kolobok.ua Open in urlscan Pro
193.29.200.162 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kolobok.ua/
Effective URL:
https://kolobok.ua/
Submission: On April 24 via api (April 24th 2022, 8:00:02 am UTC) from GB — Scanned from GB

Summary HTTP 339 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 63 IPs in 9 countries across 54 domains to perform 339 HTTP transactions. The main IP is 193.29.200.162, located in Ukraine and belongs to UMHAS, UA. The main domain is kolobok.ua.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.

This is the only time kolobok.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 37	193.29.200.162 193.29.200.162	197203 (UMHAS) (UMHAS)
1	91.198.36.26 91.198.36.26	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
11	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
29	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:bcf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2620:0:862:ed... 2620:0:862:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
6	2606:2800:234... 2606:2800:234:46c:e8b:1e2f:2bd:694	15133 (EDGECAST) (EDGECAST)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	104.75.88.126 104.75.88.126	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1 4	54.37.238.28 54.37.238.28	16276 (OVH) (OVH)
7	78.159.118.240 78.159.118.240	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
18	193.29.200.142 193.29.200.142	197203 (UMHAS) (UMHAS)
1	193.239.68.97 193.239.68.97	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	146.59.30.104 146.59.30.104	16276 (OVH) (OVH)
22	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
3	193.239.71.100 193.239.71.100	39468 (BIGMIR-IN...) (BIGMIR-INTERNET-AS)
1	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	91.198.36.35 91.198.36.35	43405 (DIGITAL-V...) (DIGITAL-VENTURES)
1 3	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
5 27	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	204.62.13.72 204.62.13.72	46636 (NATCOWEB) (NATCOWEB)
2	104.244.42.8 104.244.42.8	13414 (TWITTER) (TWITTER)
1	192.229.233.50 192.229.233.50	15133 (EDGECAST) (EDGECAST)
10	190.2.151.10 190.2.151.10	49981 (WORLDSTREAM) (WORLDSTREAM)
7	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:7aaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2620:116:800d... 2620:116:800d:21:fcb8:22d2:d390:5f1b	16509 (AMAZON-02) (AMAZON-02)
1	167.71.9.19 167.71.9.19	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	35.211.178.172 35.211.178.172	15169 (GOOGLE) (GOOGLE)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
10	2404:6800:400... 2404:6800:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:12::6	15169 (GOOGLE) (GOOGLE)
1	2606:2800:134... 2606:2800:134:fa2:1627:1fe:edb:1665	15133 (EDGECAST) (EDGECAST)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3 5	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
4	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.59.143.230 52.59.143.230	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700:440... 2606:4700:4400::6812:230b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
1	3.214.20.70 3.214.20.70	14618 (AMAZON-AES) (AMAZON-AES)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
2 2	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.148.209 52.18.148.209	16509 (AMAZON-02) (AMAZON-02)
2 2	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2	16509 (AMAZON-02) (AMAZON-02)
339	63

37 193.29.200.162 (Ukraine) 1 redirects

ASN197203 (UMHAS, UA)

kolobok.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.phnx.click	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua

i.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

cdn.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.75.88.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.37.238.28 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu

gaua.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 78.159.118.240 (Mindelheim, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com

cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.cdn.umh.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 193.29.200.142 (Ukraine)

ASN197203 (UMHAS, UA)

exchange.informer.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net

c.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu

ls.hit.gemius.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.239.71.100 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: rs.img.com.ua

i.bigmir.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)

h.holder.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.znctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadercdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 172.217.16.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 204.62.13.72 (Clifton, United States)

ASN46636 (NATCOWEB, US)

inv-nets.admixer.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.8 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.229.233.50 (Los Angeles, United States)

ASN15133 (EDGECAST, US)

cdn.syndication.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 190.2.151.10 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-151-10.hosted-by-worldstream.net

ad.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:7aaf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:fcb8:22d2:d390:5f1b (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

bgstats.mox.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.211.178.172 (North Charleston, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2404:6800:4001:803::2003 (Australia)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

redirector.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:12::6 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r1---sn-aigl6nl7.gvt1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)

pbs.twimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.35.236.247 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.172.45 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.143.230 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-143-230.eu-central-1.compute.amazonaws.com

t.myvisualiq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::6812:230b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.20.70 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-20-70.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Rheinfelden, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.148.209 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-148-209.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.19 (United States) 2 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 96 tpc.googlesyndication.com — Cisco Umbrella Rank: 127 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com	750 KB
52	doubleclick.net 5 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 80 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 174 cm.g.doubleclick.net — Cisco Umbrella Rank: 195 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 272	334 KB
31	kolobok.ua 1 redirects kolobok.ua	1 MB
28	gstatic.com www.gstatic.com csi.gstatic.com fonts.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com	366 KB
18	informer.ua exchange.informer.ua — Cisco Umbrella Rank: 605031	111 KB
17	admixer.net cdn.admixer.net — Cisco Umbrella Rank: 47824 inv-nets.admixer.net — Cisco Umbrella Rank: 2408	202 KB
14	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 212	253 KB
11	mox.tv ad.mox.tv — Cisco Umbrella Rank: 49024 bgstats.mox.tv — Cisco Umbrella Rank: 61236	111 KB
8	twitter.com platform.twitter.com — Cisco Umbrella Rank: 608 syndication.twitter.com — Cisco Umbrella Rank: 889	214 KB
7	umh.ua cdn.umh.ua — Cisco Umbrella Rank: 253892 z.cdn.umh.ua — Cisco Umbrella Rank: 274570	7 KB
6	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	209 KB
6	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 64 www.google.com — Cisco Umbrella Rank: 2	1 KB
6	phnx.click api.phnx.click	3 KB
5	openx.net us-u.openx.net — Cisco Umbrella Rank: 369 rtb.openx.net — Cisco Umbrella Rank: 1434	1 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 530	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 384	112 KB
5	gemius.pl 1 redirects gaua.hit.gemius.pl — Cisco Umbrella Rank: 52625 ls.hit.gemius.pl — Cisco Umbrella Rank: 13716	16 KB
5	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1385 m.addthis.com — Cisco Umbrella Rank: 1349	219 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 226	4 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39	4 KB
4	bigmir.net c.bigmir.net — Cisco Umbrella Rank: 144878 i.bigmir.net — Cisco Umbrella Rank: 258953	2 KB
3	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 252	176 KB
3	quantserve.com 1 redirects pixel.quantserve.com — Cisco Umbrella Rank: 398 cms.quantserve.com — Cisco Umbrella Rank: 1043	1 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 102	3 KB
3	holder.com.ua i.holder.com.ua — Cisco Umbrella Rank: 293477 h.holder.com.ua — Cisco Umbrella Rank: 258304	4 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 565	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 341	953 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 567	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 318	922 B
2	everesttech.net 2 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 547 pixel.everesttech.net — Cisco Umbrella Rank: 3003	916 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 775 s.tribalfusion.com — Cisco Umbrella Rank: 2340	1 KB
2	myvisualiq.net 1 redirects t.myvisualiq.net — Cisco Umbrella Rank: 1384	1 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 932	344 B
2	gvt1.com 1 redirects redirector.gvt1.com — Cisco Umbrella Rank: 1501 r1---sn-aigl6nl7.gvt1.com — Cisco Umbrella Rank: 373042	562 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 274	1 KB
2	unpkg.com unpkg.com — Cisco Umbrella Rank: 864	43 KB
2	twimg.com cdn.syndication.twimg.com — Cisco Umbrella Rank: 1457 pbs.twimg.com — Cisco Umbrella Rank: 691	11 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5401	914 B
2	znctrack.net s.znctrack.net — Cisco Umbrella Rank: 161894	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 137	83 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 640 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2248	38 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1394	297 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 914	478 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1591	586 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 326	265 B
1	advertising.com sync.adaptv.advertising.com — Cisco Umbrella Rank: 14322	14 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 870	356 B
1	loadercdn.net loadercdn.net — Cisco Umbrella Rank: 456765	170 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 773	645 B
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1602	1015 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 350	1 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 437	5 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 2100	1 KB
339	54

	Domain	Requested by
31	kolobok.ua	1 redirects kolobok.ua
29	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com kolobok.ua tpc.googlesyndication.com 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
29	pagead2.googlesyndication.com	kolobok.ua z.cdn.umh.ua pagead2.googlesyndication.com googleads.g.doubleclick.net 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
21	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net kolobok.ua cdn.jsdelivr.net 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
18	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
18	exchange.informer.ua	kolobok.ua exchange.informer.ua cdn.jsdelivr.net
14	cdnjs.cloudflare.com	kolobok.ua cdnjs.cloudflare.com
11	cdn.admixer.net	kolobok.ua cdn.admixer.net
10	csi.gstatic.com	www.gstatic.com
10	ad.mox.tv	kolobok.ua ad.mox.tv
8	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net kolobok.ua
7	www.gstatic.com	googleads.g.doubleclick.net 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
6	www.googletagservices.com	googleads.g.doubleclick.net ad.mox.tv 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
6	inv-nets.admixer.net	cdn.admixer.net kolobok.ua ad.mox.tv
6	z.cdn.umh.ua	cdn.umh.ua
6	platform.twitter.com	kolobok.ua platform.twitter.com
6	api.phnx.click	kolobok.ua cdnjs.cloudflare.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.ampproject.org	securepubads.g.doubleclick.net
4	googleads4.g.doubleclick.net	googleads.g.doubleclick.net
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	www.google.com	1 redirects kolobok.ua tpc.googlesyndication.com 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
4	fonts.googleapis.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
4	gaua.hit.gemius.pl	1 redirects kolobok.ua gaua.hit.gemius.pl
4	s7.addthis.com	kolobok.ua s7.addthis.com
3	rtb.openx.net	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
3	encrypted-tbn1.gstatic.com	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
3	s0.2mdn.net	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
3	www.facebook.com	1 redirects kolobok.ua connect.facebook.net cdn.jsdelivr.net
3	i.bigmir.net	kolobok.ua
2	image6.pubmatic.com	2 redirects
2	eb2.3lift.com	2 redirects
2	ap.lijit.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	cms.quantserve.com	1 redirects 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
2	encrypted-tbn3.gstatic.com	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
2	t.myvisualiq.net	1 redirects 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	unpkg.com	ad.mox.tv
2	syndication.twitter.com	platform.twitter.com kolobok.ua
2	adservice.google.com	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	adservice.google.co.uk	pagead2.googlesyndication.com securepubads.g.doubleclick.net
2	s.znctrack.net	kolobok.ua
2	h.holder.com.ua	i.holder.com.ua
2	connect.facebook.net	kolobok.ua connect.facebook.net
2	www.google-analytics.com	kolobok.ua www.google-analytics.com
1	ag.innovid.com	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
1	pixel.everesttech.net	1 redirects
1	sync.go.sonobi.com	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
1	sync.adaptv.advertising.com	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	encrypted-tbn0.gstatic.com	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
1	encrypted-tbn2.gstatic.com	8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
1	pbs.twimg.com	kolobok.ua
1	r1---sn-aigl6nl7.gvt1.com	googleads.g.doubleclick.net
1	redirector.gvt1.com	1 redirects
1	odr.mookie1.com	kolobok.ua
1	bgstats.mox.tv	kolobok.ua
1	pixel.quantserve.com	kolobok.ua
1	cdn.syndication.twimg.com	platform.twitter.com
1	loadercdn.net	kolobok.ua
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	ls.hit.gemius.pl	gaua.hit.gemius.pl
1	c.bigmir.net	kolobok.ua
1	cdn.umh.ua	kolobok.ua
1	cdn.jsdelivr.net	kolobok.ua
1	stackpath.bootstrapcdn.com	kolobok.ua
1	upload.wikimedia.org	kolobok.ua
1	maxcdn.bootstrapcdn.com	kolobok.ua
1	i.holder.com.ua	kolobok.ua
339	82

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
mediadim.com.ua
www.bigmir.net

Subject Issuer	Validity	Valid
kolobok.ua R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
holder.com.ua R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
*.admixer.net Sectigo RSA Domain Validation Secure Server CA	`2021-06-08` - `2022-06-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
api.phnx.click R3	`2022-03-14` - `2022-06-12`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-10-19` - `2022-11-17`	a year	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.hit.gemius.pl Sectigo ECC Domain Validation Secure Server CA	`2021-09-08` - `2022-09-25`	a year	crt.sh
cdn.umh.ua R3	`2022-04-10` - `2022-07-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-01` - `2022-05-02`	3 months	crt.sh
exchange.informer.ua R3	`2022-03-10` - `2022-06-08`	3 months	crt.sh
c.bigmir.net R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
img.com.ua R3	`2022-04-09` - `2022-07-08`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
s.znctrack.net Sectigo RSA Domain Validation Secure Server CA	`2021-08-27` - `2022-09-05`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-31` - `2022-10-30`	a year	crt.sh
loadercdn.net R3	`2022-02-11` - `2022-05-12`	3 months	crt.sh
ad.mox.tv R3	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
bgstats.mox.tv R3	`2022-03-30` - `2022-06-28`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-03-23` - `2022-06-21`	3 months	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-03-15` - `2022-09-07`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 45 frames:

