun, 18 Feb 2007 17:12:19 GMT
Server: nginx
ETag: "45d888f3-43a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1082
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK style2black.jpg
1ua.com.ua/images/ 644 B
993 B 36ms
34ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/style2black.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

b8dc6615f1f1140e6ab9966f63b74069ef061bedc77fd0093e3c32087a1c3233

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sat, 11 May 2013 10:42:56 GMT
Server: nginx
ETag: "518e20b0-284"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 644
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK style2brown.jpg
1ua.com.ua/images/ 652 B
1001 B 35ms
33ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/style2brown.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

a9adcd490f48779a6850a9eae737563c3073fa19877640fcbf5b9045c8af11cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sat, 11 May 2013 10:42:58 GMT
Server: nginx
ETag: "518e20b2-28c"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 652
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK style2.jpg
1ua.com.ua/images/ 634 B
983 B 35ms
34ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/style2.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

965a8b43a67d75680e3a1effadfa19377306a3fdfb8b90e5bdf2a5e906337350

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Thu, 27 Mar 2014 19:43:15 GMT
Server: nginx
ETag: "53347f53-27a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 634
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK style2green.jpg
1ua.com.ua/images/ 634 B
983 B 35ms
33ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/style2green.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

6d6c638c8e3ec89d92baf03fac4617ec7efe8f216d23c0522c3f47a1346ea248

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Tue, 25 Mar 2014 21:05:22 GMT
Server: nginx
ETag: "5331ef92-27a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 634
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK style2purple.jpg
1ua.com.ua/images/ 650 B
999 B 35ms
34ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/style2purple.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

93b4ef21a8b275f472643b1a23ff7132059781d4c0cdf105b90aee72506317fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sat, 11 May 2013 10:42:57 GMT
Server: nginx
ETag: "518e20b1-28a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 650
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK style2red.jpg
1ua.com.ua/images/ 646 B
995 B 35ms
33ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/style2red.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

3c52b584d25e1f9af79dc8fde8ed34f0d546e2b9c4c1c1ce5da569cd0edd071d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sat, 11 May 2013 10:42:57 GMT
Server: nginx
ETag: "518e20b1-286"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 646
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK style2pink.jpg
1ua.com.ua/images/ 634 B
983 B 35ms
34ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/style2pink.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

6db248b2f3e6b297a3017ff29757b489b2db74f27e9e27d4717056d8fe4dae57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Thu, 27 Mar 2014 20:05:02 GMT
Server: nginx
ETag: "5334846e-27a"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 634
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK style2yellow.jpg
1ua.com.ua/images/ 651 B
1000 B 35ms
34ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/style2yellow.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

868711e2e678fe60cac6b464ce73c56755839e8bfa1a5eb53b6ef0789a68dffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sat, 11 May 2013 10:42:58 GMT
Server: nginx
ETag: "518e20b2-28b"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 651
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK banner8831.png
1ua.com.ua/ 881 B
1 KB 35ms
34ms Image
image/png 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/banner8831.png

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

318d9e7e88f7c01c4724bfe4e5901d2f16965b9524c30533ee4b26748db03bf0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Mon, 19 Nov 2012 21:04:13 GMT
Server: nginx
ETag: "50aa9ecd-371"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 881
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK nforum.png
1ua.com.ua/images/ 398 B
746 B 63ms
33ms Image
image/png 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/nforum.png

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

1bb979af30a55a8a7a594a5059d540d3f164796d905186fc45d3355f16bd2875

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Wed, 09 Mar 2011 21:51:03 GMT
Server: nginx
ETag: "4d77f647-18e"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 398
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK s7.jpg
1ua.com.ua/avatar/ 2 KB
2 KB 66ms
34ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/avatar/s7.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

c550cc0f2d2126f6df91f6aff0041b136337ee637694258d34b72ba32358ff41

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Tue, 27 Nov 2012 07:28:03 GMT
Server: nginx
ETag: "50b46b83-70c"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1804
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1

200
OK

404.shtml
1ua.com.ua/
Redirect Chain

https://1ua.com.ua/avatar/s.jpg
https://1ua.com.ua/404.shtml

725 B
725 B

76ms
37ms

Image
text/html

91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/404.shtml

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000;

Redirect headers

Location: http://1ua.com.ua/404.shtml
Date: Sat, 07 May 2022 07:00:55 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 200
OK s70822289.jpg
1ua.com.ua/avatar/ 2 KB
2 KB 89ms
39ms Image
image/jpeg 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/avatar/s70822289.jpg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

c0f9e7a188a2f5500a9d1fddbebbd1104d400d060d51349af62c48f2fef11bc2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Thu, 24 Jun 2021 14:18:48 GMT
Server: nginx
ETag: "60d49448-78d"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1933
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
55 KB 142ms
60ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7495053896041990

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f752a5ae175998c5bf466efccc8f485e056e0680fafb2393a197f2335c5cad5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Origin: https://1ua.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55908
x-xss-protection: 0
server: cafe
etag: 5862626888300430172
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 07 May 2022 07:00:55 GMT

GET
H/1.1 200
OK ulogin.js Show response
ulogin.ru/js/ 55 KB
19 KB 402ms
158ms Script
application/x-javascript 95.163.118.168
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ulogin.ru/js/ulogin.js
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.118.168 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS: ulogin.ru
Software: nginx /
Resource Hash: e05c55c6b188ed19c33b45dcb2fbc5ddc21a79a0ac6a6d67ed7fb95736f723f7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 13 Jan 2022 12:54:01 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=259200
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Tue, 10 May 2022 07:00:55 GMT

GET
H/1.1 200
OK up.png
1ua.com.ua/images/ 933 B
1 KB 34ms
34ms Image
image/png 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/up.png

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

aa2a287712a65fcb5ac34059d734c93455dcda1a81e49301b7c0495c4de859cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Mon, 26 Jan 2015 18:09:08 GMT
Server: nginx
ETag: "54c682c4-3a5"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 933
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK JsHttpRequest.js Show response
1ua.com.ua/js/JsHttpRequest/ 13 KB
5 KB 140ms
39ms Script
application/javascript 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://1ua.com.ua/js/JsHttpRequest/JsHttpRequest.js

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

46bd4441b1f775df246fe6e41cbd6cbd69099dc474692dc0f79ea79d24b2d590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Sat, 01 May 2021 20:31:58 GMT
Server: nginx
ETag: W/"608dbabe-331a"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript; charset=WINDOWS-1251
Cache-Control: max-age=604800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 127ms
37ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5165
date: Sat, 07 May 2022 05:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 07 May 2022 07:34:50 GMT

GET
H/1.1 200
OK inn0.png
1ua.com.ua/images/ 821 B
1 KB 42ms
33ms Image
image/png 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/images/inn0.png

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

b522e54106ff64192c6927df4d294466550b012d37ccd8d35d929865879af17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Thu, 11 Sep 2014 11:46:58 GMT
Server: nginx
ETag: "54118bb2-335"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 821
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK flag-en0.png
1ua.com.ua/ 1 KB
1 KB 34ms
34ms Image
image/png 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/flag-en0.png

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

bfcfd18c8d5c94d1b89b65648f93b48c9512b9445d3b65d5c6b6e77d02f087fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sun, 28 Dec 2014 16:47:49 GMT
Server: nginx
ETag: "54a03435-406"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/png
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1030
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK flag-ru0.gif
1ua.com.ua/ 1018 B
1 KB 35ms
34ms Image
image/gif 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://1ua.com.ua/flag-ru0.gif

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx /

Resource Hash

d4c780fa83944751d224704f10789a2e978bac24c4ff81a64fd3311966904d8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sun, 28 Dec 2014 16:47:49 GMT
Server: nginx
ETag: "54a03435-3fa"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/gif
Cache-Control: max-age=604800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1018
Expires: Sat, 14 May 2022 07:00:55 GMT

GET
H/1.1 200
OK c.php
ra.revolvermaps.com/js/ 43 B
289 B 40ms
39ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/js/c.php?i=0khnid18odj
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sat, 07 May 2022 07:00:55 GMT
Server: Apache
Content-Type: image/gif
Cache-Control: max-age=900
Connection: Keep-Alive
Keep-Alive: timeout=4, max=99
Content-Length: 43

GET
H/1.1 200
OK r.php
ra.revolvermaps.com/js/ 43 B
215 B 79ms
39ms Image
image/gif 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/js/r.php?i=0khnid18odj&l=https%3A%2F%2F1ua.com.ua%2F&r=1651906855376
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=98
Content-Length: 43
Content-Type: image/gif

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
203 B 45ms
44ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=483252106&t=pageview&_s=1&dl=https%3A%2F%2F1ua.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%9F%D0%B5%D1%80%D1%88%D0%B0%20%D0%92%D1%81%D0%B5%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D1%81%D0%BE%D1%86%D1%96%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%20%D0%BC%D0%B5%D1%80%D0%B5%D0%B6%D0%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1444047682&gjid=602280914&cid=1011065495.1651906855&tid=UA-9890031-1&_gid=1706144304.1651906855&_r=1&_slc=1&z=1977778965

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://1ua.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://1ua.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK a2.php Show response
ra.revolvermaps.com/w/1/a/ Frame A854 22 KB
8 KB 57ms
40ms Document
text/html 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
Requested by: Host: ra.revolvermaps.com
URL: https://ra.revolvermaps.com/0/0/1.js?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 8085c3f936c1c5df3f94b523aa38f2422db9b56f626df50e37070c6d42aedbed

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: public, max-age=2592000
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sat, 07 May 2022 07:00:55 GMT
Keep-Alive: timeout=4, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/ 308 KB
110 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7495053896041990&plah=1ua.com.ua&bust=31067427

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7495053896041990

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f3ef3a6c3d3d9df1180b62ad5b2af6d68f9711adb8e12f5746d74ba56dc3421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112615
x-xss-protection: 0
server: cafe
etag: 12971311258802342880
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 07 May 2022 07:00:55 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/ Frame 4E96 10 KB
5 KB 121ms
37ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220504/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7495053896041990

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 57542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 15:01:53 GMT
etag: 1428802124239944296
expires: Fri, 20 May 2022 15:01:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK a.php Show response
ra.revolvermaps.com/w/6/b/ Frame A854 37 B
224 B 39ms
38ms XHR
text/plain 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/w/6/b/a.php?i=0khnid18odj&r=yt20
Requested by: Host: ra.revolvermaps.com
URL: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 33207a9e2f82fc4ecb772cefbe2348913751323fd9a6d5583a8c34b043a8a405

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=4, max=99
Content-Length: 37
Content-Type: text/plain;charset=UTF-8

GET
H/1.1 200
OK 2048
ra.revolvermaps.com/w/lib/pub/m/lq/0/ Frame A854 260 KB
260 KB 38ms
38ms Image
image/jpeg 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/w/lib/pub/m/lq/0/2048
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: e227e48b9bb9daa02a499a4bed2e5fb956260e11f589a4c6db855eebc55d1c40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Tue, 17 Jun 2014 09:37:26 GMT
Server: Apache
Content-Type: image/jpeg
Cache-Control: public, max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=97
Content-Length: 266360

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
644 B 145ms
36ms Script
text/javascript 142.251.39.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=1ua.com.ua&callback=_gfp_s_&client=ca-pub-7495053896041990