Primary Page: https://kolobok.ua/
Frame ID: 1D811F8BEBBB7033EE57CBB5ED326FF2
Requests: 144 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Frame ID: 479DFEAB6DD0979E317F80806AF3067D
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 95917CB1DC5D9909AB0D3A62FC2DC472
Requests: 6 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: 0418FEA0A8AB50A7F78FF136DE0F77F9
Requests: 6 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 9B4E1AFE19D5C6EC1FFB836567DAF0DA
Requests: 6 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 6967C4533375469A91C3D793FB3D9217
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Frame ID: A953278AEF472B75EFC1EF92F3CF5C7F
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Frame ID: FDDCB0FD8BA52061947BCA7727F42391
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html
Frame ID: 0B1439917126D81083DFD00C31572F45
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 6E46472D8B9FC43CE791F5F4FDF02A32
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: CC4427322B5513CFEA4515700504C7BF
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 63412DFBE73E7728A1FEC55E6AF93A74
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua
Frame ID: C9195A6BC1B499CC39E2810F8DD5B61A
Requests: 2 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 1E4BF1CAE42EB976C0B922D75F507CDF
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 901D9945BE2054C38CEC89B1FE77ABA6
Requests: 1 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 12036F970FE851A40C8A3E02E5FA2BF2
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5d9d4ac385534%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff947f185476828%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
Frame ID: 3078A3EEAE8BF46A7DB56F91B35F8974
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1650787186&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186162&bpp=2&bdt=602&idt=304&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7060697850119&frm=20&pv=2&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321
Frame ID: A414FBBAD79D2D11635A5C490AA0A7AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=9882372724&adk=3824879818&adf=3818598067&pi=t.ma~as.9882372724&w=960&lmt=1650787186&psa=0&format=960x180&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186166&bpp=1&bdt=607&idt=335&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RBIeHwpFBH&p=https%3A//kolobok.ua&dtd=342
Frame ID: 45E4A0E0739C1A0FBD7C22EBE87163A3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
Frame ID: 0625D8DFE10A2A87A264EDE747FB1320
Requests: 38 HTTP requests in this frame

Frame: https://s.znctrack.net/z
Frame ID: 9803B1C68D985D4F95C754454240C597
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: F3D8BA67C0F8D8059E7E239F295D69B1
Requests: 2 HTTP requests in this frame

Frame: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Frame ID: 4098FF62A386F54937F5A9C20D3DAE0F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js
Frame ID: 2AB9911BE79963F260D6F487DDD9757B
Requests: 1 HTTP requests in this frame

Frame: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1DB1BDF469292411EE542199ED749781
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js
Frame ID: FAE066C66A2BD9035436F329C27D7046
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
Frame ID: F4B09CB64F7EF91E90F5D7F3D9C506A4
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d9d4ac385534%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff947f185476828%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300
Frame ID: 8AE96D2D50246708E4C9B3FC715C4BB6
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: A9DE1EBEDFBC8F3CD4E062CA510B569C
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=smak
Frame ID: F310BB1D3B99A160B1BD56454E5022C9
Requests: 1 HTTP requests in this frame

Frame: https://exchange.informer.ua/informer/stat/?s=ivona
Frame ID: 9E93BE1202EFDD43E42C989EEA99AC83
Requests: 1 HTTP requests in this frame

Frame: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 7A8662304EE27A4897386B69BF1CD3B3
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 65188275C9B6A5279C47D0D87F257D93
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 03C7E3546CC1E94A24953CA1CECC1FD3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3376F3237583F38D2A4EFF2B34F12897
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi93pe8ATAB&v=APEucNXVPuzjRz4-W-SUEFEdB-IoJlDA2Yv3D1cTgbRB6iS5Fx92qv3kf3nVtumQ_o-rZFoko0XbRD-6EVczc3-MHyi-is71Bsa1Qw1l8rYomjjuTQZ6P1dPlM0VP9zKRADJm2S7-TVKkZyUq023v_dqVnM29viaSFbenJNPbVXpmqWxxTZeykY
Frame ID: CD0575DC39E6172C93E04A46DC8F0F8E
Requests: 5 HTTP requests in this frame

Frame: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E975795FA41CD0F72AA297E6AEE813A7
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPxZBCR7Z4BGPrH9MUBMAE&v=APEucNUwaKc1c4wo0rYi5clXnCa0tEQ1-K1XEl9CNzkQy--aN4RT7Lu0hzGHARY0_feKE_ekOgUnxH27bCZUNhx7upggpqhgkxMJhrNn9vQ3-Y3hz5jvoyEJSrn1t2-DRsUrkw86wKcH0bO7ARebQTtbl1LsQOVmTTNL823yjDjpIjcHW5sVE6g
Frame ID: C4F1BA1E2726AB19CFEAC8D2718D922F
Requests: 5 HTTP requests in this frame

Frame: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D00549D1F61B57B11434E0EEE57D5FD7
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C57280BF954AB3466358C743AB836ABB
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 01B5EE7CF69C3A8371792C534055FDA9
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F241B9E306F1E73C103134D2D3CD1312
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 118C443C499B618AD506BD2008665243
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D0EE059A03D45C4A2BE3C552E7A1B2FB
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js
Frame ID: A0021BFCF3AC6DC1971EA47524054625
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Дети, родители, семья и отношения - KOLOBOK.UA

Page URL History Show full URLs

http://kolobok.ua/ HTTP 301
https://kolobok.ua/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Gemius (Analytics) Expand

Overall confidence: 100%
Detected patterns

hit\.gemius\.pl/xgemius\.js
hit\.gemius\.pl
xgemius\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

339
Requests

91 %
HTTPS

48 %
IPv6

54
Domains

82
Subdomains

63
IPs

9
Countries

4959 kB
Transfer

9733 kB
Size

67
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/kolobok.ua.group/

Search URL Search Domain Scan URL

URL: https://mediadim.com.ua/donate/
Title: Допомогти журналістам

Search URL Search Domain Scan URL

URL: https://www.bigmir.net/
Title: bigmir)net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kolobok.ua/ HTTP 301
https://kolobok.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 118

https://gaua.hit.gemius.pl/_1650787186439/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=352&lsdata=FJDMV_CNv7dsoOiE623e0ifZ.1R9rF5LUL0Pu2f0tj3.b7nwztl6CN7Grr16qUWVh7k54_.8sHVz0OpccRyjEBFolEyf/cpL3xMQwJB2UA/&fpdata=RU8cQamZ4qVph2OteN9yljHZ153fxUP2D_adZA_oPWP.17&vis=1&fpcap= HTTP 301
https://gaua.hit.gemius.pl/__/_1650787186439/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=352&lsdata=FJDMV_CNv7dsoOiE623e0ifZ.1R9rF5LUL0Pu2f0tj3.b7nwztl6CN7Grr16qUWVh7k54_.8sHVz0OpccRyjEBFolEyf/cpL3xMQwJB2UA/&fpdata=RU8cQamZ4qVph2OteN9yljHZ153fxUP2D_adZA_oPWP.17&vis=1&fpcap=

Request Chain 119

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d9d4ac385534%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff947f185476828%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300 HTTP 302
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5d9d4ac385534%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff947f185476828%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Request Chain 171

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=2dc386a0-9fb6-4ca3-adda-c642773ed699&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=2dc386a0-9fb6-4ca3-adda-c642773ed699&gdpr=0&gdpr_consent= HTTP 302
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2d4535db-87e2-47cf-8692-cfa7a237739c&ssp=prodoohmox&gdpr=0&gdpr_consent=

Request Chain 183

https://redirector.gvt1.com/videoplayback?id=0434ac11bea8b047&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1650794387&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=152E64B64BF71E17375EBECAA4292FCC17E309DA.73CC5CE2ADDD53F18FAC7D8F5941A305A8F1B427&key=ck2 HTTP 302
https://r1---sn-aigl6nl7.gvt1.com/videoplayback?id=0434ac11bea8b047&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1650794387&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=336C6BFCC0C79830B4E8A78E62D69B8FAF132DA8.34B6061B6BFA76F6D7FFEEAD8706CC785D3F4F11&key=cms1&cms_redirect=yes&mh=ov&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigl6nl7&ms=nvh&mt=1650786737&mv=m&mvi=1&pl=48

Request Chain 192

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 250

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1&C=1

Request Chain 251

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmUDdJ-fGHzclxlrgJlyNAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1

Request Chain 252

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEF7Be_WE4RJPDMkCGMqlvjM&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF7Be_WE4RJPDMkCGMqlvjM%26google_cver%3D1

Request Chain 253

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjExMzczNDEyNzY4MjI1NTkxOA%3D%3D

Request Chain 268

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECVfkFqzjfx41oE1Yjwbaqc&google_cver=1

Request Chain 270

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEBE5eSa4S32C6UGN1nhkYho&google_cver=1

Request Chain 287

https://t.myvisualiq.net/impression_pixel?r=401349745&et=i&ago=212&ao=795&aca=27459952&si=6033200&ci=168420707&pi=332048446&ad=524088361&advt=4662460&chnl=-7&vndr=115&sz=8913&u=16626492143|27478160|ABAjH0hcX9TYWVTdUxPGofVIzQV2&pt=i HTTP 302
https://t.myvisualiq.net/ul_cb/impression_pixel?r=401349745&et=i&ago=212&ao=795&aca=27459952&si=6033200&ci=168420707&pi=332048446&ad=524088361&advt=4662460&chnl=-7&vndr=115&sz=8913&u=16626492143|27478160|ABAjH0hcX9TYWVTdUxPGofVIzQV2&pt=i

Request Chain 300

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFoYyR6yBL6ILDxkhAhxGTo&google_cver=1&google_push=AYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotdQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotdQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFoYyR6yBL6ILDxkhAhxGTo&google_cver=1&google_push=AYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotdQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotdQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 301

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEHBY2oGVZsx5zOn5RqG37MU&google_cver=1&google_push=AYg5qPLOiWf4tH33Va76WOf2Dy1AMdqZkYwfbEHqsAfY8jaoJnKW7vr50xsvam1q4e1l-3WBDlDP2icYslx8ILFizCmLi4KWPDhW7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHBY2oGVZsx5zOn5RqG37MU&google_push=AYg5qPLOiWf4tH33Va76WOf2Dy1AMdqZkYwfbEHqsAfY8jaoJnKW7vr50xsvam1q4e1l-3WBDlDP2icYslx8ILFizCmLi4KWPDhW7A

Request Chain 315

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAGdqHe1hrdAwd3VjNVnnDI&google_cver=1&google_push=AYg5qPIScWgoGyNIMA3sD2iPV0HKICF6IRMO3r8ih5vvf5pFrtgwQiawiUu0P2JxUjnQR5DVtr1vbzHtgrd0ECJAvwQOlrxc7ecJvg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5MDA3Njk4OTQxMTc1MjA3OA%3D%3D&google_push=AYg5qPIScWgoGyNIMA3sD2iPV0HKICF6IRMO3r8ih5vvf5pFrtgwQiawiUu0P2JxUjnQR5DVtr1vbzHtgrd0ECJAvwQOlrxc7ecJvg

Request Chain 317

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHNVJnsv9V1UyayyZMTfbOs&google_cver=1&google_push=AYg5qPJFG9rzvWcWGA8YLnSJY_gKdDUJyXuugS-uDrVkHlwZvCng6ADLvfNFiFczI9_MdBFvonOEMYIsl65OY3CRibHV4eRzeTXJxA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJEMDJKNTEtTy01Njk0&google_push=AYg5qPJFG9rzvWcWGA8YLnSJY_gKdDUJyXuugS-uDrVkHlwZvCng6ADLvfNFiFczI9_MdBFvonOEMYIsl65OY3CRibHV4eRzeTXJxA

Request Chain 319

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDcb7Whv6DDwtdAvpBG-UPs&google_cver=1&google_push=AYg5qPI-w6tt6dK9DvYqyJmPzJlSe6UPCtdm3HUSlMeAJgZNEPT3aAJh41spSvB0atq8rNBCF_wWfrMMKx673hw46A3sCU9Qn5VGCw HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDcb7Whv6DDwtdAvpBG-UPs&google_cver=1&google_push=AYg5qPI-w6tt6dK9DvYqyJmPzJlSe6UPCtdm3HUSlMeAJgZNEPT3aAJh41spSvB0atq8rNBCF_wWfrMMKx673hw46A3sCU9Qn5VGCw&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI-w6tt6dK9DvYqyJmPzJlSe6UPCtdm3HUSlMeAJgZNEPT3aAJh41spSvB0atq8rNBCF_wWfrMMKx673hw46A3sCU9Qn5VGCw&google_hm=4031284446f90d4fef117bb9

Request Chain 320

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFvbUwkjbQ-J3dgjUrE9zBs&google_cver=1&google_push=AYg5qPJtqM6wKnoUWmNiM4NGwmC3ywtT_TYiVTx8cebo0gNXghfPyPDDcDamEMaI1OVRBzNU1oUIYHmjleB-QdD63KgPPnSbsZUHNw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPJtqM6wKnoUWmNiM4NGwmC3ywtT_TYiVTx8cebo0gNXghfPyPDDcDamEMaI1OVRBzNU1oUIYHmjleB-QdD63KgPPnSbsZUHNw&google_gid=CAESEFvbUwkjbQ-J3dgjUrE9zBs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE1MDY3NjI2Mjc3MzE1NDIzNTgw&google_push=AYg5qPJtqM6wKnoUWmNiM4NGwmC3ywtT_TYiVTx8cebo0gNXghfPyPDDcDamEMaI1OVRBzNU1oUIYHmjleB-QdD63KgPPnSbsZUHNw

Request Chain 322

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHF88oCB7y2wBUKVQp2Do1M&google_cver=1&google_push=AYg5qPJFJCqWv7z024I12IplmZhkalVFGwWaIKJDiAe2nlzzigOmQkEVPR5EJHYm33kTXELOTX2Cq9eCdofdyg5rQJ5LQiK3Jdvmwg HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJFJCqWv7z024I12IplmZhkalVFGwWaIKJDiAe2nlzzigOmQkEVPR5EJHYm33kTXELOTX2Cq9eCdofdyg5rQJ5LQiK3Jdvmwg&google_hm=nC_U0OwONetv5F0HAG-Leg

Request Chain 323

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIUHAeJmpNk6xEeENW_AuzrIHZBDq0LjHfNb1aDC7YyT-9k7gs5geOHaoL_91VYdoGN98dloi5I0tQmooEh8g3edfenk20D_Q&google_gid=CAESEBsIxby7MOnezaQQfSw-GkE&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1VRGRRQUFCRzF2Q2xuYg&google_push=AYg5qPIUHAeJmpNk6xEeENW_AuzrIHZBDq0LjHfNb1aDC7YyT-9k7gs5geOHaoL_91VYdoGN98dloi5I0tQmooEh8g3edfenk20D_Q

Request Chain 325

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBWs-HbRCetNouel7Hfqkvo&google_cver=1&google_push=AYg5qPKUr0Jmt_AaHxOdxcdjI92pwx8-AxiSKOqth3f1Evb3xkLsS8h5AqcL2PEs4RSFsWfMvpTwYBaEAKyFC926c0UoBl-jwV1gwQ HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBWs-HbRCetNouel7Hfqkvo&google_cver=1&google_push=AYg5qPKUr0Jmt_AaHxOdxcdjI92pwx8-AxiSKOqth3f1Evb3xkLsS8h5AqcL2PEs4RSFsWfMvpTwYBaEAKyFC926c0UoBl-jwV1gwQ&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3j25UGdWTnyhOPfpFhjBsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUr0Jmt_AaHxOdxcdjI92pwx8-AxiSKOqth3f1Evb3xkLsS8h5AqcL2PEs4RSFsWfMvpTwYBaEAKyFC926c0UoBl-jwV1gwQ

Request Chain 326

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHNVJnsv9V1UyayyZMTfbOs&google_cver=1&google_push=AYg5qPJTCK1mWyO9XvJHxvG4DrMnXu6aEPUnvMpF3kTFWHLY7tQAPm3C5dhUn2xQdwQiR05vHoBpwFusLuHdf569waSij3DY6oSFkw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJEMDJKNTQtMTQtRzRRTw==&google_push=AYg5qPJTCK1mWyO9XvJHxvG4DrMnXu6aEPUnvMpF3kTFWHLY7tQAPm3C5dhUn2xQdwQiR05vHoBpwFusLuHdf569waSij3DY6oSFkw

Request Chain 327

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_cver=1&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ

339 HTTP transactions
15 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kolobok.ua/
Redirect Chain

http://kolobok.ua/
https://kolobok.ua/

141 KB
28 KB

369ms
211ms

Document
text/html

193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 94d5253c7c33ad2a37b73edcce28cda63f7791a078fdee092861e95ad0164520

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=300
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 08:01:29 GMT
server: nginx

Redirect headers

Connection: keep-alive
Content-Length: 178
Content-Type: text/html
Date: Sun, 24 Apr 2022 08:01:28 GMT
Location: https://kolobok.ua/
Server: nginx

GET
H/1.1 200
OK holder.js Show response
i.holder.com.ua/t/ 9 KB
4 KB 268ms
74ms Script
application/x-javascript 91.198.36.26
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://i.holder.com.ua/t/holder.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS: i1.i.ua
Software: nginx /
Resource Hash: 8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:45 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 14:14:15 GMT
Server: nginx
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: max-age=31536000
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=5
Expires: Mon, 24 Apr 2023 07:59:45 GMT

GET
H2 200 loader2.js Show response
cdn.admixer.net/scripts3/ 176 KB
55 KB 156ms
48ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/loader2.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: c6a2f6b42d23d9aeeefddd0186a6fc7cd1a2eba7e7ae873f9f985861cec39dfd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:15 GMT
server: nginx
etag: W/"6257e623-2c101"
x-cached-since: 2022-04-24T07:57:00+00:00
content-type: application/javascript
cache-control: max-age=600
cache: HIT
expires: Thu, 14 Apr 2022 09:26:40 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 155 KB
54 KB 173ms
79ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ad0966e290f5ecae0d3dcfe2da7110521dd24e1c8614bae686ed249299095a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54417
x-xss-protection: 0
server: cafe
etag: 16678965798253911708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 07:59:45 GMT

GET
H2 200 toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 6 KB
3 KB 171ms
55ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2884422
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2517
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1936"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHcJapQjhgpgNkm12tIHnPybUuY7gej5WaWk3NahHu4SaG2sPrtb8Bz6vf4ixoXXIuIaZArf2UL4woSoLUAHRmcjVYSghO%2BIaEmoyLuSPuXMy%2BQZVmEg2trH093NtGfm2uBNbesWZItK6TDNWMJeGD51"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d26ba22cc3e-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H2 200 common.css
api.phnx.click/css/ 571 B
465 B 220ms
69ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/css/common.css?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Mon, 16 Mar 2020 13:55:41 GMT
server: nginx
etag: W/"5e6f855d-23b"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice.css
api.phnx.click/common/CookiesNotice/ 945 B
662 B 221ms
70ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/common/CookiesNotice/notice.css?3
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Wed, 15 Apr 2020 07:30:42 GMT
server: nginx
etag: W/"5e96b822-3b1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/ 141 KB
22 KB 162ms
59ms Stylesheet
text/css 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 865
age: 43608
cdn-cachedat: 03/26/2022 19:00:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cdn-proxyver: 1.02
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: c4467bd048558bae62b72a591c0eb8f4
cf-ray: 700d4d26ac83cc5a-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/ 54 KB
10 KB 174ms
58ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 301910
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9804
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-d747"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tYvAL2FllSeDjIiqSL5IxR0uUGPbVhwCpLrjGLOBOsBjG54XiSU52atZwHLYpQgc7Wn1CBYoLqWCjve7RJDa5am8KIqovVe345iL%2FK4xRXyq2MCHk0spqXVheVO6lo%2FyiTLO4S%2FgFhzsyEa%2FWmiTWUZr"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d26ba23cc3e-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H2 200 swiper.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/4.2.2/css/ 19 KB
3 KB 172ms
57ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.2.2/css/swiper.min.css

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 14652385
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2583
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-4d3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DrrqR7Gey4zewaxKvFr97oB20A0u2IzIfsyLwjkM30ChQAs6qhFGtXdXOfzhYm16oOext4PWAy9aoiD9dEQal%2FnW22d7sispX%2BTBkD9aZzSbnUoNnKFt%2FFeGF%2BSvUJOpLs8t%2FYSf8Lqt1vEB0DXj86Fm"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d26ba24cc3e-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H2 200 style.min.css
kolobok.ua/css/ 67 KB
14 KB 81ms
81ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/css/style.min.css?8
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: d0f1e4e77e17ce26fbc4740970cb36bf9c1448242bbed6725897c804ad099416

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 10:29:16 GMT
server: nginx
etag: W/"6168067c-10bc0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 custom.css
kolobok.ua/a-custom/ 40 B
320 B 83ms
82ms Stylesheet
text/css 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/a-custom/custom.css?6
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1f7c5b9fc7520d2735786380c08033a9d450b27ef40c0f660f03b615aecb2293

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Wed, 31 Mar 2021 07:23:24 GMT
server: nginx
etag: W/"6064236c-28"
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 logo_top.png
kolobok.ua/images/ 8 KB
8 KB 80ms
77ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/logo_top.png?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Thu, 04 Feb 2021 12:11:24 GMT
server: nginx
etag: "601be46c-208f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8335
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 181d8ce3c6e36c11fc6d240426fe0a0e-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/81/36/44/813644/image_main/ 95 KB
95 KB 81ms
77ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/81/36/44/813644/image_main/181d8ce3c6e36c11fc6d240426fe0a0e-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 494bf5a334d5a8035148037786031da26a47786e8b79806531e78761e64fa961

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Sat, 01 May 2021 16:50:10 GMT
server: nginx
etag: "608d86c2-17a06"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 96774
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b65bef2e51beace85376900533acaf7f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/48/82/62/3/4882623/image_main/ 87 KB
88 KB 225ms
222ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/48/82/62/3/4882623/image_main/b65bef2e51beace85376900533acaf7f-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8231b63a9bea8566687d34805a0d91c74d3c4b78027b11cad3a01cc09b0a3b7d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Fri, 30 Apr 2021 10:08:11 GMT
server: nginx
etag: "608bd70b-15d54"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 89428
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7f3ade5880fb670f8f46022d6d9bc7f5-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/48/77/69/9/4877699/image_main/ 115 KB
115 KB 228ms
225ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/48/77/69/9/4877699/image_main/7f3ade5880fb670f8f46022d6d9bc7f5-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 329bd139b12fdde5748b8317b6fc8a091d0a5c5179fe68115dad1522acc5a812

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Thu, 22 Apr 2021 11:25:50 GMT
server: nginx
etag: "60815d3e-1ca91"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 117393
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 71535aba603483908bb67e164a3e35e7-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/48/81/34/3/4881343/image_main/ 60 KB
60 KB 298ms
295ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/48/81/34/3/4881343/image_main/71535aba603483908bb67e164a3e35e7-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 94994fe4a1e5b6a18470b80b196cbc6fad4974a4547a4ed809f4cc07cf56935e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Wed, 28 Apr 2021 14:04:29 GMT
server: nginx
etag: "60896b6d-ee0f"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 60943
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 8b10fdc89b433efaaf0d72bccea266d1-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/48/80/53/2/4880532/image_main/ 65 KB
65 KB 301ms
298ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/48/80/53/2/4880532/image_main/8b10fdc89b433efaaf0d72bccea266d1-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 77efaadd626b5e79f480465dac8687c7bf0ce74123ebd626d14e43947126ebf6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Tue, 27 Apr 2021 11:00:36 GMT
server: nginx
etag: "6087eed4-10213"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 66067
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 0c0da3a32c610a994bd8710ae7f0d048-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/96/16/38/961638/image_main/ 73 KB
74 KB 302ms
299ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/96/16/38/961638/image_main/0c0da3a32c610a994bd8710ae7f0d048-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c08c6f405c04cfe55a844e21b46746de2034a29f8e41523c195ad0922db8b32d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Sun, 18 Apr 2021 12:32:31 GMT
server: nginx
etag: "607c26df-125fb"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 75259
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 53f2cfbdc58d2eb697e4c9bbf8199c00-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/16/87/22/2/1687222/image_main/ 39 KB
39 KB 303ms
300ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/16/87/22/2/1687222/image_main/53f2cfbdc58d2eb697e4c9bbf8199c00-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: ef686defd0a3a84f11249b5ec488b63c0d5228da9b0649208bb2d8f8c5d2835b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Fri, 10 Apr 2020 08:44:59 GMT
server: nginx
etag: "5e90320b-9bd2"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 39890
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 30ecf6a62e2ad5521a2b36e9146f366d-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/62/76/42/1/6276421/image_main/ 16 KB
17 KB 304ms
301ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/62/76/42/1/6276421/image_main/30ecf6a62e2ad5521a2b36e9146f366d-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 387980c8b6a1ed97151290c26f3b297ffbfbafcdfcb631df727627bc739ef17a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Wed, 13 Apr 2022 09:40:42 GMT
server: nginx
etag: "62569a9a-41ae"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 16814
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 05f7b15695ddedfd27de6faf9f55ca91-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/97/21/13/972113/image_main/ 63 KB
63 KB 304ms
301ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/97/21/13/972113/image_main/05f7b15695ddedfd27de6faf9f55ca91-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 47d0e0a9ad5c86d6364b323e21203ca4f7f634c2cd397aad66f82f5de0370df7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Tue, 20 Apr 2021 13:00:38 GMT
server: nginx
etag: "607ed076-fc3c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 64572
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 2dc04d39a31834edeec7371544e9a734-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
kolobok.ua/i/48/79/74/8/4879748/image_main/ 85 KB
86 KB 370ms
368ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/48/79/74/8/4879748/image_main/2dc04d39a31834edeec7371544e9a734-quality_70Xresize_crop_1Xallow_enlarge_0Xw_698Xh_465.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 27c135ee588f442bf5c59527117a1c6de82259597bf1c84a2be39218d8ca00af

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Mon, 26 Apr 2021 10:00:43 GMT
server: nginx
etag: "60868f4b-1557e"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 87422
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 1x1.png
upload.wikimedia.org/wikipedia/commons/c/ca/ 95 B
1 KB 119ms
34ms Image
image/png 2620:0:862:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/8.0.8 /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 04:10:37 GMT
nel: { "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 13748
x-cache-status: hit-front
x-cache: cp3065 hit, cp3065 hit/27397
server-timing: cache;desc="hit-front", host;desc="cp3065"
content-length: 95
x-client-ip: 2001:ac8:21:e::10
x-object-meta-sha1base36: 1q4na1xj6topzln51tpzqqxtdtdwo9p
accept-ranges: bytes
last-modified: Sat, 04 Apr 2020 08:42:56 GMT
server: ATS/8.0.8
etag: 71a50dbba44c78128b221b7df7bb51f1
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy: interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch: Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin: *

GET
H2 200 audio-tailes.png
kolobok.ua/images/ 17 KB
17 KB 371ms
369ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/audio-tailes.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 23cf8643e60f9e01b1bcf914c323f3861466997045f8aee8ea1c737f6fb5a21b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Wed, 09 Sep 2020 14:44:19 GMT
server: nginx
etag: "5f58ea43-4374"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 17268
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 97 KB
29 KB 290ms
60ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: 2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:46 GMT
Content-Encoding: gzip
Age: 1009
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 29461
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:38:34 GMT
Server: ECS (mil/6CE7)
Etag: "f1369725ba22125b0df0251e74090aa0+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/ 86 KB
28 KB 61ms
60ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3495019
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 27781
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-15857"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B%2Fbw8v4G57KYOIKkTYrqL%2BGr4rkB4X0fUGcmWuhf%2BnJRB7fnoMXAcYZfQ21SkvQKzm6zVhTJyTe7wIdy3RQ%2BwK%2ByYSAkdi%2BEFRbf2lzSRJgy1nf1fS2m026vWu2E2lhQShWJzeEYtk%2F5EEZaNItgBBN2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d277ab4cc3e-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 70ms
57ms Script
application/javascript 2606:4700::6812:bcf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 617
age: 43608
cdn-cachedat: 2021-08-02 21:50:12
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 71f906965422c9529215d285b3135e95
cf-ray: 700d4d27cda9cc5a-ZRH
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.1/js/ 122 KB
28 KB 116ms
115ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.1/js/swiper.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 17156251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 28145
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:04:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03cf2-1e700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GrFAyOylysRC3yhVft83N5A2vlvA2Do1VB9aMr%2BGFuHbUk%2FtgP98pJVo2kYlAqFsI2K2OsYMjh35H52T1%2BuIzT6xqntx8tjAz9ZrsbEI8TH5H9dQtW3QEu7wNac16c3o7W%2BT0O0HINm0p9ozNEtbL1XG"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d27c880cc56-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H3 200 isotope.pkgd.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/ 35 KB
9 KB 68ms
66ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery.isotope/3.0.6/isotope.pkgd.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4612120
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8847
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec3-8a75"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDZmykbYMKTos%2F1GeF7T4Csq3XuJcaJlH2mKmjuAm1uQV2RUZ2GAchrpDNRyfUQ%2Fhm6Z%2FQKLyms4eedI%2FM7Bhi3yagxAYzirm%2F%2BwGTJ5tAxqNEDmp3%2FdgAJI%2BhVzA0tqyfjXCC4tlyoRGkD693EIXGuQ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d27c881cc56-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H2 200 hc-sticky.min.js Show response
cdn.jsdelivr.net/npm/hc-sticky@2.2.3/dist/ 11 KB
5 KB 173ms
63ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hc-sticky@2.2.3/dist/hc-sticky.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