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7495053896041990&plah=1ua.com.ua&bust=31067427

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s48-in-f2.1e100.net

Software

cafe /

Resource Hash

e323657193110babc264b0a689e0a9d21b2e9a8017cb647581889d0c6259eaef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 199
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 131ms
47ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1ua.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 May 2022 07:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 135ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1ua.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 May 2022 07:00:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1ua.com.ua%2F&tn=DIV&cls=cookie&ign=false&pw=1600&ph=1200&x=0&y=1130.4

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 70ms
70ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2F1ua.com.ua%2F&tn=DIV&cls=menu&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D818 163 KB
45 KB 458ms
381ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&adk=1812271804&adf=3025194257&lmt=1651906855&plat=1%3A16777216%2C2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2F1ua.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855450&bpp=2&bdt=240&idt=200&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5623980844458&frm=20&pv=2&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=215

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fa4a4e4487ca636fd8219a54f407f57ff4e6431332379392f54d590f3ac88bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 45739
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:56 GMT
expires: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FC7C 436 B
234 B 428ms
361ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=280&slotname=5938872690&adk=1163135002&adf=4057977544&pi=t.ma~as.5938872690&w=436&fwrn=4&fwrnh=100&lmt=1651906855&rafmt=1&psa=0&format=436x280&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855453&bpp=3&bdt=244&idt=217&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=355&ady=126&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=9WYc4jjeBu&p=https%3A//1ua.com.ua&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4030b5f01c847b7bdbad4535d686bc760edda6bbfc4ecb2ef885b0e77743ae1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:56 GMT
expires: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 090F 436 B
236 B 344ms
290ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=250&slotname=3890010693&adk=2148452698&adf=412646782&pi=t.ma~as.3890010693&w=300&lmt=1651906855&psa=0&format=300x250&url=https%3A%2F%2F1ua.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855456&bpp=3&bdt=247&idt=229&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C436x280&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=423&ady=2268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=HndkI7YuNs&p=https%3A//1ua.com.ua&dtd=232

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

561daea8691d4d97cccb384789c03e6e1af68e0439452c17cef79a121998d0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 213
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:56 GMT
expires: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 139 KB
50 KB 359ms
175ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

ba612e6bd968bcdd6d35f647bf3fccd01d20b46d4eef4e463e007f804e921224

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:55 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-c5b0"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 50608
expires: Sat, 07 May 2022 08:00:55 GMT

GET
H/1.1 200
OK gb.png
ra.revolvermaps.com/d/f/ Frame A854 584 B
867 B 38ms
38ms Image
image/png 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/d/f/gb.png
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: d3a171334cf8f682e4695304d63dd430d8a468158b4721a7981c60e1d86a786d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:55 GMT
Last-Modified: Sun, 20 Feb 2011 15:36:37 GMT
Server: Apache
Content-Type: image/png
Cache-Control: public, max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=98
Content-Length: 584

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 53E9 436 B
233 B 304ms
269ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=280&slotname=5938872690&adk=1394410205&adf=2561195495&pi=t.ma~as.5938872690&w=431&fwrn=4&fwrnh=100&lmt=1651906855&rafmt=1&psa=0&format=431x280&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855459&bpp=1&bdt=250&idt=244&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C436x280%2C300x250&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=807&ady=123&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=e9uPZgtuOF&p=https%3A//1ua.com.ua&dtd=247

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10a49ab08956cee098256320103a4ada74e468218928994a60582aeb876983dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 210
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:55 GMT
expires: Sat, 07 May 2022 07:00:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK / Show response
visitnet.ru/ver3/ 10 KB
5 KB 337ms
140ms Script
application/javascript 188.120.230.147
THEFIRST-AS Moscow

General

Check archive.org

Show headers Download Go to

Full URL

https://visitnet.ru/ver3/

Requested by

Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

188.120.230.147 , Russian Federation, ASN29182 (THEFIRST-AS Moscow, Russia, RU),

Reverse DNS

belesta2003.ru

Software

nginx/1.13.12 /

Resource Hash

4417f0af5535a6d28b2fff95c696fb045e782da27bf6314659278d6a16493683

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:56 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Saturday, 07-May-2022 07:00:56 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Transfer-Encoding: chunked
Connection: keep-alive

GET
H2 200 smart.js Show response
cdn.smntq.com/c83ul/ 6 B
489 B 229ms
59ms Script
text/javascript 95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smntq.com/c83ul/smart.js
Requested by: Host: ulogin.ru
URL: https://ulogin.ru/js/ulogin.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:55 GMT
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D413 436 B
235 B 352ms
352ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=280&slotname=5938872690&adk=2633429791&adf=3295914363&pi=t.ma~as.5938872690&w=435&fwrn=4&fwrnh=100&lmt=1651906855&rafmt=1&psa=0&format=435x280&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855460&bpp=2&bdt=250&idt=324&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C436x280%2C300x250%2C431x280&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=805&ady=675&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&fsb=1&xpc=JN4BUs2Snu&p=https%3A//1ua.com.ua&dtd=327

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8448e1a12f8cc92a2a90daa54dfa9492d046dfb8182e1e64cae0fd92fdfdda63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:56 GMT
expires: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A024 436 B
234 B 206ms
206ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=1510&slotname=8348355093&adk=2165285112&adf=1259160824&pi=t.ma~as.8348355093&w=439&cr_col=1&cr_row=13&fwrn=2&lmt=1651906855&rafmt=9&psa=0&format=439x1510&url=https%3A%2F%2F1ua.com.ua%2F&crui=image_sidebyside&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855462&bpp=2&bdt=252&idt=335&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=803&ady=3676&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=6&uci=a!6&btvi=2&fsb=1&xpc=DN6Xw50aaa&p=https%3A//1ua.com.ua&dtd=337

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60b180a6c491849335ad75c429ed5445b97056058c9f561d1b975d395a00dee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 211
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:55 GMT
expires: Sat, 07 May 2022 07:00:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 124ms
47ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1ua.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 May 2022 07:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 123ms
46ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1ua.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 May 2022 07:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D684 436 B
236 B 300ms
300ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=200&slotname=5188837210&adk=956229238&adf=1229124505&pi=t.ma~as.5188837210&w=1200&fwrn=4&lmt=1651906856&rafmt=11&psa=0&format=1200x200&url=https%3A%2F%2F1ua.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906855464&bpp=2&bdt=254&idt=345&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510&nras=1&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3783&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=7&uci=a!7&btvi=3&fsb=1&xpc=BiZ4XZRNov&p=https%3A//1ua.com.ua&dtd=595

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81569ba98f2a9db931e9f37cf1070435b461659a8b5fff11686431e50f0c7a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 212
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:56 GMT
expires: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/82412725/
Redirect Chain

https://mc.yandex.ru/watch/82412725?wmode=7&page-url=https%3A%2F%2F1ua.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A465%3Afu%3A0%3Aen%3Awindows-1251%3A...
https://mc.yandex.ru/watch/82412725/1?wmode=7&page-url=https%3A%2F%2F1ua.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A465%3Afu%3A0%3Aen%3Awindows-1251%...

345 B
427 B

94ms
94ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/82412725/1?wmode=7&page-url=https%3A%2F%2F1ua.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A465%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A576127778609%3Ahid%3A113256077%3Az%3A0%3Ai%3A20220507070056%3Aet%3A1651906856%3Ac%3A1%3Arn%3A333888391%3Arqn%3A1%3Au%3A1651906856936886214%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651906854785%3Ads%3A0%2C117%2C191%2C1%2C113%2C0%2C%2C170%2C0%2C%2C%2C%2C593%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651906856%3At%3A%D0%9F%D0%B5%D1%80%D1%88%D0%B0%20%D0%92%D1%81%D0%B5%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D1%81%D0%BE%D1%86%D1%96%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%20%D0%BC%D0%B5%D1%80%D0%B5%D0%B6%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

1584e08f1c966ef7dc4a7effeb444c0bd7e5663972e538396b2346bc2c421bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
x-content-type-options: nosniff
last-modified: Sat, 07-May-2022 07:00:56 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://1ua.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 345
x-xss-protection: 1; mode=block
expires: Sat, 07-May-2022 07:00:56 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
last-modified: Sat, 07-May-2022 07:00:56 GMT
location: /watch/82412725/1?wmode=7&page-url=https%3A%2F%2F1ua.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A3epd2p1htlh5jxirgcqo%3Afp%3A465%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A576127778609%3Ahid%3A113256077%3Az%3A0%3Ai%3A20220507070056%3Aet%3A1651906856%3Ac%3A1%3Arn%3A333888391%3Arqn%3A1%3Au%3A1651906856936886214%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1651906854785%3Ads%3A0%2C117%2C191%2C1%2C113%2C0%2C%2C170%2C0%2C%2C%2C%2C593%3Aco%3A0%3Arqnl%3A1%3Ast%3A1651906856%3At%3A%D0%9F%D0%B5%D1%80%D1%88%D0%B0%20%D0%92%D1%81%D0%B5%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B0%20%D1%81%D0%BE%D1%86%D1%96%D0%B0%D0%BB%D1%8C%D0%BD%D0%B0%20%D0%BC%D0%B5%D1%80%D0%B5%D0%B6%D0%B0&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://1ua.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 07-May-2022 07:00:56 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
136 B 87ms
87ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:56 GMT
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 07 May 2022 08:00:56 GMT

GET
H/1.1 200
OK b.php Show response
ra.revolvermaps.com/w/6/b/ Frame A854 24 KB
10 KB 55ms
55ms XHR
text/plain 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to

Full URL: https://ra.revolvermaps.com/w/6/b/b.php?i=0khnid18odj&t=0
Requested by: Host: ra.revolvermaps.com
URL: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 31493b50641abf0ab2cc92ce98a744a65260d6ce4df3cf0fcb747aec947cd9a5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:56 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8
Cache-Control: max-age=43200
Connection: close
Content-Length: 9678

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/ 146 KB
52 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205040101/reactive_library_fy2019.js?bust=31067427

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69c396815452c599db416de8909a637ba870ab83ff06b0ed7106ccd4c6d829a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52967
x-xss-protection: 0
server: cafe
etag: 9932885404800854090
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 07 May 2022 07:00:56 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 151E 79 KB
32 KB 371ms
370ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=100&adk=1032057749&adf=2170129710&pi=t.aa~a.249942291~rp.3&w=437&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=437x100&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=-M&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200&nras=2&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LgiYJQAjRO&p=https%3A//1ua.com.ua&dtd=15

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb7bafcca9e7f63628a7bb63f55823938cfff2bbe193fcfe254d09b38d9d8e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:56 GMT
expires: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6D01 92 KB
37 KB 249ms
248ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=50&adk=4035368731&adf=3736020132&pi=t.aa~a.3434981366~rp.1&w=443&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=443x50&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=1&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200%2C437x100&nras=3&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1621&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=T3XSRP5ZSv&p=https%3A//1ua.com.ua&dtd=18

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2af8cef57d97acb6e28642f7f445c2db01759486599ee9ff4b968a9fdcd49b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 38272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:56 GMT
expires: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK ca.png
ra.revolvermaps.com/d/f/ Frame A854 485 B
768 B 39ms
38ms Image
image/png 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/d/f/ca.png
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 9c6cb049335c1f011af42f29029f43ffd65a96ad629d3298d599db958c382c76