301898d6bce363fd706de16a2d915e0382fc1a60d07b91d0ffd0609dd90b78a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 45465
x-jsd-version: 2.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19171-FRA, cache-iad-kiad7000061-IAD
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"2d58-OHp5NYJZm3BVirYCciTrlYiBEdQ"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7W%2FnAz%2BpsxZGKWgrQs%2BLD%2BjJsBU8cs7ks5ITR1Av2mgEPzOu%2FbiZXM6APg9RB20h6vSB814PJzGwA77g5Yf%2FEI%2BfmpcfiY0EqyL606YG7Nu2cyByi6cmmHP8HXWr7rPc7BAwv6LKMf43x6oZ41Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 700d4d28696ecc56-ZRH

GET
H3 200 jquery.waypoints.min.js Show response
cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/ 9 KB
3 KB 164ms
161ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/waypoints/4.0.1/jquery.waypoints.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 299455
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2417
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:51 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb0402f-2281"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JkC%2FPX7dar9yTHIqyMAmDYXMcZp%2BMHfa7qkzZB886y8Ujnkt6Em3iIN2bnJb98BH%2FO7jvBHH0xkt5oSlGI2KkNkXe7fYkUXLdD5bUan3chk5dIZCOObAw1u1HwU7MUmkZ64%2B7wlLw28f6rQhmGau3tmq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d27c883cc56-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H3 200 blazy.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/ 5 KB
2 KB 114ms
111ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blazy/1.8.2/blazy.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 77014
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1735
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-1448"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b7zMhpF1qtbs1XijCZmj%2BYRKdl2GuGhW%2BErFBdxDBcR3obq7uV8bx8QOjp4xJ6kHmqwson7mSKpdNui9MNqCU5XfFoEtnggQZkd4vGBFwfOy49og5FyoVfXLMdM6%2FZaQT%2FpgNxyD63yC5ODxrERvRdOt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d27c885cc56-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/300/ 353 KB
114 KB 200ms
49ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/300/addthis_widget.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Sun, 24 Apr 2022 07:59:46 GMT
x-host: s7.addthis.com
content-length: 116389

GET
H2 200 app.min.js Show response
kolobok.ua/js/ 5 KB
2 KB 81ms
76ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/js/app.min.js?23
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bd62fd631f2f388a0ffb74ec23e67f2baf8816e8a9bc2df95ebad6f63a575b9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: W/"6076c395-1459"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 instafeed.min.js Show response
kolobok.ua/js/ 7 KB
3 KB 81ms
76ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/js/instafeed.min.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: W/"6076c395-1a80"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-credentials: true
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 article-stat-v2.js Show response
api.phnx.click/js/ 976 B
607 B 73ms
69ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/js/article-stat-v2.js?8
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Mon, 29 Apr 2019 05:26:10 GMT
server: nginx
etag: W/"5cc68af2-3d0"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1 KB 164ms
160ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1522992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mhM%2FFCpdnXdw2JfHWpTjGJlyfDrDhp%2Fr5ErzMi7WdtoXhZlfgNcCZi%2FJV%2BJgDzVLJyeneOsLssrQIc5i7cmr6OHmj%2F4N5VYCuhJmsRgl2rgPKnjxmHuxZjO1A7U9v%2BZLD%2FvTa0I%2BHcra5YyAMYhp%2FQw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d27c886cc56-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H3 200 md5.min.js Show response
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 4 KB
2 KB 65ms
62ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 5716265
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1339
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:06:35 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d8b-eb6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rQh0MUIUiQzv2qWD11pQgFfydYq8fhaKqEYjOfERUZQHWsLX%2B8yy9jXwGTxph0Nv4dHvjyIGhq2xv%2Fa31xXC8FV8HR0vQkqDIcyrqVdAQdWC6BEGcgaCv7BooTquxNgUOTaYiWSjvyZ3iznCndZJRLX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d27c888cc56-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H3 200 toastr.min.js Show response
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 5 KB
2 KB 164ms
160ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22497319
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1763
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:02 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ffe-1483"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RqwDiLUmJZma30i0ETtow2ptAe2n94p9ibpT2d22m89k%2FanSlI4k545P9D2akdtQKxvt1wAcuFOCsDsDqODda7suWQSff5lx1bQsEWmqpr%2BYibM4C8KDM1gqNAObK0%2FWdcx1KQT0NdqkZZOwcAEQ6DBA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d27c889cc56-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H2 200 common.js Show response
api.phnx.click/js/ 3 KB
1 KB 73ms
69ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/js/common.js?1
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 10:11:50 GMT
server: nginx
etag: W/"5e1307e6-a00"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 notice.js Show response
api.phnx.click/common/CookiesNotice/ 648 B
516 B 73ms
69ms Script
application/javascript 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/common/CookiesNotice/notice.js?2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 13:24:19 GMT
server: nginx
etag: W/"5e42ab03-288"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
access-control-allow-headers: *
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 131ms
40ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1495
date: Sun, 24 Apr 2022 07:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 24 Apr 2022 09:34:50 GMT

GET
H2 200 xgemius.js Show response
gaua.hit.gemius.pl/ 43 KB
12 KB 174ms
58ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/xgemius.js
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
last-modified: Thu, 21 Apr 2022 06:09:03 GMT
server: GHC
vary: Accept-Encoding,Origin
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: max-age=43200
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 11715
expires: Sun, 24 Apr 2022 19:59:46 GMT

GET
H2 200 e.js Show response
cdn.umh.ua/libs/ 6 KB
3 KB 130ms
39ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.umh.ua/libs/e.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305

Server

78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

hosted-by.leaseweb.com

Software

nginx /

Resource Hash

4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: Accept-Encoding
x-xss-protection: 1; mode=block;
last-modified: Tue, 01 Mar 2022 15:54:34 GMT
server: nginx
etag: W/"621e41ba-16f4"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
expires: Mon, 25 Apr 2022 07:59:45 GMT

GET
H2 200 kids_pattern.png
kolobok.ua/images/ 19 KB
19 KB 369ms
369ms Image
image/png 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/kids_pattern.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: db3ce8768c4e10435d706169fbf1c5d3ed4703f01fd5d428abf2a4eb87a2e734

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-4b88"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 19336
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 dinroundpro-bold.woff2
kolobok.ua/fonts/ 36 KB
36 KB 368ms
368ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro-bold.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: bead87b2c8ee8424cda8e6d4dec906754c8b4c9860f9e8a84d4c62c3ba288ee2

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-8e30"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 36400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45419/ Frame 479D 738 B
510 B 51ms
51ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 24 Apr 2022 07:59:45 GMT
etag: W/"6257e634-2e2"
expires: Sat, 15 Apr 2023 09:16:40 GMT
last-modified: Thu, 14 Apr 2022 09:15:32 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
x-id: fr5-up-gc33

GET
H2 200 376cef9bc739cb759b1b.b.js Show response
cdn.admixer.net/scripts3/45419/ 23 KB
8 KB 53ms
53ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/376cef9bc739cb759b1b.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:23 GMT
server: nginx
etag: W/"6257e62b-5d41"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:41+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:40 GMT

GET
H2 200 8fa10895f61293c9aa16.b.js Show response
cdn.admixer.net/scripts3/45419/ 75 KB
19 KB 57ms
57ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/8fa10895f61293c9aa16.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 24 Apr 2022 07:59:45 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:29 GMT
server: nginx
etag: W/"6257e631-12a41"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:41+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:40 GMT

GET
H2 200 spt_item.gif
kolobok.ua/images/ 2 KB
2 KB 326ms
325ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 86b67e98ae1805a0fa348e3e1d118a7b6661d66a6fd88609e8c7f59562a986a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-773"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1907
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spt_item5.gif
kolobok.ua/images/ 2 KB
2 KB 326ms
325ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item5.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 02c30a2f8ab99e50290330ce2b9c3b7df9bcabbbd0f65442d2f929cb2fec3162

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-675"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1653
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 spt_item4.gif
kolobok.ua/images/ 1 KB
2 KB 326ms
325ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/spt_item4.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1e99d1e6fe74443f70e6b1bb68cca578728ec9d7669c2ee3ecaef8239f6eb956

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-5bb"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 1467
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 13 KB
14 KB 102ms
55ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a64c3f8968235caf4367a733443be4ab6274fd32383d31bf96f607d1f87153a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 533049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13552
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-34f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4kcGSVvnKoOVPIcMLFb7maBwLA5PhIMYtc7CWubtQcTTKWN4qOG%2FDr1cbQd0m3HwK%2BBoltqaXsiu9KEWAM2LqnA%2F%2Flhtji%2BoWsA184OQwgMiC2Tee3rSSDeM9g6mDhMEa97DeDZkvWEiZxOOofxV7L1y"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d285a280215-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 73 KB
74 KB 147ms
100ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f8971058530863cdfbe3d156d8d5c6f7a6a42d5884f4e82cde8e3692b91e535

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1514695
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74768
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12410"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=topw1sfo3sWUua1lFzmNNoeN9A7p4MeTui3MkscBZ8040XaIoQtNn71LflGq9MYCk86Cuge5%2Bwg7eTzpdBdQ85c6pCNtlA3n76kmt%2FFGsyiD5QvHRHw2wXxoAC6whLfbiHVuvB%2FsfCTPQ3eKwo2YYApt"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d285a290215-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/ 73 KB
73 KB 237ms
190ms Font
application/octet-stream 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

83256161be4addb3aefe369a31de46f42def521d423ab1b344883d49c2bd1953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.8.1/css/all.min.css
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:45 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1414137
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 74256
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12210"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJRA8kqYBoOGe40l5DMZAvj74f3yG0xBO4QIxoeEJzseaMpt9AzXWWXmLHDRe4Wlqh1tBh07LdV7TdfmwUUjuotYy8jFT4fpkE%2Bwl%2BUdCKUQU2TjQfRdnKcZzyqVLyhDGLhl%2BHMKwlsu1Pgr0NdTZsWM"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 700d4d285a2a0215-ZRH
expires: Fri, 14 Apr 2023 07:59:45 GMT

GET
H2 200 dinroundpro-black.woff2
kolobok.ua/fonts/ 34 KB
34 KB 314ms
313ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro-black.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 091105bb0811a882fd4f7fedb9e8dcf8a8fd0358106f000d7dd74cd1626dabe5

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-886c"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 34924
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 129ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5225e55a9f76662488dbb2fe50d3f061a1d30ac33e80fd807918a871f7197dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 3D/0PKlYQqBpuKdfBTJC3g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: 3PtqNqyc3vjS68yW1Frkrlkg43qHH2zMY48e/HxG5Ge3XLm1gQ4fuDT83r7+9WtlMOVSOO/7ZNdNS5CRO+J1Gg==
x-fb-trip-id: 917726464
x-fb-content-md5: 2735472f72e4a99866cf944c25177552
x-frame-options: DENY
date: Sun, 24 Apr 2022 07:59:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "3cc22e0a38079ef04ba67e9db93fd070"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 24 Apr 2022 08:06:13 GMT

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 9591 5 KB
1 KB 230ms
74ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=ivona
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: 6f51b9306a9b1dba6bb4044eb9a433f12c7fbc8f5e8316bceb59108f56f91586

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 08:01:37 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
DATA 200
OK truncated
/ 150 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 loader.gif
kolobok.ua/images/ 9 KB
9 KB 303ms
301ms Image
image/gif 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/loader.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c9c616de646e94b9adea60ef1e8ffe5246f82b82baa1e039b1b6007067791773

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-22ee"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 8942
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sidebar_quote_b1.jpg
kolobok.ua/images/ 22 KB
22 KB 302ms
302ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/images/sidebar_quote_b1.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0cf67a88e4158309a7aec1613a776c80db3dc47769b1865ba427078bae937819

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/css/style.min.css?8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:29 GMT
last-modified: Wed, 14 Apr 2021 10:27:33 GMT
server: nginx
etag: "6076c395-57b1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22449
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 0418 4 KB
1 KB 212ms
81ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=smak
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: 97d726ff03b745813d3eafe624a634f84b5d492e9919a7298bed8da0dcbac597

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 08:01:37 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H2 200 / Show response
exchange.informer.ua/informer/stat/ Frame 9B4E 5 KB
1 KB 203ms
74ms Document
text/html 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.informer.ua/informer/stat/?s=ivona
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 / PHP/7.1.17
Resource Hash: 68a0125044395d932f7a7a1320ba73aef0c7aaa22b2c84a1289bcdcfa890b8dd

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 08:01:37 GMT
server: nginx/1.12.2
vary: Accept-Encoding
x-powered-by: PHP/7.1.17

GET
H/1.1 200
OK / Show response
c.bigmir.net/ 132 B
423 B 281ms
67ms Script
application/x-javascript 193.239.68.97
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n920013&w0&y0&d24&r1600
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: c.bigmir.net
Software: nginx /
Resource Hash: c17a0d41861ea06a326148782f7fd4d75ff7dfccdcac9b8f01e8ee5850e11c1f

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 07:59:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/x-javascript; charset=windows-1251
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=5
Expires: 0

GET
H2 200 load Show response
z.cdn.umh.ua/ 56 B
381 B 47ms
40ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1466079092&div=zone_1466079092&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=952&pl=3&mi=4&me=8&hc=4&n=1650787185993&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=3486212075
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 254f33bb44c46523cce6e349f8ea4ec60151ca4337024b647502da496df48b9c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 56
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 1 KB
1 KB 47ms
41ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1320537623&div=zone_1320537623&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=952&pl=3&mi=4&me=8&hc=4&n=1650787185993&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=3486212075
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: b5228c3cfde462641acf7901801a02057b709c98c6d0f78e746fc2432e00bb1b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 743
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 57 B
382 B 46ms
40ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1584315929&div=zone_1584315929&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=952&pl=3&mi=4&me=8&hc=4&n=1650787185993&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=3486212075
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: d54ac0208d59cd7d261f9ad3c02558ad7cdad6785a35514e25e872d055d28ec2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 57
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 2 KB
1 KB 40ms
40ms Script
application/javascript 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1982059428&div=zone_1982059428&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=952&pl=3&mi=4&me=8&hc=4&n=1650787185993&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=3486212075
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: a1fd281902276d154751864bbf5d9dc6fa7c6b826d548cbaeeabc048bfd5fcd4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: application/javascript; charset=utf-8
content-length: 952
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 75 B
400 B 40ms
39ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1619353633&div=zone_1619353633&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=952&pl=3&mi=4&me=8&hc=4&n=1650787185993&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=3486212075
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: ac7eed07b5d8d9f32110d81fd1def84f3ee9a59d7fe7941a79a2b014f3fa1afb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 75
expires: -1

GET
H2 200 load Show response
z.cdn.umh.ua/ 75 B
400 B 39ms
39ms Script
text/plain 78.159.118.240
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.umh.ua/load?z=1836467761&div=zone_1836467761&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=952&pl=3&mi=4&me=8&hc=4&n=1650787185993&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=3486212075
Requested by: Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server: 78.159.118.240 Mindelheim, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx /
Resource Hash: 085583262fc989309eef660f40bfcd1725cc57edb8cad2c03e95382ce3e0b50f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
server: nginx
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-type: text/plain; charset=utf-8
content-length: 75
expires: -1

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 135ms
51ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=111218242&t=pageview&_s=1&dl=https%3A%2F%2Fkolobok.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1692844810&gjid=2018168371&cid=1151495306.1650787186&tid=UA-82254946-1&_gid=1665119369.1650787186&_r=1&_slc=1&z=475715823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 159 KB
55 KB 147ms
64ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269

Requested by

Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1982059428&div=zone_1982059428&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=952&pl=3&mi=4&me=8&hc=4&n=1650787185993&url=kolobok.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D1%82%D0%B8%2C%20%D1%80%D0%BE%D0%B4%D0%B8%D1%82%D0%B5%D0%BB%D0%B8%2C%20%D1%81%D0%B5%D0%BC%D1%8C%D1%8F%20%D0%B8%20%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20-%20KOLOBOK.UA&zyx=3486212075

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10a174ee36c89015b513c53561bcb8382b70c9ecb696526210e40447e4faa6de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56003
x-xss-protection: 0
server: cafe
etag: 4080268972314933554
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 07:59:46 GMT

GET
H2 200 fpdata.js Show response
gaua.hit.gemius.pl/ 279 B
393 B 55ms
54ms Script
application/x-javascript 54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/fpdata.js?href=kolobok.ua
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: 81b500a065c842cbbe96dac2f133c288ba2c1487afb35dbdcfa4dc1aba451b89

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
server: GHC
etag: PRIVATE7520710249
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: private, max-age=2592000
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 279
expires: Tue, 24 May 2022 07:59:46 GMT

GET
H2 200 lsget.html Show response
ls.hit.gemius.pl/ Frame 6967 5 KB
3 KB 179ms
59ms Document
text/html 146.59.30.104
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ls.hit.gemius.pl/lsget.html
Requested by: Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS: ip104.ip-146-59-30.eu
Software: GHC /
Resource Hash: b94df33a0a563c19e0742f46241f42ba1c1d27dbb99d5588bc4342e589867f57

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: none
cache-control: private, max-age=2592000
content-encoding: gzip
content-length: 2718
content-type: text/html;charset=utf-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:46 GMT
etag: PRIVATE7520710249
expires: Tue, 24 May 2022 07:59:46 GMT
last-modified: Mon, 16 Jul 2012 10:03:40 GMT
p3p: CP="NOI DSP COR NID PSAo OUR IND"
server: GHC
vary: Accept-Encoding,Origin,User-Agent

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 284 KB
81 KB 82ms
40ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=2cab2dcf1d7aab29b12fe8a294bb967a

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b2bbd2f460b12e9e57c06bd38e47d76a1b564055cd0d99e20085a16aa3830a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kolobok.ua/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: PNmYGR6gp8XZJqVCTxft3w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
expires: Mon, 24 Apr 2023 07:06:11 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 83057
x-fb-rlafr: 0
x-fb-debug: rRJR7ALt9Sya60yNMQ1g6xy4Jzb/a2W2y2p2dSCOt56yMSpFzivGNyT7B+KayHrE96R5fgGmRiAHJDylL/GaqQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: c90a3a8dd8a8ca5cbae64a1ae4dbbe3c
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 07:59:46 GMT
x-frame-options: DENY
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "3829663209ffa51762c802f76f506dd2"
timing-allow-origin: *
priority: u=3,i
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45419/ Frame A953 738 B
419 B 50ms
50ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 24 Apr 2022 07:59:46 GMT
etag: W/"6257e634-2e2"
expires: Sat, 15 Apr 2023 09:16:40 GMT
last-modified: Thu, 14 Apr 2022 09:15:32 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
x-id: fr5-up-gc33

GET
H2 200 c.html Show response
cdn.admixer.net/scripts3/45419/ Frame FDDC 738 B
396 B 45ms
45ms Document
text/html 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/c.html?b=45419
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache: HIT
cache-control: max-age=31622400
content-encoding: gzip
content-type: text/html
date: Sun, 24 Apr 2022 07:59:46 GMT
etag: W/"6257e634-2e2"
expires: Sat, 15 Apr 2023 09:16:40 GMT
last-modified: Thu, 14 Apr 2022 09:15:32 GMT
server: nginx
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:40+00:00
x-id: fr5-up-gc33

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/ 304 KB
108 KB 150ms
66ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a95921db9171e0d643e275396758be2e677cdd968573300feb31ece7ca16c6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110938
x-xss-protection: 0
server: cafe
etag: 16457167974414467343
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 24 Apr 2022 07:59:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/ Frame 0B14 10 KB
5 KB 131ms
41ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 33533
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 23 Apr 2022 22:40:53 GMT
etag: 14837630671339829333
expires: Sat, 07 May 2022 22:40:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
435 B 106ms
35ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-82254946-1&cid=1151495306.1650787186&jid=1692844810&gjid=2018168371&_gid=1665119369.1650787186&_u=IEBAAEAAAAAAAC~&z=703456874

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 24 Apr 2022 07:59:46 GMT
content-type: text/plain
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 b7d0eac342652d5c7a368e6645cdaea7.jpg
exchange.informer.ua/assets/thumbnails/b7/ Frame 9B4E 8 KB
8 KB 70ms
70ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/b7/b7d0eac342652d5c7a368e6645cdaea7.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ff75dfd781902579ee80a09ee0d001927c94d7d6cff9cb08f011ec2b799ca5c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sat, 23 Apr 2022 15:21:04 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62641960-202e"
content-length: 8238
content-type: image/jpeg

GET
H2 200 8f111f41a0d95fc1878e09fb9088a062.jpg
exchange.informer.ua/assets/thumbnails/8f/ Frame 9B4E 5 KB
6 KB 70ms
70ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/8f/8f111f41a0d95fc1878e09fb9088a062.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 725143dc665755eddcd2fb384bcf3039cb250fcb1c3af87d8fb258ba689c9b55

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sun, 24 Apr 2022 07:21:06 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6264fa62-15f1"
content-length: 5617
content-type: image/jpeg

GET
H2 200 1413b2f40a6b6fd27e268ebe1d60c372.jpg
exchange.informer.ua/assets/thumbnails/14/ Frame 9B4E 7 KB
7 KB 122ms
122ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/14/1413b2f40a6b6fd27e268ebe1d60c372.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8f3cf2225a7f4ab0953ac2ac0bf1c38874ee7bd6a56bf937c52688ac419a2dc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sun, 24 Apr 2022 07:31:02 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6264fcb6-1aa9"
content-length: 6825
content-type: image/jpeg

GET
H2 200 dd7fb520ed8ca6fa4b8df4b15a39f01c.jpg
exchange.informer.ua/assets/thumbnails/dd/ Frame 9B4E 8 KB
8 KB 183ms
183ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/dd/dd7fb520ed8ca6fa4b8df4b15a39f01c.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 2f1924ee0ccfc921a2f6d00afdc6b8a94112e76d706af0df6279ee5de19fafe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sat, 23 Apr 2022 16:21:05 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62642771-1eb7"
content-length: 7863
content-type: image/jpeg

GET
H2 200 f4d80ecf2f4e5fd77f2291a389ebb660.jpg
exchange.informer.ua/assets/thumbnails/f4/ Frame 9B4E 7 KB
7 KB 184ms
184ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/f4/f4d80ecf2f4e5fd77f2291a389ebb660.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5380c242e0f1f0053e963a1612925778f1ec569b54d9033e32b7730040c500d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sun, 24 Apr 2022 06:21:07 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6264ec53-1a30"
content-length: 6704
content-type: image/jpeg

GET
H2 200 f4d80ecf2f4e5fd77f2291a389ebb660.jpg
exchange.informer.ua/assets/thumbnails/f4/ Frame 9591 7 KB
7 KB 131ms
131ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/f4/f4d80ecf2f4e5fd77f2291a389ebb660.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 5380c242e0f1f0053e963a1612925778f1ec569b54d9033e32b7730040c500d6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sun, 24 Apr 2022 06:21:07 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6264ec53-1a30"
content-length: 6704
content-type: image/jpeg

GET
H2 200 b7d0eac342652d5c7a368e6645cdaea7.jpg
exchange.informer.ua/assets/thumbnails/b7/ Frame 9591 8 KB
8 KB 132ms
131ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/b7/b7d0eac342652d5c7a368e6645cdaea7.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: ff75dfd781902579ee80a09ee0d001927c94d7d6cff9cb08f011ec2b799ca5c9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sat, 23 Apr 2022 15:21:04 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62641960-202e"
content-length: 8238
content-type: image/jpeg

GET
H2 200 8f111f41a0d95fc1878e09fb9088a062.jpg
exchange.informer.ua/assets/thumbnails/8f/ Frame 9591 5 KB
6 KB 172ms
172ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/8f/8f111f41a0d95fc1878e09fb9088a062.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 725143dc665755eddcd2fb384bcf3039cb250fcb1c3af87d8fb258ba689c9b55

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sun, 24 Apr 2022 07:21:06 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6264fa62-15f1"
content-length: 5617
content-type: image/jpeg

GET
H2 200 1413b2f40a6b6fd27e268ebe1d60c372.jpg
exchange.informer.ua/assets/thumbnails/14/ Frame 9591 7 KB
7 KB 172ms
172ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/14/1413b2f40a6b6fd27e268ebe1d60c372.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 8f3cf2225a7f4ab0953ac2ac0bf1c38874ee7bd6a56bf937c52688ac419a2dc3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sun, 24 Apr 2022 07:31:02 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6264fcb6-1aa9"
content-length: 6825
content-type: image/jpeg

GET
H2 200 dd7fb520ed8ca6fa4b8df4b15a39f01c.jpg
exchange.informer.ua/assets/thumbnails/dd/ Frame 9591 8 KB
8 KB 173ms
172ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/dd/dd7fb520ed8ca6fa4b8df4b15a39f01c.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 2f1924ee0ccfc921a2f6d00afdc6b8a94112e76d706af0df6279ee5de19fafe2

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=ivona
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:38 GMT
last-modified: Sat, 23 Apr 2022 16:21:05 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62642771-1eb7"
content-length: 7863
content-type: image/jpeg

GET
H2 200 e782117be502450ef3f9fffe5e58a018.jpg
exchange.informer.ua/assets/thumbnails/e7/ Frame 0418 6 KB
7 KB 131ms
131ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/e7/e782117be502450ef3f9fffe5e58a018.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 3e78d7cda1a0574586b0ccb95ab53f1d0d9bde3fd65f2064e2a71e3173486421

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sat, 23 Apr 2022 16:20:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62642733-1999"
content-length: 6553
content-type: image/jpeg

GET
H2 200 6b99a56d589f36784ce922a49b7edca0.jpg
exchange.informer.ua/assets/thumbnails/6b/ Frame 0418 8 KB
8 KB 132ms
131ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/6b/6b99a56d589f36784ce922a49b7edca0.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 2ecd0b5916e26d54760d24872ff76b2bd4632a0b7c02d30a1c1fd331ab6ac69b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:37 GMT
last-modified: Sat, 23 Apr 2022 13:21:02 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6263fd3e-2076"
content-length: 8310
content-type: image/jpeg

GET
H2 200 d29bd0dbb54ee441db7db9e3d2e06406.jpg
exchange.informer.ua/assets/thumbnails/d2/ Frame 0418 8 KB
8 KB 173ms
172ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/d2/d29bd0dbb54ee441db7db9e3d2e06406.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 073fb309d5f0f8aac25fbfde4bcbde780eed5981b9589f62a7efd49a8596c690

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:38 GMT
last-modified: Sat, 23 Apr 2022 15:21:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6264195f-1e0b"
content-length: 7691
content-type: image/jpeg