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:56 GMT
Last-Modified: Wed, 15 Jul 2015 13:47:41 GMT
Server: Apache
Content-Type: image/png
Cache-Control: public, max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=97
Content-Length: 485

GET
H/1.1 200
OK fr.png
ra.revolvermaps.com/d/f/ Frame A854 377 B
661 B 38ms
38ms Image
image/png 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/d/f/fr.png
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: a549a8f09c899552f59c4ff252a8bee40a01738c688c021241c7663c8501e9b8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:56 GMT
Last-Modified: Wed, 15 Jul 2015 13:48:00 GMT
Server: Apache
Content-Type: image/png
Cache-Control: public, max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=100
Content-Length: 377

GET
H/1.1 200
OK us.png
ra.revolvermaps.com/d/f/ Frame A854 505 B
788 B 77ms
38ms Image
image/png 2a00:f820:425::3
MEER-AS meerfarbi...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ra.revolvermaps.com/d/f/us.png
Requested by: Host: 1ua.com.ua
URL: https://1ua.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:f820:425::3 , Germany, ASN34549 (MEER-AS meerfarbig GmbH & Co. KG, DE),
Reverse DNS
Software: Apache /
Resource Hash: 30ad03ac42e6c9b02ab34584e28a12e7efcc574428e279ac776604159d2d474e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ra.revolvermaps.com/w/1/a/a2.php?i=0khnid18odj&s=220&m=0&v=true&r=false&b=ffffff&n=false&c=fff600
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sat, 07 May 2022 07:00:56 GMT
Last-Modified: Wed, 15 Jul 2015 13:49:17 GMT
Server: Apache
Content-Type: image/png
Cache-Control: public, max-age=290304000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=4, max=99
Content-Length: 505

GET
H2

200

/
best.aliexpress.com/ Frame 79BF
Redirect Chain

https://s.click.aliexpress.com/e/_AqYm13
https://sale.aliexpress.com/September_fashion_new_lianmeng.htm?aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=...
https://www.aliexpress.com/?aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=_AqYm13&aff_trace_key=1b39df10dfa54...
https://best.aliexpress.com/?lan=en&aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=_AqYm13&aff_trace_key=1b39d...

0
0

226ms
109ms

Document
text/html

23.32.59.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://best.aliexpress.com/?lan=en&aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=_AqYm13&aff_trace_key=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&terminal_id=059501c279094ae7aae97bbd32f76e31

Requested by

Host: visitnet.ru
URL: https://visitnet.ru/ver3/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

23.32.59.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-32-59-171.deploy.static.akamaitechnologies.com

Software

Tengine/Aserver /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-language: en-US
content-type: text/html;charset=UTF-8
date: Sat, 07 May 2022 07:00:57 GMT
eagleeye-traceid: 0b0a119a16519068571258604e3e21
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine/Aserver
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
vary: Accept-Encoding
x-application-context: ae-traffic-affiliateweb-f:prod,de:7001
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

Redirect headers

access-control-allow-origin: https://hz.aliexpress.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0
date: Sat, 07 May 2022 07:00:56 GMT
eagleeye-traceid: 2100bdde16519068569697960ebbfe
expires: 0
location: https://best.aliexpress.com?lan=en&aff_fcid=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&tt=CPS_NORMAL&aff_fsk=_AqYm13&aff_platform=portals-promotion&sk=_AqYm13&aff_trace_key=1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13&terminal_id=059501c279094ae7aae97bbd32f76e31
p3p: CP="CAO PSA OUR"
pragma: no-cache
server: Tengine/Aserver
server-timing: edge; dur=1 origin; dur=7 cdn-cache; desc=MISS
strict-transport-security: max-age=31536000 ; includeSubDomains max-age=31536000
timing-allow-origin: *
x-akamai-fwd-auth-data: 112203676, 23.41.167.177, 1651906856, 5.187.21.104
x-akamai-fwd-auth-sha: E85216222A9394D911787772D626FAE60E65A83AA84098258313DCA9AEC9B7EB
x-akamai-fwd-auth-sign: xGMDRKqyYxw3hdlP/zpYJEmYXGq2ePziYC43y+GXWIA4+ADDEVOi2mZx4hAWa6Ycy00OWeAcoTb7aXgIUK6x1YocIVIuVPo5ORuS2VJmVq4=
x-application-context: global-biz-gateway:9901
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 46ms
46ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=1ua.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 May 2022 07:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 47ms
47ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=1ua.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 May 2022 07:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/ Frame 3B15 10 KB
4 KB 37ms
37ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 57433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4421
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 15:03:43 GMT
etag: 1428802124239944296
expires: Fri, 20 May 2022 15:03:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 3B15 4 KB
1 KB 127ms
46ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 May 2022 06:58:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 07 May 2022 07:00:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 May 2022 07:00:56 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3B15 205 B
742 B 147ms
37ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 04:46:21 GMT
x-content-type-options: nosniff
age: 8075
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 07 May 2023 04:46:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 3B15 604 B
694 B 147ms
38ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 04:17:41 GMT
x-content-type-options: nosniff
age: 9795
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 07 May 2023 04:17:41 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/ Frame 3B15 19 KB
9 KB 124ms
42ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 07:00:08 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3B15 0
20 B 71ms
71ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=rsra&context=grsl&params=0-%26adk%3D1812271808%26client%3Dca-pub-7495053896041990%26fa%3D8%26ifi%3D10%26uci%3Da!a%26xpc%3DVY2Yxaxhzt%26p%3Dhttps%3A%2F%2F1ua.com.ua

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8C41 624 B
297 B 49ms
49ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGNbauMkBMAE&v=APEucNXghlvITmQnxSO90JjxVk8_MeFub9FrYiP7u_SQOAborU37SokYV6YLUEn1GPK5350IYpGB3D9tDCFB9JXYjWA4vR8ZjN7F8aZtZpWQfXdUwNDVJub58L5RXE8TeKjDfs08DXaZtuDUAh0l_-aNuTdl837Uwb86HKetThnIMQQFk31DUIY

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=50&adk=4035368731&adf=3736020132&pi=t.aa~a.3434981366~rp.1&w=443&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=443x50&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=1&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200%2C437x100&nras=3&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1621&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=T3XSRP5ZSv&p=https%3A//1ua.com.ua&dtd=18

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=50&adk=4035368731&adf=3736020132&pi=t.aa~a.3434981366~rp.1&w=443&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=443x50&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=1&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200%2C437x100&nras=3&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1621&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=T3XSRP5ZSv&p=https%3A//1ua.com.ua&dtd=18
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A915 106 KB
38 KB 170ms
38ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 06 May 2022 15:33:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 May 2022 15:33:52 GMT

GET
H3 200 omrhp_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/ Frame A915 6 KB
3 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/elements/html/omrhp_fy2019.js

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:59:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2626
x-xss-protection: 0
server: cafe
etag: 8548655983161038638
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:59:56 GMT

GET
H3 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame A915 19 KB
8 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:55:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 350
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:55:06 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame A915 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:53:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 474
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:53:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame A915 15 KB
6 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:44:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 996
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:44:20 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame A915 0
0 142ms
47ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTA_iHJ3THTWoxZx1JmCepHTUmZN0FVikKP-80oD02G0SUQGTlL96Iu_22OgQOcyRH-ZzmiQt9Ntop7mpc1JBKRr9LeEA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=50&adk=4035368731&adf=3736020132&pi=t.aa~a.3434981366~rp.1&w=443&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=443x50&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=1&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200%2C437x100&nras=3&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1621&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=T3XSRP5ZSv&p=https%3A//1ua.com.ua&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A915 120 KB
37 KB 188ms
105ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 May 2022 07:00:56 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A915 42 B
63 B 69ms
69ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AUZC9heSyhhiSu7pp6t5Mg2StpN-JwXEXTIdQkSjxut228j_ugDKlGhG-77aLnMVP2HdlabhSODD8ZBRM2wzla3O2n2Ev7Awu9uckbBXD3R6rbyjY

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6EAA 8 KB
892 B 124ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 May 2022 06:59:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 07 May 2022 07:00:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 May 2022 07:00:56 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 6EAA 2 KB
904 B 151ms
73ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:50:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 643
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:50:13 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 6EAA 19 KB
8 KB 121ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:52:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 6EAA 3 KB
1 KB 137ms
61ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:52:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6EAA 120 KB
37 KB 92ms
59ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 May 2022 07:00:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 6EAA 15 KB
6 KB 120ms
44ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:46:34 GMT

GET
H2 200 8ac99cc5020451d5a2f944f2abe6dceb.js Show response
www.gstatic.com/mysidia/ Frame 6EAA 30 KB
12 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8ac99cc5020451d5a2f944f2abe6dceb.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 09:46:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 162860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12291
x-xss-protection: 0
last-modified: Mon, 02 May 2022 20:52:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Aug 2022 09:46:36 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A915 41 KB
15 KB 107ms
62ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 06 May 2022 09:45:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76553
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 06 May 2023 09:45:03 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F81C 1 KB
749 B 37ms
36ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 4032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 08 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8C41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_PKRg5P1nJiL_kdJtC9LU&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_PKRg5P1nJiL_kdJtC9LU&google_cver=1&C=1

43 B
1013 B

85ms
84ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_PKRg5P1nJiL_kdJtC9LU&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGNbauMkBMAE&v=APEucNXghlvITmQnxSO90JjxVk8_MeFub9FrYiP7u_SQOAborU37SokYV6YLUEn1GPK5350IYpGB3D9tDCFB9JXYjWA4vR8ZjN7F8aZtZpWQfXdUwNDVJub58L5RXE8TeKjDfs08DXaZtuDUAh0l_-aNuTdl837Uwb86HKetThnIMQQFk31DUIY
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 May 2022 07:00:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 07 May 2022 07:00:57 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 May 2022 07:00:56 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESED_PKRg5P1nJiL_kdJtC9LU&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 07 May 2022 07:00:56 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8C41
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YnYZKKcBSE7CYr2AJU5N0gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-13h7d-AAP1wbQ-K1gVYg&google_cver=1

43 B
893 B

85ms
85ms

Image
image/gif

104.102.29.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-13h7d-AAP1wbQ-K1gVYg&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGNbauMkBMAE&v=APEucNXghlvITmQnxSO90JjxVk8_MeFub9FrYiP7u_SQOAborU37SokYV6YLUEn1GPK5350IYpGB3D9tDCFB9JXYjWA4vR8ZjN7F8aZtZpWQfXdUwNDVJub58L5RXE8TeKjDfs08DXaZtuDUAh0l_-aNuTdl837Uwb86HKetThnIMQQFk31DUIY
Protocol: HTTP/1.1
Server: 104.102.29.65 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a104-102-29-65.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 May 2022 07:00:57 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 07 May 2022 07:00:57 GMT

Redirect headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO-13h7d-AAP1wbQ-K1gVYg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8C41
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBg0qNhnNHtuhDbUTXi_QP8&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBg0qNhnNHtuhDbUTXi_QP8%26google_cver%3D1