GET
H2 200 782e08806ec18543894e0c856d04783b.jpg
exchange.informer.ua/assets/thumbnails/78/ Frame 0418 7 KB
7 KB 173ms
173ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/78/782e08806ec18543894e0c856d04783b.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 6adfc0815036d31d722765828f79d9f7f22ee207d730f56633b8d9d9dd81d693

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:38 GMT
last-modified: Sat, 23 Apr 2022 14:21:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "62640b4f-1a95"
content-length: 6805
content-type: image/jpeg

GET
H2 200 93232e790287f16add76650735cec59f.jpg
exchange.informer.ua/assets/thumbnails/93/ Frame 0418 7 KB
7 KB 173ms
173ms Image
image/jpeg 193.29.200.142
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.informer.ua/assets/thumbnails/93/93232e790287f16add76650735cec59f.jpg
Requested by: Host: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.142 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx/1.12.2 /
Resource Hash: 9bcdfc9421524082b08208626e08051538d2a73901b58e148ed88a7ce7cf7a41

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://exchange.informer.ua/informer/stat/?s=smak
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:38 GMT
last-modified: Sun, 24 Apr 2022 07:21:03 GMT
server: nginx/1.12.2
accept-ranges: bytes
etag: "6264fa5f-1d0b"
content-length: 7435
content-type: image/jpeg

GET
H2 200 b53_left.gif
i.bigmir.net/cnt/samples/default/ 319 B
492 B 213ms
66ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_left.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: 35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
last-modified: Tue, 23 Jan 2007 13:14:26 GMT
server: nginx
etag: "45b60a32-13f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 319
expires: Wed, 27 Apr 2022 07:59:46 GMT

GET
H2 200 b53_center.gif
i.bigmir.net/cnt/samples/default/ 96 B
267 B 213ms
66ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_center.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
last-modified: Tue, 23 Jan 2007 13:14:25 GMT
server: nginx
etag: "45b60a31-60"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 96
expires: Wed, 27 Apr 2022 07:59:46 GMT

GET
H2 200 b53_right.gif
i.bigmir.net/cnt/samples/default/ 319 B
491 B 213ms
66ms Image
image/gif 193.239.71.100
BIGMIR-INTERNET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.bigmir.net/cnt/samples/default/b53_right.gif
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.239.71.100 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS: rs.img.com.ua
Software: nginx /
Resource Hash: de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
last-modified: Tue, 23 Jan 2007 13:14:26 GMT
server: nginx
etag: "45b60a32-13f"
content-type: image/gif
cache-control: max-age=259200
accept-ranges: bytes
content-length: 319
expires: Wed, 27 Apr 2022 07:59:46 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 132ms
41ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16158
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET /
exchange.informer.ua/informer/stat/ Frame 6E46 0
0

GET /
exchange.informer.ua/informer/stat/ Frame CC44 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 6341 0
0

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 261ms
74ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_300x100_6255&c1&r43992134&dholder1584315929&hhttps%3A//kolobok.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:46 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 400
Bad Request s
h.holder.com.ua/ 0
0 262ms
75ms Script
text/plain 91.198.36.35
DIGITAL-VENTURES

General

Check archive.org

Show headers Download Go to

Full URL: https://h.holder.com.ua/s?ta&bholder_300x50_6256&c1&r43992134&dholder1466079092&hhttps%3A//kolobok.ua/
Requested by: Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:46 GMT
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

GET
H/1.1 200
OK widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html Show response
platform.twitter.com/widgets/ Frame C919 319 KB
104 KB 61ms
60ms Document
text/html 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CF8) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 293681
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105433
Content-Type: text/html; charset=utf-8
Date: Sun, 24 Apr 2022 07:59:46 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Wed, 13 Apr 2022 12:15:11 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (mil/6CF8)
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/ra-5cde4c546c360164/ 3 KB
1015 B 275ms
266ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/ra-5cde4c546c360164/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b1d76224d2d919a0d3e8950b5f754d60d84cb73037a463cdf0d61a52853757f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
etag: -1347345604--gzip
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public, max-age=60, s-maxage=86400
content-disposition: attachment; filename=1.txt
content-length: 838

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 188ms
181ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=62650372f45904cd&bkl=0&bl=1&pdt=537&sid=62650372f45904cd&pub=ra-5cde4c546c360164&rev=v8.28.8-wp&ln=ru&pc=men&cb=0&ab=-&dp=kolobok.ua&fp=&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=%D0%B1%D0%B5%D1%80%D0%B5%D0%BC%D0%B5%D0%BD%D0%BD%D0%BE%D1%81%D1%82%D1%8C%2C%D1%80%D0%BE%D0%B4%D1%8B%2C%D1%81%D0%BE%D0%B2%D0%B5%D1%82%D1%8B%20%D0%BF%D0%BE%20%D1%83%D1%85%D0%BE%D0%B4%D1%83%20%D0%B7%D0%B0%20%D1%80%D0%B5%D0%B1%D0%B5%D0%BD%D0%BA%D0%BE%D0%BC%2C%D0%B3%D1%80%D1%83%D0%B4%D0%BD%D0%BE%D0%B5%20%D0%B2%D1%81%D0%BA%D0%B0%D1%80%D0%BC%D0%BB%D0%B8%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5%2C%D0%B7%D0%B4%D0%BE%D1%80%D0%BE%D0%B2%D0%BE%D0%B5%20%D0%BF%D0%B8%D1%82%D0%B0%D0%BD%D0%B8%D0%B5%2C%D0%BF%D0%BE%D0%BB%D0%BE%D0%B2%D0%BE%D0%B5%20%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D1%82%D0%B8%D0%B5%20%D1%83%20%D0%BF%D0%BE%D0%B4%D1%80%D0%BE%D1%81%D1%82%D0%BA%D0%BE%D0%B2%2C%D0%BE%D1%82%D0%BD%D0%BE%D1%88%D0%B5%D0%BD%D0%B8%D1%8F%20%D0%B2%20%D1%81%D0%B5%D0%BC%D1%8C%D0%B5%2C%D1%80%D0%B0%D0%B7%D0%B2%D0%B8%D0%B2%D0%B0%D1%8E%D1%89%D0%B8%D0%B5%20%D0%B8%D0%B3%D1%80%D1%8B%2C%D0%B4%D0%B5%D1%82%D1%81%D0%BA%D0%B8%D0%B5%20%D1%81%D0%BA%D0%B0%D0%B7%D0%BA%D0%B8%2C%D0%B4%D0%B5%D1%82%D1%81%D0%BA%D0%B8%D0%B5%20%D1%84%D0%B8%D0%BB%D1%8C%D0%BC%D1%8B%2C%D0%BF%D0%BE%D0%BB%D0%BE%D0%B2%D0%BE%D0%B5%20%D1%81%D0%BE%D0%B7%D1%80%D0%B5%D0%B2%D0%B0%D0%BD%D0%B8%D0%B5&colc=1650787186418&jsl=8321&uvs=6265037260363acf000&skipb=1&callback=addthis.cbs.jsonp__81351537651825830
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-88-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d98aa0687e86fbb1f5cd8d8a4eb7dd217a5698d0c6c80bf24e4114896c519d1d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 1E4B 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 901D 71 KB
26 KB 45ms
45ms Document
text/html 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Sun, 24 Apr 2022 07:59:46 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.ru.min.json Show response
s7.addthis.com/l10n/ 6 KB
2 KB 158ms
42ms XHR
application/json 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.ru.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-16d7"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Sun, 24 Apr 2022 07:59:46 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 2276

GET
H2 200 181d8ce3c6e36c11fc6d240426fe0a0e-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/81/36/44/813644/image_main/ 44 KB
44 KB 74ms
74ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/81/36/44/813644/image_main/181d8ce3c6e36c11fc6d240426fe0a0e-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 4473f3c3f8541d270e2040eba93ecabc6e9d1a55eb4db735eab8f3f368d18f01

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:30 GMT
last-modified: Sat, 01 May 2021 16:50:04 GMT
server: nginx
etag: "608d86bc-aee1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 44769
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 b65bef2e51beace85376900533acaf7f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/48/82/62/3/4882623/image_main/ 30 KB
31 KB 75ms
74ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/48/82/62/3/4882623/image_main/b65bef2e51beace85376900533acaf7f-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f8f2a604c1bdeb2706adba802dd90f6698a74ccd5e8375a589180852d5950044

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:30 GMT
last-modified: Fri, 30 Apr 2021 14:10:05 GMT
server: nginx
etag: "608c0fbd-79f1"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 31217
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 7f3ade5880fb670f8f46022d6d9bc7f5-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/48/77/69/9/4877699/image_main/ 33 KB
33 KB 75ms
75ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/48/77/69/9/4877699/image_main/7f3ade5880fb670f8f46022d6d9bc7f5-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: 6d93025e7ac604a74c77cda1264b492afe94918444fd80a6a202683b614991d0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:30 GMT
last-modified: Thu, 22 Apr 2021 11:30:06 GMT
server: nginx
etag: "60815e3e-82f6"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 33526
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 71535aba603483908bb67e164a3e35e7-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
kolobok.ua/i/48/81/34/3/4881343/image_main/ 24 KB
24 KB 76ms
76ms Image
image/jpeg 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kolobok.ua/i/48/81/34/3/4881343/image_main/71535aba603483908bb67e164a3e35e7-quality_50Xresize_crop_1Xallow_enlarge_0Xw_367Xh_227.jpg
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: f5045e129c9340344febc5d9f499b425a146fa6e090880581d2ca20a69513b6f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:30 GMT
last-modified: Wed, 28 Apr 2021 14:01:18 GMT
server: nginx
etag: "60896aae-5f67"
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/jpeg
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 24423
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
411 B 130ms
41ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=202832543530482&ev=fb_page_view&dl=https%3A%2F%2Fkolobok.ua%2F&rl=&if=false&ts=1650787186428&sw=1600&sh=1200&at=

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Sun, 24 Apr 2022 07:59:46 GMT

POST
H2 200 z Show response
s.znctrack.net/ Frame 1203 50 KB
23 KB 279ms
136ms XHR
text/javascript 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 71f632d0b879487e08f47bc979ec5696f6820f234e79359d87f9fd2f5ed79fb0

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control: no-cache, no-store
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 23333
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H2 200 add-view Show response
api.phnx.click/articles/stat/ 39 B
246 B 317ms
179ms XHR
application/json 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.phnx.click/articles/stat/add-view?cid=11&site=kolobok&aid=807247&0.08578321801905187
Requested by: Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.0/jquery.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: c24f37ff564a8fad4604b9fb74aac57958b6f0e3ae724595e726cdfbfdee11d7

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 24 Apr 2022 08:01:30 GMT
content-encoding: gzip
server: nginx
access-control-allow-headers: *
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=UTF-8

GET
H2

200

rexdot.js Show response
gaua.hit.gemius.pl/__/_1650787186439/
Redirect Chain

https://gaua.hit.gemius.pl/_1650787186439/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%...
https://gaua.hit.gemius.pl/__/_1650787186439/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok....

169 B
422 B

133ms
133ms

Script
application/x-javascript

54.37.238.28
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://gaua.hit.gemius.pl/__/_1650787186439/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=352&lsdata=FJDMV_CNv7dsoOiE623e0ifZ.1R9rF5LUL0Pu2f0tj3.b7nwztl6CN7Grr16qUWVh7k54_.8sHVz0OpccRyjEBFolEyf/cpL3xMQwJB2UA/&fpdata=RU8cQamZ4qVph2OteN9yljHZ153fxUP2D_adZA_oPWP.17&vis=1&fpcap=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Server: 54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS: ip28.ip-54-37-238.eu
Software: GHC /
Resource Hash: b162e213f6ab4c40f928f87d2f9f19104a8b51bde02de33720d908a7a99da931

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-type: application/x-javascript
content-length: 169
expires: Sat, 23 Apr 2022 07:59:46 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
server: GHC
p3p: CP="NOI DSP COR NID PSAo OUR IND"
location: /__/_1650787186439/rexdot.js?l=100&id=bPo1vw7WgTER_71NnVvIbKPefSsu8CLmU5KMVTfFlKL.27&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fkolobok.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&ltime=352&lsdata=FJDMV_CNv7dsoOiE623e0ifZ.1R9rF5LUL0Pu2f0tj3.b7nwztl6CN7Grr16qUWVh7k54_.8sHVz0OpccRyjEBFolEyf/cpL3xMQwJB2UA/&fpdata=RU8cQamZ4qVph2OteN9yljHZ153fxUP2D_adZA_oPWP.17&vis=1&fpcap=
cache-control: no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
accept-ranges: none
content-length: 0
expires: Sat, 23 Apr 2022 07:59:46 GMT

GET
H3

200

/
www.facebook.com/login/ Frame 3078
Redirect Chain

https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d9...
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook....

0
0

183ms
141ms

Document
text/html

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5d9d4ac385534%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff947f185476828%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js?hash=2cab2dcf1d7aab29b12fe8a294bb967a

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: about:blank
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster:;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 07:59:46 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: limvKwU0jzYfd/lF6TUURz8cRjoIayYFm9xnmpz60fDC/187j85JAQB5Xkeji6LJgCEMRK1gyZaCWbXzjogypQ==
x-fb-rlafr: 0
x-frame-options: DENY
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-length: 0
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Sun, 24 Apr 2022 07:59:46 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
facebook-api-version: v6.0
location: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fadapt_container_width%3Dtrue%26app_id%3D202832543530482%26channel%3Dhttps%253A%252F%252Fstaticxx.facebook.com%252Fx%252Fconnect%252Fxd_arbiter%252F%253Fversion%253D46%2523cb%253Df5d9d4ac385534%2526domain%253Dkolobok.ua%2526is_canvas%253Dfalse%2526origin%253Dhttps%25253A%25252F%25252Fkolobok.ua%25252Ff947f185476828%2526relation%253Dparent.parent%26container_width%3D300%26height%3D345%26hide_cover%3Dfalse%26href%3Dhttps%253A%252F%252Fwww.facebook.com%252Fkolobok.ua.group%252F%26locale%3Duk_UA%26sdk%3Djoey%26show_facepile%3Dfalse%26small_header%3Dfalse%26tabs%3Dtimeline%26width%3D300
pragma: no-cache
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-fb-debug: v4sE7yRwa7GukmOQl87RkxYELN/Oda4rL0/197wqBlB0HZM2oX6/oN4ossSCKF/uUnNARxVib3oq+LMwxi2mAA==
x-fb-rlafr: 0
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 214 B
645 B 139ms
50ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kolobok.ua&callback=_gfp_s_&client=ca-pub-3755662197386269

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204190101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=kolobok.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

1a3c7635495e1b85002d6bbcf930526068bf11b1616a82d621c3cbeee877afa3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 139ms
49ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 137ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 73ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Fkolobok.ua%2F&tn=NAV&cls=top-navbar%20navbar%20navbar-expand-lg%20navbar-light%20bg-light%20fixed-top%20kids_pattern%20justify-content-between%20justify-content-lg-center%20align-items-end&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A414 0
19 B 217ms
136ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1650787186&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkolobok.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186162&bpp=2&bdt=602&idt=304&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7060697850119&frm=20&pv=2&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=321

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:46 GMT
expires: Sun, 24 Apr 2022 07:59:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK dsp.aspx Show response
inv-nets.admixer.net/ 9 KB
3 KB 346ms
139ms Script
application/javascript 204.62.13.72
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=609462351601017.8&cpv=990ad418-9bb5-281a-fbad-51f227af228f&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%224f11ec3f-e317-7539-e052-f698a7edad49%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fkolobok.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221c8e12b6-792b-7784-8ee8-f9d65923755d%22%2C%22tagid%22%3A%22a075cdda-98ba-41a3-b223-8962ea9eb7f3%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1619353633%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%2C%7B%22id%22%3A%2250c1f90e-4bcf-0484-8633-c53a9ac03eae%22%2C%22tagid%22%3A%228ea486a5-d161-46a5-a5a4-b1d24d77a9af%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer1836467761%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A2%7D&am-uid=null&3rdEnabled=true&3rd=true

Requested by

Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

57d288caf8204ce94605421fa41eab7fa4c4da7254634eb2ac6291bc28464013

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:46 GMT
Content-Encoding: gzip
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 3064
X-Xss-Protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 45E4 94 KB
33 KB 576ms
519ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=9882372724&adk=3824879818&adf=3818598067&pi=t.ma~as.9882372724&w=960&lmt=1650787186&psa=0&format=960x180&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186166&bpp=1&bdt=607&idt=335&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RBIeHwpFBH&p=https%3A//kolobok.ua&dtd=342

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b1f077f14d808f4558bd983f89cb01164e431ef43051b7f052053e0426e40a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33965
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:47 GMT
expires: Sun, 24 Apr 2022 07:59:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0625 108 KB
35 KB 611ms
565ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a3af19dd92c2af1af81d60f39cdb14519ecb6fb264e036811c3a2aba1345c21

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 36078
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:47 GMT
expires: Sun, 24 Apr 2022 07:59:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 settings Show response
syndication.twitter.com/ Frame C919 169 B
424 B 237ms
146ms Fetch
application/json 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=5b8ca233a6af6d68f0bb988d3bc09b34259275b9

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fkolobok.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-response-time: 104
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
last-modified: Sun, 24 Apr 2022 07:59:46 GMT
server: tsa_f
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: b2eab1c6085dda817af593e30201eb1e931386b1e34446d018d856fdc84fbb50
content-length: 143

GET
H2 200 layers.fa6cd1947ce26e890d3d.js Show response
s7.addthis.com/static/ 263 KB
76 KB 45ms
45ms Script
application/javascript 104.75.88.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: W/"5f971164-41cf5"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86313600
date: Sun, 24 Apr 2022 07:59:46 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 77617

GET
H2 204 /
loadercdn.net/ 0
170 B 220ms
73ms Image
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadercdn.net/?r=1&u=b0dc1116c51b16a8&d=kolobok.ua
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Apr 2022 07:59:46 GMT
server: openresty

GET
H/1.1 200
OK moment~timeline.55634fd8bf871f86dbe537f50a41349e.js Show response
platform.twitter.com/js/ 25 KB
8 KB 61ms
61ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/moment~timeline.55634fd8bf871f86dbe537f50a41349e.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE6) /
Resource Hash: 4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:46 GMT
Content-Encoding: gzip
Age: 293681
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length: 8084
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:39 GMT
Server: ECS (mil/6CE6)
Etag: "8d39588ffce9da16e8e735f3fdd8f990+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2002b66aa236ee3e1e6728119a7c4b98.js Show response
platform.twitter.com/js/ 20 KB
7 KB 122ms
61ms Script
application/javascript 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/timeline.2002b66aa236ee3e1e6728119a7c4b98.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE7) /
Resource Hash: a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:46 GMT
Content-Encoding: gzip
Age: 293679
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 6371
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:40 GMT
Server: ECS (mil/6CE7)
Etag: "57d65599f609862f8724a6a6475c8c7a+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H2 200 e1eee23f36481a69453f.b.js Show response
cdn.admixer.net/scripts3/45419/ 28 KB
11 KB 70ms
69ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/e1eee23f36481a69453f.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:35 GMT
server: nginx
etag: W/"6257e637-702f"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:42+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:42 GMT

GET
H2 200 fdabe098f34289659a17.b.js Show response
cdn.admixer.net/scripts3/45419/ 42 KB
18 KB 81ms
79ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/fdabe098f34289659a17.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:36 GMT
server: nginx
etag: W/"6257e638-a793"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:42+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:42 GMT

GET
H2 200 84011c43c3075e543c6d.b.js Show response
cdn.admixer.net/scripts3/45419/ 13 KB
5 KB 71ms
70ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/84011c43c3075e543c6d.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:28 GMT
server: nginx
etag: W/"6257e630-326c"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:42+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:42 GMT

GET
H2 200 7103cce7fa6705169441.b.js Show response
cdn.admixer.net/scripts3/45419/ 11 KB
4 KB 71ms
71ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/7103cce7fa6705169441.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:27 GMT
server: nginx
etag: W/"6257e62f-2a79"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:42+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:42 GMT

GET
H2 200 362b590febf83073189a.b.js Show response
cdn.admixer.net/scripts3/45419/ 215 KB
74 KB 83ms
83ms Script
application/javascript 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.admixer.net/scripts3/45419/362b590febf83073189a.b.js
Requested by: Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: 59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id: fr5-up-gc33
date: Sun, 24 Apr 2022 07:59:46 GMT
content-encoding: gzip
last-modified: Thu, 14 Apr 2022 09:15:23 GMT
server: nginx
etag: W/"6257e62b-35ac7"
vary: Accept-Encoding
x-cached-since: 2022-04-14T09:16:42+00:00
content-type: application/javascript
cache-control: max-age=31622400
cache: HIT
expires: Sat, 15 Apr 2023 09:16:42 GMT

GET
H2 200 profile Show response
cdn.syndication.twimg.com/timeline/ 114 KB
8 KB 320ms
221ms Script
application/javascript 192.229.233.50
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.syndication.twimg.com/timeline/profile?callback=__twttr.callbacks.tl_i0_profile_ua_kolobok_old&dnt=false&domain=kolobok.ua&lang=ru&screen_name=ua_kolobok&suppress_response_codes=true&t=1834207&tz=GMT%2B0000&with_replies=false

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.50 Los Angeles, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

tsa_f /

Resource Hash

6d56101134b1780c0ff5b05701887e8810af1349d59c68c589800aa49d131e75

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-disposition: attachment; filename=jsonp.jsonp
server-timing: "x-cache;desc= ,x-tw-cdn;desc=",edge;dur=192
content-length: 7627
x-xss-protection: 0
access-contol-allow-origin: platform.twitter.com
x-response-time: 190
last-modified: Sun, 24 Apr 2022 07:59:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
strict-transport-security: max-age=631138519
x-tw-cdn: VZ
content-type: application/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-connection-hash: 59981f8ff67d252094e493899e047bdb2fcb8ea75231082ec8765351eb979e40
timing-allow-origin: *
x-transaction: 4d29766c7d5e328b
expires: Sun, 24 Apr 2022 08:04:47 GMT

GET
H2 200 mwayss_invocation.min.js Show response
ad.mox.tv/mox/ 29 KB
10 KB 115ms
35ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
last-modified: Tue, 07 Dec 2021 16:48:38 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"61af9066-72a8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 24 Apr 2022 08:59:47 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 189ms
188ms Image
image/gif 204.62.13.72
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/ev_view.aspx?cc=GB%2FENG%2FMAN%2F2643123&am-uid=a599687bd29940b98276add61f369c42&zone=A075CDDA-98BA-41A3-B223-8962EA9EB7F3&device=28&rule=990B1948-8B56-4DA2-BD8C-4C29C86D9944&requestId=761e5d79-b9dd-485d-824a-3b7edcd259eb&hp=-1705868720&page=kolobok.ua%2F&ts=637863839867451344&ap=MTA%3D&asign=-1883424628&markups=ZG1wZj0wJmRtcHA9ZmFsc2UmY3J0Zj0wJmNydHA9ZmFsc2UmY3J0YXRzPTAmYWRtZj0wJmFkbXA9ZmFsc2UmdGRmPTAmdGRwPWZhbHNlJnRvdGY9MCZ0b3RwPWZhbHNl&bt=3&carr=M247+Ltd&connt=1&devt=2&isapp=0&make=Google&mod=Google+Chrome+-+Windows&os=Windows+10&osv=NT+10.0&adtype=2&extpubid=062B620D-5416-41A1-BA3B-039A61232E29&inst=ADS-NYC-1&pxl=0&pvid=bd57d253-f1df-4afc-bea7-40d25c14aa10&ip=217.138.196.103&item=C47A83CC-55B9-42E4-B331-49ED6E236C96&crid=C47A83CC-55B9-42E4-B331-49ED6E236C96&profile=7C88FCBA-DD81-4892-A724-C3969B97E235&isopt=0&adv=Mediawayss&dsp=UMH+Digital&dmp_pr=MA%3D%3D&dstUrl=&cet=4&sw=[e=screen.width]&sh=[e=screen.height]&sf=0

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:47 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

POST
H2 200 z Show response
s.znctrack.net/ Frame 9803 102 B
447 B 71ms
71ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.znctrack.net/z
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash: 4156c6c84c92409761867d4794d02e607f40afd295c05be6e5f44db7612be831

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language: eyJ4LXBvc3QiOiIxIn0=
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://kolobok.ua
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 102

GET
DATA 200
OK truncated
/ 192 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 dinroundpro.woff2
kolobok.ua/fonts/ 35 KB
35 KB 74ms
73ms Font
application/octet-stream 193.29.200.162
UMHAS

General

Check archive.org

Show headers Download Go to

Full URL: https://kolobok.ua/fonts/dinroundpro.woff2
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/css/style.min.css?8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software: nginx /
Resource Hash: a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834

Request headers

Referer: https://kolobok.ua/css/style.min.css?8
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:01:30 GMT
last-modified: Fri, 07 Dec 2018 07:55:56 GMT
server: nginx
etag: "5c0a278c-8a10"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/octet-stream
access-control-allow-origin: https://kolobok.ua
cache-control: max-age=315360000
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: *
content-length: 35344
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 45E4 9 KB
4 KB 132ms
43ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=9882372724&adk=3824879818&adf=3818598067&pi=t.ma~as.9882372724&w=960&lmt=1650787186&psa=0&format=960x180&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186166&bpp=1&bdt=607&idt=335&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RBIeHwpFBH&p=https%3A//kolobok.ua&dtd=342

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 05:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 05:51:12 GMT

GET
H2 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame 45E4 8 KB
4 KB 129ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 05:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 05:51:12 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 45E4 8 KB
1 KB 139ms
52ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 07:57:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 07:59:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 07:59:47 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 45E4 2 KB
904 B 126ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:56:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 45E4 19 KB
8 KB 131ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:56:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 45E4 3 KB
1 KB 111ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:57:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45E4 119 KB
37 KB 157ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 07:59:47 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 45E4 15 KB
6 KB 140ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:46:16 GMT

GET
H3 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame 45E4 30 KB
12 KB 125ms
42ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 14:06:22 GMT

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 0625 9 KB
4 KB 98ms
46ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 05:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 180515
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Wed, 20 Apr 2022 08:44:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 21 Jul 2022 05:51:12 GMT

GET
H2 200 941aba49c4a9a4a77bd31b3f24758f2e.js Show response
www.gstatic.com/mysidia/ Frame 0625 132 KB
49 KB 100ms
49ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b731f41ef96931e56af4ad0f58b8e9a58e9b534e8a4bb5599ad1be872c323b37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:08:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237094
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49806
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 14:08:13 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0625 8 KB
965 B 102ms
53ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 07:53:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 07:59:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 07:59:47 GMT

GET
H2 200 impress Show response
ad.mox.tv/delivery/ 18 KB
10 KB 74ms
74ms XHR
application/json 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/delivery/impress?ctype=div&act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=kolobok.ua&top_url=https%3A%2F%2Fkolobok.ua%2F&domain=kolobok.ua&url=https%3A%2F%2Fkolobok.ua%2F&referrer=&async=1&uid=8938598627
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 6b3de80a9f039cd539102e303c613d3c84945123c9f2aeea48c63fdb1ac83ab1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://kolobok.ua
date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 0625 2 KB
904 B 64ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:56:16 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 0625 19 KB
8 KB 93ms
54ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:56:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:56:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 0625 3 KB
1 KB 63ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:57:40 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 0625 15 KB
6 KB 121ms
82ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:46:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 811
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:46:16 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0625 119 KB
36 KB 156ms
117ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 07:59:47 GMT

GET
H3 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame 0625 30 KB
12 KB 75ms
40ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 14:06:22 GMT