43 B
1 KB

40ms
39ms

Image
image/gif

37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBg0qNhnNHtuhDbUTXi_QP8%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO_Fw5IDEJ7Cz58DGNbauMkBMAE&v=APEucNXghlvITmQnxSO90JjxVk8_MeFub9FrYiP7u_SQOAborU37SokYV6YLUEn1GPK5350IYpGB3D9tDCFB9JXYjWA4vR8ZjN7F8aZtZpWQfXdUwNDVJub58L5RXE8TeKjDfs08DXaZtuDUAh0l_-aNuTdl837Uwb86HKetThnIMQQFk31DUIY

Protocol

HTTP/1.1

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 07 May 2022 07:00:56 GMT
X-Proxy-Origin: 5.187.21.104; 5.187.21.104; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dee51467-8c71-4411-b959-f8607e49cccb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 May 2022 07:00:56 GMT
X-Proxy-Origin: 5.187.21.104; 5.187.21.104; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1abb11c5-ddd1-4bd1-a270-950ca33ddccd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEBg0qNhnNHtuhDbUTXi_QP8%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8C41
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzU4NDc3ODc5MjUwMzcyNg%3D%3D

170 B
188 B

50ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzU4NDc3ODc5MjUwMzcyNg%3D%3D

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 May 2022 07:00:56 GMT
X-Proxy-Origin: 5.187.21.104; 5.187.21.104; 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9deb98da-57b4-41a6-adad-6722508ac029
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjQzNzU4NDc3ODc5MjUwMzcyNg%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A915 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6e6f77984abbfdf2346b3572d1e70e10b540424a3b3dabb48fbef0c4fb95e53

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 9654467528321948393
tpc.googlesyndication.com/daca_images/simgad/ Frame 151E 32 KB
32 KB 80ms
74ms Image
image/png 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/9654467528321948393

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=100&adk=1032057749&adf=2170129710&pi=t.aa~a.249942291~rp.3&w=437&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=437x100&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=-M&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200&nras=2&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LgiYJQAjRO&p=https%3A//1ua.com.ua&dtd=15

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24479d40aa898604e735dd48bcf65ef1c3df1c1b406e3c7465bb4ee7e0480e6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 30 Apr 2022 10:05:48 GMT
x-content-type-options: nosniff
age: 593708
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32860
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 06:20:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 30 Apr 2023 10:05:48 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/ Frame 151E 19 KB
8 KB 44ms
40ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:52:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8007
x-xss-protection: 0
server: cafe
etag: 8765308293129799388
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:52:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 151E 3 KB
1 KB 80ms
80ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:52:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 521
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:52:15 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 151E 120 KB
37 KB 75ms
74ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1651664140737961"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 May 2022 07:00:56 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 151E 15 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 06:46:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 862
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 21 May 2022 06:46:34 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/ Frame 151E 30 KB
12 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220504/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 06 May 2022 17:44:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 47767
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12278
x-xss-protection: 0
server: cafe
etag: 12178443437409350037
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 20 May 2022 17:44:49 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 151E 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CGxveKBl2YpHvEJT9ywWNmYzoDOnwkMxpl77N4PAP5pb5hdUvEAEgjLeRFGC7BqABmIe6lgPIAQKpAv6O3acwuZM-qAMByAPJBKoE2wFP0PmUG7UZP63e2CJpvGcGAirOnOWLilSpPyED-F7w3wLRdAJ538OHR91nDJk_C8ZjJ-KGKbHrOiGCqJlobgSwhSvcckvePYTDSlWwfI6AX_-s_pmtiSN5gmh0n64cjPc5S1lyOxEXQSZvdKnP127SHKieYTjH_Bo1Akrwh8zioQVzUN9-4oAt3RSIPaBPQFZpYqt9Bf7iHW3W2Bb2mGK2mdv9OIraxUNIbqsRJSSOF7_Dj6ZoHzRAeUgPXwhU99M-3cftadNGNPWkENC-j_br8HJ04xgIDLnBnF3ABIujj6z1A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAfQ-MVpqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ7jbSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzQ5NTA1Mzg5NjA0MTk5MBgA&sigh=xyjPWxX6sHw&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=100&adk=1032057749&adf=2170129710&pi=t.aa~a.249942291~rp.3&w=437&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=437x100&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=-M&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200&nras=2&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LgiYJQAjRO&p=https%3A//1ua.com.ua&dtd=15
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame F81C 35 B
464 B 133ms
40ms Image
image/gif 2620:116:800d:21:3175:5196:e3fd:8c1d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELZQRtgIjjetQpbR39IM0Bc&google_cver=1&google_push=AYg5qPJr_vhLWzWfYeUiWFUyOkP9p5TUNiA6TdwbrNU4iknf_iZ5zkkaOtND7A2toB5M5gxtjz3-t_V1FuZ78PBvF3kFEPKqgDQ

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:3175:5196:e3fd:8c1d , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F81C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIE084r8H5AE4HiKkSwK_P-8n0T9Zx59ob4XHr...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW5ZWktBQUFCTlQ5T2xzbg&google_push=AYg5qPIE084r8H5AE4HiKkSwK_P-8n0T9Zx59ob4XHrKdzZzJ1JA21enSJzz-Ejd5DoI7PEtuVxfSU6OmqJdcNR2XYLfKnX-2oAO

170 B
188 B

144ms
69ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW5ZWktBQUFCTlQ5T2xzbg&google_push=AYg5qPIE084r8H5AE4HiKkSwK_P-8n0T9Zx59ob4XHrKdzZzJ1JA21enSJzz-Ejd5DoI7PEtuVxfSU6OmqJdcNR2XYLfKnX-2oAO

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW5ZWktBQUFCTlQ5T2xzbg&google_push=AYg5qPIE084r8H5AE4HiKkSwK_P-8n0T9Zx59ob4XHrKdzZzJ1JA21enSJzz-Ejd5DoI7PEtuVxfSU6OmqJdcNR2XYLfKnX-2oAO
Date: Sat, 07 May 2022 07:00:56 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F81C
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXoVDl...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJXoVDl...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MDcwNzAwNTcwMDAzODIwMDcxMDEzMw%3D%3D&google_push=AYg5qPJXoVDlMs8BX5XELPq4Gzs2gOlNA27SOltiX_2nbxZ2H8Q6yv1hv4N53adsRlzql-...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MDcwNzAwNTcwMDAzODIwMDcxMDEzMw%3D%3D&google_push=AYg5qPJXoVDlMs8BX5XELPq4Gzs2gOlNA27SOltiX_2nbxZ2H8Q6yv1hv4N53adsRlzql-jOWTCw2RxMh-BcnNAyX-L62Wx9pCdl

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA1MDcwNzAwNTcwMDAzODIwMDcxMDEzMw%3D%3D&google_push=AYg5qPJXoVDlMs8BX5XELPq4Gzs2gOlNA27SOltiX_2nbxZ2H8Q6yv1hv4N53adsRlzql-jOWTCw2RxMh-BcnNAyX-L62Wx9pCdl
pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Sat, 07 May 2022 07:00:57 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame F81C 43 B
351 B 108ms
31ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEAd_u_yXyMB1d-81h4RH1Dc&google_cver=1&google_push=AYg5qPK_Thc6c6Z3J024XCnkeueAAzT4vB2Cr3G84cesBR4zA6DDRWHOIj9vgudsgyI60YYAHkwzps_Awx4ePhlZ9Awbq9McvOL3
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=50&adk=4035368731&adf=3736020132&pi=t.aa~a.3434981366~rp.1&w=443&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=443x50&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=1&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200%2C437x100&nras=3&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=801&ady=1621&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=9&uci=a!9&btvi=5&fsb=1&xpc=T3XSRP5ZSv&p=https%3A//1ua.com.ua&dtd=18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 52koe0qabm34117mvk0d9tbemqplgrmf

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F81C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2G2BNUh_QPyte8jIIi289A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2G2BNUh_QPyte8jIIi289A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIe3t0ym399YecthRWWu_jsClTkgqBgbZU03oaAHLpE5Bsi61BnnoPaN2Qxv01SNhyekOi6r83uq_xlkr6Suz4XkpzxKgVZ

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=2G2BNUh_QPyte8jIIi289A%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIe3t0ym399YecthRWWu_jsClTkgqBgbZU03oaAHLpE5Bsi61BnnoPaN2Qxv01SNhyekOi6r83uq_xlkr6Suz4XkpzxKgVZ
date: Sat, 07 May 2022 07:00:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F81C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEJOwreVxgwMX7qG5HEAaKhw&google_cver=1&google_push=AYg5qPJCyF8FdYRHF6WMf1e8T6lSlxpDLGe_QjBcnmyzEkkXudzgVNhg7RtLbRem15DLM340DsM...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWSU9XQlotWS1BU0Va&google_push=AYg5qPJCyF8FdYRHF6WMf1e8T6lSlxpDLGe_QjBcnmyzEkkXudzgVNhg7RtLbRem15DLM340DsMkbWI0FWx-XPlXxnFNh9NikVJ5

170 B
188 B

65ms
55ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWSU9XQlotWS1BU0Va&google_push=AYg5qPJCyF8FdYRHF6WMf1e8T6lSlxpDLGe_QjBcnmyzEkkXudzgVNhg7RtLbRem15DLM340DsMkbWI0FWx-XPlXxnFNh9NikVJ5

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWSU9XQlotWS1BU0Va&google_push=AYg5qPJCyF8FdYRHF6WMf1e8T6lSlxpDLGe_QjBcnmyzEkkXudzgVNhg7RtLbRem15DLM340DsMkbWI0FWx-XPlXxnFNh9NikVJ5
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F81C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEI8btu4MDgrhy38nIUutyR4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEI8btu4MDgrhy38nIUutyR4&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YnYZKKcBSE7CYr2AJU5N0gAAB00AAAIB&google_gid=CAESEI8btu4MDgrhy38nIUutyR4&google_cver=1&google_push=AYg5qPIOJvv3bwjDVj6-Fge8jSwFlmdkWkabw...

170 B
188 B

46ms
46ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YnYZKKcBSE7CYr2AJU5N0gAAB00AAAIB&google_gid=CAESEI8btu4MDgrhy38nIUutyR4&google_cver=1&google_push=AYg5qPIOJvv3bwjDVj6-Fge8jSwFlmdkWkabwfQnkXGm5WOlhHa1_6bpkuILU-DkoOUmAfVGgIViBhYUTaoL28_vo1WKhzkSGxo

Requested by

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 May 2022 07:00:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YnYZKKcBSE7CYr2AJU5N0gAAB00AAAIB&google_gid=CAESEI8btu4MDgrhy38nIUutyR4&google_cver=1&google_push=AYg5qPIOJvv3bwjDVj6-Fge8jSwFlmdkWkabwfQnkXGm5WOlhHa1_6bpkuILU-DkoOUmAfVGgIViBhYUTaoL28_vo1WKhzkSGxo
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sat, 07 May 2022 07:00:57 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame F81C 0
50 B 72ms
53ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KvovybuxOQ6poXJYK1zRQetohOz4i6KX3_jsh7yGW1i26AqmGOJPHxb9z7J-Pgap0fvc8z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9E8 143 B
163 B 37ms
36ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 07 May 2022 06:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1AA 143 B
163 B 38ms
36ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=100&adk=1032057749&adf=2170129710&pi=t.aa~a.249942291~rp.3&w=437&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=437x100&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=-M&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200&nras=2&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LgiYJQAjRO&p=https%3A//1ua.com.ua&dtd=15
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3255
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sat, 07 May 2022 06:06:41 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame ECE6 1 KB
749 B 37ms
37ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 4032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 05:53:44 GMT
etag: 48472445140208031
expires: Sun, 08 May 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A915 0
622 B 171ms
82ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuw8ZA9m5-1OrgD-ABOniwFaprt35fajXyKDLEc7bhLYTfA4E1styhPqG9Na2Gzt9p1fY39dfH_hcn6WbAstslFz9SlLx-iziSA292eOZR-Q0zB_3ZklirOUSv0UyifdaRHnva0Iuomqiz6Tdf_VWLs02_UAiH8PgKvWLxf7WUAdqGD709qzVY7Tlb0As4OXTe1usAlHNai_U8JGgK9uOlD1vCmKlhcVRqT3sHu9HsN4yS6_Ne2seWvkxjJzUNFt077owPQuhHPpm6unLPQX602KnK83Fwz5C2o7SIH0O74PiyC3hNgzG40Fykx85cr86kTPUbPWcYY6swfT0GgvH6s0CQNCRBzoKDw4DmtjG042iWh7jqgTw3TZWTqR-NVjv6WVTIZ05el9c2vosvKzdn9fAk5Lg8brPBZLgEQa0RAFcJ0RrRkHSSiLeOUja993CMcD6JI5hAnEFKo6f2OIyFEG9dNWKI93caOo94kr7hi7NkSaWf_y1Bt3L4xcFbbUldweZD9VnsNKTBW4KI0uGPHRaUY04cRLg3vQuP6jdBirDAmhJLea2OrGzx1WRqCEMCQ5BP7h4i9lPB-97s-4ijEM9Zv1HAArtt8eDBimpmJYKhaT6_d2-RF_OQSxbGcegrf3TOEJZopbCg8IgW3proQRpFBLeDGaB5qMAeEaMEWyw7ifcf9m2J5hvFy6-xH0w3iQwWbTBeMeXE-ILqJ3ODsK4r1XIAeGvEc9vLonYdGigoB4T33Sfyl2NnxMwAw_8-5v-3CuUA9GkS8zPsbYNygchPG7SK0zr13ORGfBD_BcbhLIuxOP_L3ZDnZJHgrMeh3bDeu1YIqjQfUGZHNTJAmrFP3lc9q6yfLDF8RXjz8UX6qeKZBQ9tbkUVj-4SjDePElqdlHMic2R7Y0EQN9GWGdJd7Qh6zbqC4HDIFaGrTtTEKssRceRrC2wmPeazw1uU8t6ghVUns08Hj8DX_IsrWNz-R5uZ6taqhOy5iTHY0EI7pCzsRT7T0lJod4BmNQ35JQlN4PyKQGDv9Du_RApdn7oZJ-LMFK0BNDnk15CZfV9b8OFCq2m3uSxJcpxta6Pml2fUQZhPQIVxzLLZWjqIPwO6LMG83b2Hy_OBi2QvqOnb9rKI-yZtmtljsJncUTf99VY&sai=AMfl-YRM71InAsGmjd_AuJ97e9puAcdqfDWDYsL7bW-YiGYmRDe-bC3gwrcX9XZafqivJSbczKT2snnhq1w86qdnGxoZP_l8ltv4qGaQmDhuL3ev-BxOZkiE8O_i11IH1V0sFQdfAsevUjWURF7ME-L3RmRigFk4LucxXqQvA0f2BCWPLR_AiXPihzRocwvFcquYmJ3yzQirBdZ2K54xjAUUSmUmMy1QOKcgOev2V8rJIjwkzQdO5LCkD8NtG3lLqFoE32mA5Zpmd4e8rKd1Em6AqpxDQNoKfy8u-cBiA_yIt0aR&sig=Cg0ArKJSzOys6v8BS6NOEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=299&cbvp=1&cisv=r20220504.05139&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sat, 07 May 2022 07:00:56 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 12340197935041675945
s0.2mdn.net/simgad/ Frame A915 16 KB
16 KB 113ms
37ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12340197935041675945

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdf457a9e6825e9a9723e3e906bf6c084e5105cf685b9cd4cf9c17ee09f098fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:02 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16423
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:42 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:02 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8F16 22 KB
8 KB 38ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 76553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 06 May 2022 09:45:03 GMT
expires: Sat, 06 May 2023 09:45:03 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 151E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8d9344ad56271e2cc857d2edfb3a0d873e8ab0631a29acdfa56d2ac4fd49bb6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECE6
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED78Is_QYbaM8QXgSfMoL80&google_cver=1&google_push=AYg5qPIGQYV_7MPT6wo1gGrr7Ug0hP5eHzIm3Ki3vqxL5JILhEMEr52_xk...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIGQYV_7MPT6wo1gGrr7Ug0hP5eHzIm3Ki3vqxL5JILhEMEr52_xkrnYZ-W0zbeF1WHrHwC9eskBNmcPp5Xd8SO6igkxg&google_hm=PHm2jfGQ6hXGGY...

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIGQYV_7MPT6wo1gGrr7Ug0hP5eHzIm3Ki3vqxL5JILhEMEr52_xkrnYZ-W0zbeF1WHrHwC9eskBNmcPp5Xd8SO6igkxg&google_hm=PHm2jfGQ6hXGGYKWrc6UJg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPIGQYV_7MPT6wo1gGrr7Ug0hP5eHzIm3Ki3vqxL5JILhEMEr52_xkrnYZ-W0zbeF1WHrHwC9eskBNmcPp5Xd8SO6igkxg&google_hm=PHm2jfGQ6hXGGYKWrc6UJg
pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame ECE6 43 B
356 B 100ms
37ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEFYPmbtSU53ypJcoq6pkcKY&google_push=AYg5qPLkBsUWf7NC86USy7uDY3PRZMru5hiuCeW8kiIGdMwrCWU8kj-KTwzMdo-0RybGrwrYeIi62EBOktSc52gIaTn8ttpvOU4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=100&adk=1032057749&adf=2170129710&pi=t.aa~a.249942291~rp.3&w=437&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=437x100&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=-M&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200&nras=2&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LgiYJQAjRO&p=https%3A//1ua.com.ua&dtd=15
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame ECE6 43 B
64 B 56ms
28ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPaSLzhlVdvJb3JW_XCf070&google_cver=1&google_push=AYg5qPI3KD729J1Kp_sVbY3-v1vdPqT33KFTNRROYwLqrljXY4G3f7bbCBXottTKfZ__CXeNFdXlRwy4mofjfVIrQ_EVFIlIDEs
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7495053896041990&output=html&h=100&adk=1032057749&adf=2170129710&pi=t.aa~a.249942291~rp.3&w=437&fwrn=4&fwrnh=100&lmt=1651906856&rafmt=1&to=qs&pwprc=8339464445&psa=1&format=437x100&url=https%3A%2F%2F1ua.com.ua%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651906856210&bpp=1&bdt=1000&idt=-M&shv=r20220504&mjsv=m202205040101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Deb0f0772282f1390-22a87bb58ccd001a%3AT%3D1651906855%3ART%3D1651906855%3AS%3DALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA&prev_fmts=0x0%2C436x280%2C300x250%2C431x280%2C435x280%2C439x1510%2C1200x200&nras=2&correlator=5623980844458&frm=20&pv=1&ga_vid=1011065495.1651906855&ga_sid=1651906856&ga_hid=483252106&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=353&ady=1401&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067427&oid=2&pvsid=1082896933183372&pem=867&tmod=800047120&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=8&uci=a!8&btvi=4&fsb=1&xpc=LgiYJQAjRO&p=https%3A//1ua.com.ua&dtd=15
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:56 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: sns1cr3gdo5bohn69tipalsi5gtanejb

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECE6
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rV4zij7UR2iIM9qRqibz_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

56ms
56ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rV4zij7UR2iIM9qRqibz_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJgy6vxN9FdHqrm6M86AYLzZfB1C98lqNzh4f76SyRAOIoBeqz7qc-aiS7M5jSKX3nIPGthrr4VZFZy_DTkYL6vaofAuM

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=rV4zij7UR2iIM9qRqibz_w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJgy6vxN9FdHqrm6M86AYLzZfB1C98lqNzh4f76SyRAOIoBeqz7qc-aiS7M5jSKX3nIPGthrr4VZFZy_DTkYL6vaofAuM
date: Sat, 07 May 2022 07:00:55 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECE6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOW-D_Zp7yNtn9nNwYEyxZU&google_cver=1&google_push=AYg5qPLOsOOMtiNdtBUdZip23Cq0GC877kRWtjOa7_VXnfvzayd4cexVYGXJ8ZXHJwn_qWNSK0D...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWSU9XREEtSC1CV0U5&google_push=AYg5qPLOsOOMtiNdtBUdZip23Cq0GC877kRWtjOa7_VXnfvzayd4cexVYGXJ8ZXHJwn_qWNSK0DI2NqJEDKPFBp-Aas7rvLRRw

170 B
188 B

47ms
47ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWSU9XREEtSC1CV0U5&google_push=AYg5qPLOsOOMtiNdtBUdZip23Cq0GC877kRWtjOa7_VXnfvzayd4cexVYGXJ8ZXHJwn_qWNSK0DI2NqJEDKPFBp-Aas7rvLRRw

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJWSU9XREEtSC1CV0U5&google_push=AYg5qPLOsOOMtiNdtBUdZip23Cq0GC877kRWtjOa7_VXnfvzayd4cexVYGXJ8ZXHJwn_qWNSK0DI2NqJEDKPFBp-Aas7rvLRRw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame ECE6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAxwRu2N3cPg_Gi9ZqU_O_I&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAxwRu2N3cPg_Gi9ZqU_O_I&google_push=AY...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YnYZKUayFW-jfsLkXWqVLAAABzEAAAAB&google_gid=CAESEAxwRu2N3cPg_Gi9ZqU_O_I&google_cver=1&google_push=AYg5qPLBBbEv1lhjrOVQ3dCdU1YXD2hcSLwNs...

170 B
188 B

48ms
48ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YnYZKUayFW-jfsLkXWqVLAAABzEAAAAB&google_gid=CAESEAxwRu2N3cPg_Gi9ZqU_O_I&google_cver=1&google_push=AYg5qPLBBbEv1lhjrOVQ3dCdU1YXD2hcSLwNsOjjrA5tQCUUVKEJmBfZvx1tl_KsWBnhjz7m5epiT0-qN-BmdkyBL_dR10FQqUg

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 07 May 2022 07:00:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YnYZKUayFW-jfsLkXWqVLAAABzEAAAAB&google_gid=CAESEAxwRu2N3cPg_Gi9ZqU_O_I&google_cver=1&google_push=AYg5qPLBBbEv1lhjrOVQ3dCdU1YXD2hcSLwNsOjjrA5tQCUUVKEJmBfZvx1tl_KsWBnhjz7m5epiT0-qN-BmdkyBL_dR10FQqUg
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 459
Expires: Sat, 07 May 2022 07:00:57 GMT

GET googleredir
googlecm.hit.gemius.pl/ Frame ECE6 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame ECE6 0
12 B 82ms
53ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J5rJAXo-VkwTrZ5wmsEwNoUjbPtKgrwbXlbfGpEPwVUDd5ANajla694gsR97HHbmAUG4Yr3A

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:56 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D9E8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

91ms
90ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220504/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 07 May 2022 07:00:57 GMT
expires: Sat, 07 May 2022 07:00:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 07 May 2022 07:00:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame A285 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 15:39:55 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame B1AA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

124ms
123ms

Document
text/html

2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 07 May 2022 07:00:57 GMT
expires: Sat, 07 May 2022 07:00:57 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 07 May 2022 07:00:57 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame D000 35 KB
13 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 15:39:55 GMT

GET
H3 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8F16 35 KB
13 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141661
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 15:39:55 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8F16 0
20 B 73ms
72ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BG5hTKBl2YqL1EMLZywXE6ruADQAAAAA4AeAEAg&bg=!2tml2Z3NAAZX5TVhd-U7ACkAdvg8Wl6-qCrd6DPj5ThGnKFzao3GFR4d8Pb6kWrhxaXMktEmrjxTSgIAAACBUgAAAAFoAQeZAuoJABGtyIE6-qyHLfAHeh2rkM7xR7CNsuXnmtdEfRQ6mYszc7lwecTHybjhinPDtU08Aal77Kcma7yetOwUr5uqB-G4ub0Y1muUR1YdNoKI0E8pcddpuDs0q-JTOR06IX9spQCLswlAt7Lbn8NAPKN_zmH_5RgIRey4Ch6OTYq-bdu3PnwOFcoiX7EgPR3C_51x65QZc39zcjSQ5rBDF_BrUmaLwRSNe3jzxrUxOCWFWVH2nYfqmKtYkcCnJdV2fGdeFxK6rO2mtGcj7OKmZmsgrD-iv309J0vbnQdXYaq-2gQJokpQptBSkw8C8GgxUgYckMuFMPJN9fLxvbtwj3oJg_9Zzqar-DCfMHeUbGs_DFRutrnmfQiwvWR9IH4FEYaL7ohoMC85hN4wKnmcvfMRFjUnCba3hIb4Vgq6CB_Q47AfA-jPH_JS43dvFnF4ByUusgEX3PkdFNJqGhIOHjZq6AYL7ONQ76_2AmCtcEYhGgB2OWCs0jiJzO_SgX0Ea54OjFhcLDWAv1uM9DlOmyURoXlQ5uzQvQUXCzFasACViQ3e_f_IPmYyYK-QK8nmrJq_cFlZ1AD9Fpi7KZ9bjpdUt540deX4HnojszTajOG_KCrqBOhHaHBhZJ6-RRgZgAGqAdQ9TQEcNF65OFtSuG6VZXEsVwVYSj059ykZpe0jAmJHFpIeMekAerbwdkB3Tj3PBNx3KxokvWEGzqUu5DQCIRcx-caCaSW9YGmuR2HM2XvTLqOhn3PhtoL4JL_5l4VoN1B1lbEZnB3zju1VzlgWnYyns8N0CchQPQb39xYOonrUlDeMDLKRVAPASzzWoJo-xKXfsl5ASOss8yQZeAkw2_16qy07-kkhUtsv722vQ8iDkhuAzus07sbQIzuuWfEkTLvKcqAJ1P_UJD2E7BSsPE6kY6qaKjGu85FhZfm-G-BeRfBzJXco1bX9NWUD_IVaHfYdC3vaOrk4CqdxoX82ROPfONsHQTXQQw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 07 May 2022 07:00:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK forum.php Show response
1ua.com.ua/ 30 B
374 B 137ms
136ms XHR
text/plain 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://1ua.com.ua/forum.php?JsHttpRequest=0-xml

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/js/JsHttpRequest/JsHttpRequest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx / PHP/5.4.45

Resource Hash

9552a8151267c6e872316951f0fd3c7ce1aa2d564a91b5009e3799386441921f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://1ua.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/octet-stream

Response headers

Date: Sat, 07 May 2022 07:00:57 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Content-Length: 49

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 128ms
51ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220504&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a62debd7b40c97e1efe67d927a9e779727641b449fa35f7a7d3a6606732d30f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 May 2022 07:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10646
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A915 0
26 B 153ms
75ms Ping
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstuw8ZA9m5-1OrgD-ABOniwFaprt35fajXyKDLEc7bhLYTfA4E1styhPqG9Na2Gzt9p1fY39dfH_hcn6WbAstslFz9SlLx-iziSA292eOZR-Q0zB_3ZklirOUSv0UyifdaRHnva0Iuomqiz6Tdf_VWLs02_UAiH8PgKvWLxf7WUAdqGD709qzVY7Tlb0As4OXTe1usAlHNai_U8JGgK9uOlD1vCmKlhcVRqT3sHu9HsN4yS6_Ne2seWvkxjJzUNFt077owPQuhHPpm6unLPQX602KnK83Fwz5C2o7SIH0O74PiyC3hNgzG40Fykx85cr86kTPUbPWcYY6swfT0GgvH6s0CQNCRBzoKDw4DmtjG042iWh7jqgTw3TZWTqR-NVjv6WVTIZ05el9c2vosvKzdn9fAk5Lg8brPBZLgEQa0RAFcJ0RrRkHSSiLeOUja993CMcD6JI5hAnEFKo6f2OIyFEG9dNWKI93caOo94kr7hi7NkSaWf_y1Bt3L4xcFbbUldweZD9VnsNKTBW4KI0uGPHRaUY04cRLg3vQuP6jdBirDAmhJLea2OrGzx1WRqCEMCQ5BP7h4i9lPB-97s-4ijEM9Zv1HAArtt8eDBimpmJYKhaT6_d2-RF_OQSxbGcegrf3TOEJZopbCg8IgW3proQRpFBLeDGaB5qMAeEaMEWyw7ifcf9m2J5hvFy6-xH0w3iQwWbTBeMeXE-ILqJ3ODsK4r1XIAeGvEc9vLonYdGigoB4T33Sfyl2NnxMwAw_8-5v-3CuUA9GkS8zPsbYNygchPG7SK0zr13ORGfBD_BcbhLIuxOP_L3ZDnZJHgrMeh3bDeu1YIqjQfUGZHNTJAmrFP3lc9q6yfLDF8RXjz8UX6qeKZBQ9tbkUVj-4SjDePElqdlHMic2R7Y0EQN9GWGdJd7Qh6zbqC4HDIFaGrTtTEKssRceRrC2wmPeazw1uU8t6ghVUns08Hj8DX_IsrWNz-R5uZ6taqhOy5iTHY0EI7pCzsRT7T0lJod4BmNQ35JQlN4PyKQGDv9Du_RApdn7oZJ-LMFK0BNDnk15CZfV9b8OFCq2m3uSxJcpxta6Pml2fUQZhPQIVxzLLZWjqIPwO6LMG83b2Hy_OBi2QvqOnb9rKI-yZtmtljsJncUTf99VY&sai=AMfl-YRM71InAsGmjd_AuJ97e9puAcdqfDWDYsL7bW-YiGYmRDe-bC3gwrcX9XZafqivJSbczKT2snnhq1w86qdnGxoZP_l8ltv4qGaQmDhuL3ev-BxOZkiE8O_i11IH1V0sFQdfAsevUjWURF7ME-L3RmRigFk4LucxXqQvA0f2BCWPLR_AiXPihzRocwvFcquYmJ3yzQirBdZ2K54xjAUUSmUmMy1QOKcgOev2V8rJIjwkzQdO5LCkD8NtG3lLqFoE32mA5Zpmd4e8rKd1Em6AqpxDQNoKfy8u-cBiA_yIt0aR&sig=Cg0ArKJSzOys6v8BS6NOEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=773&vt=11&dtpt=474&dett=3&cstd=773&cisv=r20220504.05139&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 07 May 2022 07:00:57 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 104 KB
27 KB 39ms
38ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4463b728da12095c41af9de7430d7af33b22a4d4444c218c2284e70be2fc9c9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 319007
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 27687
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 03 May 2022 14:24:10 GMT
expires: Wed, 03 May 2023 14:24:10 GMT
last-modified: Tue, 03 May 2022 09:10:39 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0F17 108 KB
36 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.18.5_23b0de6da0ee295131e32a500470610c_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36734
x-xss-protection: 0
last-modified: Fri, 03 Jun 2016 20:37:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 May 2022 07:00:57 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 07 May 2022 07:00:57 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0F17 236 B
256 B 48ms
48ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400&text=CurvyFashionSIZE%2042TO5%EF%BB%BFHPNW

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aedfff6f8d56f7ebb9fbbb7976cd784588aab979e7948a40fffe7a2e56d62c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 07 May 2022 07:00:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 07 May 2022 07:00:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 07 May 2022 07:00:57 GMT

GET
H3 200 img-1.jpg
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 11 KB
11 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a214dc8f844a0b0699b22a5cef8254e8c7309c1df64d0982d5a452ece4f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-2.jpg
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 7 KB
7 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe9539b1a9067222c985bf88eab1f05aac245d997e91bb4d78e8d9f8b9d18dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7456
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-3.jpg
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 12 KB
12 KB 44ms
43ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2ccf5a8e0d6889a823a86d531beba7bd9ec525876128c495921009be50fc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11916
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-4.jpg
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 8 KB
8 KB 50ms
49ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-4.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b39a5591ffa074bbd3398782af736e95c03257f67f5b4a313cbd76698f135b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8117
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-5.png
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 2 KB
2 KB 60ms
59ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1a62ffaea1ca41ed826d6fe0b0ae35d7729599ce6f9e592bd8116635fb53625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2051
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-6.png
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 4 KB
4 KB 60ms
60ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c56a517b6631813bf987813703c07378489ac569b76742c27bf796ae0462048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4520
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C55 13 KB
5 KB 38ms
38ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 620
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 06:50:37 GMT
expires: Sun, 07 May 2023 06:50:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 64AB 783 B
535 B 46ms
45ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

08250fc10e81d21079ede6b33ffb1866d1cc3f6527c02837ada3b466f3f9cdd2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-j9LwBuLyJU0SPTlYXbJQ+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://1ua.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-j9LwBuLyJU0SPTlYXbJQ+A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 07 May 2022 07:00:57 GMT
expires: Sat, 07 May 2022 07:00:57 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 font
fonts.gstatic.com/l/ Frame 0F17 10 KB
10 KB 120ms
38ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/l/font?kit=4iCs6KVjbNBYlgo6fRzul368IscixcVAqRtZ51-wRtoOUTKZHCK1wap6Wic&skey=7e59fc036a1a8481&v=v20

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400&text=CurvyFashionSIZE%2042TO5%EF%BB%BFHPNW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4a7f6c93e038e2713f4e956fcac0b0b36b2d5ec5efe2740b89865c565b72e045

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 06 May 2022 14:25:44 GMT
x-content-type-options: nosniff
age: 59713
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="font.woff2"; filename*=UTF-8''font.woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 23:21:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: font/woff2
access-control-allow-origin: *
cache-control: private, max-age=86400
timing-allow-origin: *
expires: Fri, 06 May 2022 14:25:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 64AB 0
0 102ms
102ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220504&jk=1082896933183372&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C55 35 KB
13 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/2YVBhELfy0MTwPjrvsYSLv1ZpKJ51JghDEisTAIe9nM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 05 May 2022 15:39:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 141662
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13628
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 05 May 2023 15:39:55 GMT

GET
H3 200 img-1.jpg
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 11 KB
11 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-1.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

904a214dc8f844a0b0699b22a5cef8254e8c7309c1df64d0982d5a452ece4f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11380
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-2.jpg
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 7 KB
7 KB 37ms
37ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-2.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3fe9539b1a9067222c985bf88eab1f05aac245d997e91bb4d78e8d9f8b9d18dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7456
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-3.jpg
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 12 KB
12 KB 42ms
41ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-3.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b2ccf5a8e0d6889a823a86d531beba7bd9ec525876128c495921009be50fc0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11916
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-4.jpg
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 8 KB
8 KB 46ms
46ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-4.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b39a5591ffa074bbd3398782af736e95c03257f67f5b4a313cbd76698f135b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8117
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-5.png
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 2 KB
2 KB 45ms
45ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-5.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1a62ffaea1ca41ed826d6fe0b0ae35d7729599ce6f9e592bd8116635fb53625

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2051
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 200 img-6.png
s0.2mdn.net/sadbundle/9122430361235149248/ Frame 0F17 4 KB
4 KB 43ms
43ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9122430361235149248/img-6.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c56a517b6631813bf987813703c07378489ac569b76742c27bf796ae0462048

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9122430361235149248/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 03 May 2022 14:24:03 GMT
x-content-type-options: nosniff
age: 319014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4520
x-xss-protection: 0
last-modified: Tue, 03 May 2022 09:10:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 03 May 2023 14:24:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3C55 0
9 B 39ms
38ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Dj1ozQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 07 May 2022 07:00:57 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H/1.1 200
OK forum.php Show response
1ua.com.ua/ 39 B
383 B 158ms
157ms XHR
text/plain 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://1ua.com.ua/forum.php?JsHttpRequest=0-xml

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/js/JsHttpRequest/JsHttpRequest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx / PHP/5.4.45

Resource Hash

98cc36306135a367075bfebe7ff29888ccf7a1d38a0a3eb323371b13fbb557bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://1ua.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/octet-stream

Response headers

Date: Sat, 07 May 2022 07:00:58 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Content-Length: 58

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 88ms
88ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220504&jk=1082896933183372&bg=!HB-lH1vNAAZX5TVhd-U7ACkAdvg8WvzkSLGNvJoTqaYoc0ZBgPn0Vj3i7ook7O0pn9LZThFJxWPk0AIAAACBUgAAAAJoAQeZAp4kicSjum8rzmWAOrdXlOGHbag-ftr_WOTUyUrV66NaTT0M2u7-3DDr4q350EnIJk_XXnCeQFjrLMKtLJ1F87GapHN4pjibGfBESSlzwuGzSSlS7I7NLIknHVjN22vQ-mGisDTdDU1wDEu8Ffu_F532M4HSnR9wSroQvc12vw4EZiM7sBe1OYRR0v8-f2ZlfsvpO0-vViwHKOOgYDwL0U_Wt-CNNZZYW2ijRHAL762g9hCDA3JR8L_6sm_JjUfy0gWmihXxRbdcUD2DE4EKbcA4YjYZy_cTm8cVVgI4vdcDiqBgHWN8mdhyVwo_nFIr17z44ZIz1JTZ3LNtju7FztL1NAZSzR3aaRe0eJpTl3s0uIqr0B2-xTT11uEN9O1Mk3aZ8bnVX-ACwzYZtNZyHQrTuM-tjHPLamv67RKnrS4etyB9tAd8KllFSQenIcvFX1QHRXwbWE2n3jyK3biMbH0MT5oclzXFya9u_UqD8k55rCkci3-yx-u_aTQBuhsxL3bWQTzGN1ey1UQ3n7SEy6lRJ-ETUzje0c7WZomdvIt7aOGfWKoj_BIaSYIbfrjPeXbw4JJ53sthNX2rnhiYm-hut_SmozCq9QwI-d-eCX26C41E-ZI-acYdaZrVdA_M7hdJN4MeWnULnHe5hPFLTw0t7J6Uq3W25cebUZn_ubZMkKXlInZbnp2RhCBIV7cDWOp6vrdYUTtVtUPmt9-M4L6TvoPD2uhfdM-pQaa0pPgB6JBkb0ZUq7uuE0-79jF522zUPc8Webg2_uMRIZfNAp8JXOzMUnTJSAd0iWKxFAKR75X2WcGunf-qqPeRRV9XGgkpt4qAGEem1meOwOgFP0XQiSm9V967VTdm0reLrZrqDcU6WEMINXwu3NhUl-Os
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://1ua.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H/1.1 200
OK forum.php Show response
1ua.com.ua/ 30 B
374 B 111ms
110ms XHR
text/plain 91.235.129.12
ITLDC-NL

General

Check archive.org

Show headers Download Go to

Full URL

https://1ua.com.ua/forum.php?JsHttpRequest=0-xml

Requested by

Host: 1ua.com.ua
URL: https://1ua.com.ua/js/JsHttpRequest/JsHttpRequest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.235.129.12 Amsterdam, Netherlands, ASN21100 (ITLDC-NL, UA),

Reverse DNS

1ua.com.ua

Software

nginx / PHP/5.4.45

Resource Hash

9552a8151267c6e872316951f0fd3c7ce1aa2d564a91b5009e3799386441921f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

Referer: https://1ua.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/octet-stream

Response headers

Date: Sat, 07 May 2022 07:00:59 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: PHP/5.4.45
Vary: Accept-Encoding,User-Agent
Content-Type: text/plain; charset=UTF-8
Connection: keep-alive
Strict-Transport-Security: max-age=31536000;
Content-Length: 49

POST forum.php
1ua.com.ua/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJtAfYI9jAV44ch_RspcpKw&google_cver=1&google_push=AYg5qPKksSRTuasXFtaMoQUKXppknTTUeGPDEvTLEWyrsxdjqjHa21jEzDG1jmkTkMeOL6K3G9pLogm0LQ40i9AKQK33Do6ySDBB

Domain: 1ua.com.ua
URL: https://1ua.com.ua/forum.php?JsHttpRequest=0-xml

Domain: 1ua.com.ua
URL: https://1ua.com.ua/forum.php?JsHttpRequest=0-xml

Domain: 1ua.com.ua
URL: https://1ua.com.ua/forum.php?JsHttpRequest=0-xml

Verdicts & Comments Add Verdict or Comment

148 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
1ua.com.ua/	1969-12-31 23:59:59	Name: user Value:
1ua.com.ua/	1969-12-31 23:59:59	Name: passw Value:
.1ua.com.ua/	1970-01-20 20:22:58	Name: _ga Value: GA1.3.1011065495.1651906855
.1ua.com.ua/	1970-01-20 02:53:13	Name: _gid Value: GA1.3.1706144304.1651906855
.1ua.com.ua/	1970-01-20 02:51:46	Name: _gat Value: 1
.1ua.com.ua/	1970-01-20 12:13:22	Name: __gads Value: ID=eb0f0772282f1390-22a87bb58ccd001a:T=1651906855:RT=1651906855:S=ALNI_MZkKS13-jM3Ss9ZR8DJkNON6hcQHA
.cdn.smntq.com/	1970-01-21 23:30:10	Name: smart Value: b11ee24ed43c4440a986c51db1b07ac5
.1ua.com.ua/	1970-01-20 11:37:22	Name: _ym_uid Value: 1651906856936886214
.1ua.com.ua/	1970-01-20 11:37:22	Name: _ym_d Value: 1651906856
.yandex.ru/	1970-01-20 11:37:22	Name: yandexuid Value: 8191223321651906856
.yandex.ru/	1970-01-20 11:37:22	Name: yuidss Value: 8191223321651906856
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 43513421651906856
.yandex.ru/	1970-01-23 18:27:46	Name: i Value: lqmqBe1A7AldVuSiDB7OXlEG3Z78z0bpg/vw3F+Y2CjNbr5rGy7ZPS7DH4lYjR3keJAfvKLIA5CHkF8D2b+jyGAmNeM=
.yandex.ru/	1970-01-20 11:37:22	Name: ymex Value: 1683442856.yrts.1651906856#1683442856.yrtsi.1651906856
.1ua.com.ua/	1970-01-20 02:52:58	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 12:13:22	Name: IDE Value: AHWqTUkRqJccufmF-mQQiA0mK0nUjfbp4LBBkU9ZGRYWp34JJbCSxr7tZ-sMmvafUv4
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=kti8hh2pbgff&acs_rt=059501c279094ae7aae97bbd32f76e31
.aliexpress.com/	1970-02-13 23:23:10	Name: aeu_cid Value: 1b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13
.aliexpress.com/	1970-01-20 05:01:22	Name: xman_t Value: nA89zC123ty2IgH2xSErZ4kBzEH8XWWtOrcTVsorv5K3DWZVWVx9m4PlqVkvzOi+
.aliexpress.com/	1970-02-13 23:23:10	Name: xman_f Value: /ozRK5wMOP2KxQK1NaSsceE/ozfWw0g0jo0ff3kUsR6mgxzweIfqIp0FV37cxKBO6O9dItkaLk1VQJ1iw/8CM/f9FVoexd+F3gQ9uldNVOfgLiC8oEyxJA==
.aliexpress.com/	1970-02-13 23:23:10	Name: af_ss_a Value: 1
.quantserve.com/	1970-01-20 05:01:22	Name: d Value: EDQBCQGKJoEA
.quantserve.com/	1970-01-20 12:22:01	Name: mc Value: 62761928-bce3d-0abc4-75589
.aliexpress.com/	1970-02-13 23:23:10	Name: xman_us_f Value: x_locale=en_US&x_l=0&x_c_chg=1&x_as_i=%7B%22aeuCID%22%3A%221b39df10dfa546b487e1baf2958566bd-1651906856643-00822-_AqYm13%22%2C%22affiliateKey%22%3A%22_AqYm13%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%224982559586%22%2C%22tagtime%22%3A1651906856643%7D&acs_rt=059501c279094ae7aae97bbd32f76e31
.casalemedia.com/	1970-01-20 05:01:22	Name: CMPS Value: 688
.adnxs.com/	1970-01-20 05:01:22	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?^fgNsB!]tbPl1M>e)ZlrFUfJ+tGXxo@ao@$x:a98F<WRtT?N<XmEuj!>OywVC5c^p(3If)y3KL9D3I?+R:n'Fo
.adnxs.com/	1970-01-20 05:01:22	Name: uuid2 Value: 1945534891679236484
.aliexpress.com/	1970-02-13 23:23:10	Name: aep_usuc_f Value: site=glo&c_tp=GBP&region=UK&b_locale=en_US
.casalemedia.com/	1970-01-20 02:53:13	Name: CMST Value: YnYZKWJ2GSkA
.doubleclick.net/	1970-01-20 02:51:50	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 11:37:22	Name: CMID Value: YnYZKUayFW.jfsLkXWqVLAAA
.casalemedia.com/	1970-01-20 05:01:22	Name: CMPRO Value: 1841
.pubmatic.com/	1970-01-20 02:53:13	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 05:01:22	Name: KADUSERCOOKIE Value: AD5E338A-3ED4-4768-8833-DA91AA26F3FF
.casalemedia.com/	1970-01-20 11:37:22	Name: CMRUM3 Value: 2d627619292760CAESEO-13h7d-AAP1wbQ-K1gVYg
.e.dlx.addthis.com/	1970-01-20 12:22:01	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:22:01	Name: na_id Value: 2022050707005700038200710133
.addthis.com/	1970-01-20 12:22:01	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:22:01	Name: uid Value: 62761929f7deeaff
.addthis.com/	1970-01-20 12:22:01	Name: ouid Value: 62761929000166ad3c2d83da20f9b2e8a6e13ed41a63fa6ff3ae
.dlx.addthis.com/	1970-01-20 03:34:58	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:34:58	Name: na_sr Value: 20220507
.dlx.addthis.com/	1970-01-20 02:51:46	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:34:58	Name: na_sc_e Value: 0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEJtAfYI9jAV44ch_RspcpKw&google_cver=1&google_push=AYg5qPKksSRTuasXFtaMoQUKXppknTTUeGPDEvTLEWyrsxdjqjHa21jEzDG1jmkTkMeOL6K3G9pLogm0LQ40i9AKQK33Do6ySDBB Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://best.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1ua.com.ua
adservice.google.co.uk
adservice.google.com
best.aliexpress.com
cdn.smntq.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
ib.adnxs.com
image6.pubmatic.com
mc.yandex.ru
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
ra.revolvermaps.com
rtb.openx.net
s.click.aliexpress.com
s0.2mdn.net
sale.aliexpress.com
ssum-sec.casalemedia.com
tpc.googlesyndication.com
ulogin.ru
visitnet.ru
www.aliexpress.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
1ua.com.ua
googlecm.hit.gemius.pl
104.102.29.65
142.250.185.66
142.250.186.162
142.251.39.98
18.202.199.206
185.64.190.78
188.120.230.147
23.32.59.171
23.32.59.174
2620:116:800d:21:3175:5196:e3fd:8c1d
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:827::2001
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::200a
2a00:f820:425::3
2a02:6b8::1:119
34.98.67.61
35.186.253.211
37.252.172.37
69.173.144.139
69.192.160.219
91.235.129.12
95.163.118.168
95.217.109.66
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
01fecc4c3c457782e634fdfd2d1f9c5dfe751e03abc5260854aa88d9c703e259
08250fc10e81d21079ede6b33ffb1866d1cc3f6527c02837ada3b466f3f9cdd2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d63ff966248f3a07a00410b32625f809dc59407499a37c2707f9a512902b6e2
0f3ef3a6c3d3d9df1180b62ad5b2af6d68f9711adb8e12f5746d74ba56dc3421
10a49ab08956cee098256320103a4ada74e468218928994a60582aeb876983dd
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1584e08f1c966ef7dc4a7effeb444c0bd7e5663972e538396b2346bc2c421bb7
1691b91c2a7a7d9c76d6cab9cbb9d433f640662b6b9c9afab9e29eeb0950bbaf
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1bb979af30a55a8a7a594a5059d540d3f164796d905186fc45d3355f16bd2875
1cdfbcd034f25c4c2524188981a1724c53d99894a1ac06abde458ce24fa84ec3
24479d40aa898604e735dd48bcf65ef1c3df1c1b406e3c7465bb4ee7e0480e6b
2d0744b54be7eab148245653f8fad2e4a0e8875b886bcacbb2c70741872eda55
30ad03ac42e6c9b02ab34584e28a12e7efcc574428e279ac776604159d2d474e
31493b50641abf0ab2cc92ce98a744a65260d6ce4df3cf0fcb747aec947cd9a5
318d9e7e88f7c01c4724bfe4e5901d2f16965b9524c30533ee4b26748db03bf0
33207a9e2f82fc4ecb772cefbe2348913751323fd9a6d5583a8c34b043a8a405
3c52b584d25e1f9af79dc8fde8ed34f0d546e2b9c4c1c1ce5da569cd0edd071d
3fe9539b1a9067222c985bf88eab1f05aac245d997e91bb4d78e8d9f8b9d18dc
4030b5f01c847b7bdbad4535d686bc760edda6bbfc4ecb2ef885b0e77743ae1a
42b853168bb627593eb95b83db66183f7b3bd442db24c37398f1958d1451acd6
4417f0af5535a6d28b2fff95c696fb045e782da27bf6314659278d6a16493683
4463b728da12095c41af9de7430d7af33b22a4d4444c218c2284e70be2fc9c9e
46069647707574f95564415daa30f5b5d369928c57fec3021b7ede73492718e9
46bd4441b1f775df246fe6e41cbd6cbd69099dc474692dc0f79ea79d24b2d590
4a7f6c93e038e2713f4e956fcac0b0b36b2d5ec5efe2740b89865c565b72e045
4b39a5591ffa074bbd3398782af736e95c03257f67f5b4a313cbd76698f135b1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0e7d6347e6fdb4285cc8a668462b9a20b3ec649000f904d815972330850205
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561daea8691d4d97cccb384789c03e6e1af68e0439452c17cef79a121998d0ba
5b2ccf5a8e0d6889a823a86d531beba7bd9ec525876128c495921009be50fc0c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c56a517b6631813bf987813703c07378489ac569b76742c27bf796ae0462048
5f752a5ae175998c5bf466efccc8f485e056e0680fafb2393a197f2335c5cad5
60b180a6c491849335ad75c429ed5445b97056058c9f561d1b975d395a00dee0
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
69c396815452c599db416de8909a637ba870ab83ff06b0ed7106ccd4c6d829a3
6d6c638c8e3ec89d92baf03fac4617ec7efe8f216d23c0522c3f47a1346ea248
6db248b2f3e6b297a3017ff29757b489b2db74f27e9e27d4717056d8fe4dae57
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7c24f39d73694c9a104b27a0f9172813a11f74e622514b82998f7639b344422d
8085c3f936c1c5df3f94b523aa38f2422db9b56f626df50e37070c6d42aedbed
81569ba98f2a9db931e9f37cf1070435b461659a8b5fff11686431e50f0c7a6c
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8448e1a12f8cc92a2a90daa54dfa9492d046dfb8182e1e64cae0fd92fdfdda63
868711e2e678fe60cac6b464ce73c56755839e8bfa1a5eb53b6ef0789a68dffe
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
904a214dc8f844a0b0699b22a5cef8254e8c7309c1df64d0982d5a452ece4f6d
93b4ef21a8b275f472643b1a23ff7132059781d4c0cdf105b90aee72506317fa
9400c75dca241ca52b09f0de7d749e3aa2c583cf8d1f3933e00eacb46c5b1a30
9552a8151267c6e872316951f0fd3c7ce1aa2d564a91b5009e3799386441921f
965a8b43a67d75680e3a1effadfa19377306a3fdfb8b90e5bdf2a5e906337350
97982680a892d29f743ce32b99fb340cc4a186769e56380998145868781f4ebe
98cc36306135a367075bfebe7ff29888ccf7a1d38a0a3eb323371b13fbb557bf
9a62debd7b40c97e1efe67d927a9e779727641b449fa35f7a7d3a6606732d30f
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c6cb049335c1f011af42f29029f43ffd65a96ad629d3298d599db958c382c76
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a549a8f09c899552f59c4ff252a8bee40a01738c688c021241c7663c8501e9b8
a9adcd490f48779a6850a9eae737563c3073fa19877640fcbf5b9045c8af11cf
aa2a287712a65fcb5ac34059d734c93455dcda1a81e49301b7c0495c4de859cd
aa86f9e2f333264dff83538350e37ccfd0f6a452a388bad277bb5caf9169e1fe
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ace9522851e72c7e6fba75afc87f376452f882ebf71b780e60fc43e1ff522bad
aedfff6f8d56f7ebb9fbbb7976cd784588aab979e7948a40fffe7a2e56d62c97
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b522e54106ff64192c6927df4d294466550b012d37ccd8d35d929865879af17c
b6e6f77984abbfdf2346b3572d1e70e10b540424a3b3dabb48fbef0c4fb95e53
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b88af34bd050e3246d31a92b0d31ded01057422aaf49c75402341867679e0017
b8dc6615f1f1140e6ab9966f63b74069ef061bedc77fd0093e3c32087a1c3233
b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e
ba612e6bd968bcdd6d35f647bf3fccd01d20b46d4eef4e463e007f804e921224
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
bfcfd18c8d5c94d1b89b65648f93b48c9512b9445d3b65d5c6b6e77d02f087fc
c0f9e7a188a2f5500a9d1fddbebbd1104d400d060d51349af62c48f2fef11bc2
c44926bec65fa29a71efc412a5705d93dae59c7c3bc84030468071239c1df7e3
c550cc0f2d2126f6df91f6aff0041b136337ee637694258d34b72ba32358ff41
cdf457a9e6825e9a9723e3e906bf6c084e5105cf685b9cd4cf9c17ee09f098fe
d3a171334cf8f682e4695304d63dd430d8a468158b4721a7981c60e1d86a786d
d4c780fa83944751d224704f10789a2e978bac24c4ff81a64fd3311966904d8a
d985418442dfcb4313c0f8ebbec6122efd59a4a279d498210c48ac4c021ef673
e05c55c6b188ed19c33b45dcb2fbc5ddc21a79a0ac6a6d67ed7fb95736f723f7
e227e48b9bb9daa02a499a4bed2e5fb956260e11f589a4c6db855eebc55d1c40
e323657193110babc264b0a689e0a9d21b2e9a8017cb647581889d0c6259eaef
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e6e04aae9b9b2fe8b887972e1788c219dd8a56f8186fdb5146b0c2be54bf44e4
e8d9344ad56271e2cc857d2edfb3a0d873e8ab0631a29acdfa56d2ac4fd49bb6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1a62ffaea1ca41ed826d6fe0b0ae35d7729599ce6f9e592bd8116635fb53625
f1b2415f02c89234a4b94896afa68c68db82465563711b8b05f0c1b8b3ba580b
f27644734b8ead437f7ae34027490dae1d295348b0fc0cdca8b839bd9ef48d46
f2af8cef57d97acb6e28642f7f445c2db01759486599ee9ff4b968a9fdcd49b6
f6521fdb490adf916a3441504ddf3704bec647e8d7352152f5e30466108a5bd4
fa4a4e4487ca636fd8219a54f407f57ff4e6431332379392f54d590f3ac88bf9
fb7bafcca9e7f63628a7bb63f55823938cfff2bbe193fcfe254d09b38d9d8e72

1ua.com.ua Open in urlscan Pro 91.235.129.12 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

166 Requests

89 %HTTPS

47 %IPv6

27 Domains

36 Subdomains

28 IPs

8 Countries

1396 kBTransfer

3110 kBSize

44 Cookies

1 Outgoing links

Page URL History

Redirected requests

166 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

1ua.com.ua Open in urlscan Pro
91.235.129.12 Public Scan

Screenshot
Live screenshot

Full Image

166
Requests

89 %
HTTPS

47 %
IPv6

27
Domains

36
Subdomains

28
IPs

8
Countries

1396 kB
Transfer

3110 kB
Size

44
Cookies

166 HTTP transactions
2 data transactions