GET
H2 200 swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 15 KB
4 KB 183ms
64ms Stylesheet
text/css 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13558193
fly-request-id: 01FMS77QYFR7T91A14VZPZC4YW
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 700d4d31185901f4-ZRH

GET
H2 200 achernar.min.js Show response
ad.mox.tv/js/achernar/ 11 KB
4 KB 73ms
48ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/achernar.min.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 14:47:09 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6213a5ed-2b1e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 24 Apr 2022 08:59:47 GMT

GET
H2 200 prebid.js Show response
ad.mox.tv/js/achernar/ 237 KB
71 KB 72ms
50ms Script
application/javascript 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/js/achernar/prebid.js
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
last-modified: Fri, 22 Apr 2022 10:13:13 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62627fb9-3b3ea"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Sun, 24 Apr 2022 08:59:47 GMT

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ 84 KB
28 KB 142ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f0587538d12f59dd42ad64d424a607c735ef5d6546516ff51320c1124ec8a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28700
x-xss-protection: 0
server: sffe
etag: "1195 / 314 of 1000 / last-modified: 1650665455"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 24 Apr 2022 07:59:47 GMT

GET
H2 200 swiper-bundle.min.js Show response
unpkg.com/swiper@7.3.0/ 132 KB
38 KB 154ms
60ms Script
application/javascript 2606:4700::6810:7aaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13558235
fly-request-id: 01FMS76ETJSXZKGZGFZVHH4A5S
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 700d4d31185e01f4-ZRH

GET
H2 200 mwayss_invocation.min.css
ad.mox.tv/mox/ 3 KB
850 B 66ms
47ms Stylesheet
text/css 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by: Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 35 B
373 B 155ms
43ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:47 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 magic.png
bgstats.mox.tv/ 0
66 B 130ms
35ms Image
image/png 167.71.9.19
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bgstats.mox.tv/magic.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
server: nginx/1.14.0 (Ubuntu)
content-length: 0
content-type: image/png

GET
H2

200

sync
odr.mookie1.com/t/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=2dc386a0-9fb6-4ca3-adda-c642773ed699&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=2dc386a0-9fb6-4ca3-adda-c642773ed699&gdpr=0&gdpr_consent=
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2d4535db-87e2-47cf-8692-cfa7a237739c&ssp=prodoohmox&gdpr=0&gdpr_consent=

43 B
356 B

106ms
40ms

Image
image/gif

34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2d4535db-87e2-47cf-8692-cfa7a237739c&ssp=prodoohmox&gdpr=0&gdpr_consent=
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:47 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: //odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=2d4535db-87e2-47cf-8692-cfa7a237739c&ssp=prodoohmox&gdpr=0&gdpr_consent=
Date: Sun, 24 Apr 2022 07:59:47 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 close.png
ad.mox.tv/images/ 15 KB
15 KB 145ms
129ms Image
image/png 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/images/close.png
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 3eb4c5a5b9cbe9aca2ac1ea7729ee61b277819a7a7e2d0c657db0ac2f12efcfc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-3ca2"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 15522
expires: Sun, 01 May 2022 07:59:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 45E4 0
0 83ms
82ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COYHWcgNlYsCgKMiGrr4Pm8S1uAWEzu3wTc6hgvSaCKGA2OqnAhABIMbgi3lgu4aAgNAKoAHPy7HQA8gBAakCCd0lCiWKtT6oAwHIA8sEqgTqAU_QwqrhXTtNB-H2m-5-SsbWM-UzJGQcE1-ustKt4tmqMIoSp9Rvlme6gt14g6oKIbsHKCw2CY56QvcIQUNGrnrLu97ikPIXAenJh6o4xeyMdYx4NheQzl582l6XToB8A2fYVSzpOp0kEp0nLCmXMmMPoNuynSb2eVgUU3krLBo6gPqpK6fxx8sejlLr73xfogc8c_1U1rNwKFodl3YzjbtBR5IoZs77bWAY-iXvRVZUk3aSfA8q-W4GYcgFVWg38AMGwgzs2f5kNMU4EJdCatJPfSk741PE0qOmqmFFvcwG8CreFktki2P2x8AE2err1SCSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAHmbTOL6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEI-2CdIICQiA4YBwEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0zNzU1NjYyMTk3Mzg2MjY5GAA&sigh=cc4Ct_IZ8sw&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=9882372724&adk=3824879818&adf=3818598067&pi=t.ma~as.9882372724&w=960&lmt=1650787186&psa=0&format=960x180&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186166&bpp=1&bdt=607&idt=335&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RBIeHwpFBH&p=https%3A//kolobok.ua&dtd=342
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Apr 2022 07:59:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Apr 2022 07:59:47 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F3D8 143 B
163 B 40ms
40ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=180&slotname=9882372724&adk=3824879818&adf=3818598067&pi=t.ma~as.9882372724&w=960&lmt=1650787186&psa=0&format=960x180&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186166&bpp=1&bdt=607&idt=335&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=330&ady=85&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=RBIeHwpFBH&p=https%3A//kolobok.ua&dtd=342
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 3032
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 07:09:15 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 0625 2 KB
2 KB 41ms
41ms Image
image/png 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 18:13:44 GMT
x-content-type-options: nosniff
server: cafe
age: 49563
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
etag: 9923804599063086578
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2033
x-xss-protection: 0
expires: Sun, 24 Apr 2022 18:13:44 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/88019534090270392/ Frame 0625 2 KB
2 KB 46ms
43ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/88019534090270392/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edc82838d493cfae4dabce623d9bb4d6d0cdb2cdbc04121afc8738a7f5ae0e45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 01:36:54 GMT
x-content-type-options: nosniff
age: 22973
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1721
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 22:04:51 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Apr 2023 01:36:54 GMT

GET
DATA 200
OK truncated
/ Frame 0625 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 204 csi
csi.gstatic.com/ Frame 0625 0
54 B 1033ms
370ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l2d02hso&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&sei=21062100%2C44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/14645774982113863395/ Frame 0625 96 KB
96 KB 41ms
41ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14645774982113863395/downsize_200k_v1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae79d0e217643fd3bf26c1ee3036a276bbe875a82884e1d60524a9fff374c0de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 12:56:53 GMT
x-content-type-options: nosniff
age: 586974
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98130
x-xss-protection: 0
last-modified: Fri, 26 Mar 2021 22:04:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 17 Apr 2023 12:56:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0625 0
0 83ms
83ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CDOF-cgNlYr-GJYLVtwea9paIB_ju6Plnp966oNgN9IagpdcpEAEgxuCLeWC7hoCA0AqgAdCQ1_0DyAEJqQIJ3SUKJYq1PqgDAcgDywSqBOoBT9Ayf1E8IW0tbU0OCwMbXIuQCXVmiT0Tu6uGEw4HO-1zbHpQJ1GRPffrf1M4cQi7QmLm2BRRznM1LEi4swYa-390i5iwC019lexadPm4E_wq-szeqwKPN6kfRLw84Eww1DzQO5DyI3oFCK_f4Qg7AfrSSgsonSnCCVq6rwHFSKeHNnQbw3a78kR5kRwcWMdw9xsfEbMXew5-TwXJuiS_HR5x-HrLqbVwg4aOFEQ1RonaQq3pNiLqPixKUqYt9HbSR1lA-z8AM_n40UWrthgTLRZ38Bbk31aa_Mr0H7zXuL9owNnKa3PZZJ1CwASHiOPLwAOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHmO-oAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEMO1Z9IICQiA4YBwEAEYH4AKAcgLAbgTnBvYEw2IFAfQFQGYFgGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=SZcIp3g3Hqo&uach_m=[UACH]&template_id=3484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sun, 24 Apr 2022 07:59:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sun, 24 Apr 2022 07:59:47 GMT

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ Frame 4098 53 KB
12 KB 65ms
63ms Stylesheet
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: 8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:47 GMT
Content-Encoding: gzip
Age: 293682
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:32 GMT
Server: ECS (mil/6CE4)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H/1.1 200
OK timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
platform.twitter.com/css/ 53 KB
53 KB 62ms
61ms Image
text/css 2606:2800:234:46c:e8b:1e2f:2bd:694
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://platform.twitter.com/css/timeline.2fcb295ab98c2ce26f4cca0d2b2d0f48.light.ltr.css
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (mil/6CE4) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:47 GMT
Content-Encoding: gzip
Age: 293682
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: "x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Content-Length: 12144
x-tw-cdn: VZ
Last-Modified: Wed, 13 Apr 2022 12:14:32 GMT
Server: ECS (mil/6CE4)
Etag: "fb5a989a2b36d6be5344baad6a1936fd+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000

GET
H3

206

videoplayback
r1---sn-aigl6nl7.gvt1.com/ Frame 0625
Redirect Chain

https://redirector.gvt1.com/videoplayback?id=0434ac11bea8b047&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1650794387&sparams=ip,ipbits,expire,id,...
https://r1---sn-aigl6nl7.gvt1.com/videoplayback?id=0434ac11bea8b047&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1650794387&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...

561 KB
561 KB

110ms
30ms

Media
video/mp4

2a00:1450:4009:12::6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-aigl6nl7.gvt1.com/videoplayback?id=0434ac11bea8b047&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1650794387&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=336C6BFCC0C79830B4E8A78E62D69B8FAF132DA8.34B6061B6BFA76F6D7FFEEAD8706CC785D3F4F11&key=cms1&cms_redirect=yes&mh=ov&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigl6nl7&ms=nvh&mt=1650786737&mv=m&mvi=1&pl=48

Requested by

Protocol

Server

2a00:1450:4009:12::6 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

f808bb2768fa43845c8a69532ce00c7368cfaf7ebb3eabb87a3afc5142ce1aa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
x-content-type-options: nosniff
last-modified: Mon, 14 Feb 2022 13:56:50 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
Content-Range: bytes 0-574775/574776
client-protocol: quic
cache-control: private, max-age=6900
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 574776
expires: Sun, 24 Apr 2022 07:59:47 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:47 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r1---sn-aigl6nl7.gvt1.com/videoplayback?id=0434ac11bea8b047&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1650794387&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=336C6BFCC0C79830B4E8A78E62D69B8FAF132DA8.34B6061B6BFA76F6D7FFEEAD8706CC785D3F4F11&key=cms1&cms_redirect=yes&mh=ov&mip=2001:ac8:21:e::10&mm=28&mn=sn-aigl6nl7&ms=nvh&mt=1650786737&mv=m&mvi=1&pl=48
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 704
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 45E4 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12a2e37cf9365c6322d859f383c809e707d6e30972a27c327ea78d69fdbf1487

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0625 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d626dd90c4757f69fb5216bbd2ceac1461cb0eb4e27147508fb39a3e8da0898

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 omZMXr6F_normal.jpg
pbs.twimg.com/profile_images/905017721569640448/ Frame 4098 2 KB
3 KB 264ms
60ms Image
image/jpeg 2606:2800:134:fa2:1627:1fe:edb:1665
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pbs.twimg.com/profile_images/905017721569640448/omZMXr6F_normal.jpg

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (mil/6CEF) /

Resource Hash

be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
x-content-type-options: nosniff
age: 532047
x-cache: HIT
server-timing: "x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
content-length: 2415
x-response-time: 124
surrogate-key: profile_images profile_images/bucket/0 profile_images/905017721569640448
last-modified: Tue, 05 Sep 2017 10:38:13 GMT
server: ECS (mil/6CEF)
strict-transport-security: max-age=631138519
x-tw-cdn: VZ, VZ
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: max-age=604800, must-revalidate
x-connection-hash: 5e7251b8332c15705f7c4802ea7d1830a8b48e6215829e1db58b7e5baa9c1951
accept-ranges: bytes
timing-allow-origin: https://twitter.com, https://mobile.twitter.com

GET
H2 200 pubads_impl_2022041801.js Show response
securepubads.g.doubleclick.net/gpt/ 362 KB
124 KB 143ms
42ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1584
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125970
x-xss-protection: 0
last-modified: Mon, 18 Apr 2022 08:34:56 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 24 Apr 2023 07:33:23 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 297 B
781 B 149ms
49ms XHR
application/json 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=kolobok.ua

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

22da82d1cbd97e36fa29018fc8a8669d238cd378094f1217814ddcf51f85ced3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144
x-xss-protection: 0
expires: Sun, 24 Apr 2022 07:59:47 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 45E4 28 KB
28 KB 141ms
42ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 380767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:13:40 GMT

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 0625 28 KB
28 KB 180ms
84ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 380767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:13:40 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame F3D8
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

103ms
103ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 07:59:47 GMT
expires: Sun, 24 Apr 2022 07:59:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 24 Apr 2022 07:59:47 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 0625 0
327 B 805ms
370ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l2d02hta&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F583c04eba622323b1bc7d6fda2f57e1e.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0625 0
54 B 807ms
372ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l2d02hzl&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F941aba49c4a9a4a77bd31b3f24758f2e.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0625 0
54 B 805ms
370ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l2d02hzm&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F3bde1d5944145a46a8b91d920db5ec4d.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
380 B 150ms
150ms Image
image/gif 104.244.42.8
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Fkolobok.ua%2F%22%2C%22widget_frame%22%3Afalse%2C%22widget_data_source%22%3A%22profile%3Aua_kolobok%22%2C%22query%22%3Anull%2C%22profile_id%22%3Anull%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1650787187707%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c8fe9736dd6fb%3A1649830956492%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22timeline%22%2C%22component%22%3A%22timeline%22%2C%22element%22%3A%22initial%22%2C%22action%22%3A%22results%22%7D%7D&session_id=5b8ca233a6af6d68f0bb988d3bc09b34259275b9

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.8 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 107
pragma: no-cache
last-modified: Sun, 24 Apr 2022 07:59:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: b2eab1c6085dda817af593e30201eb1e931386b1e34446d018d856fdc84fbb50
x-transaction: 91a5503102348d9e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0625 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/interaction/?ai=C3SgNcgNlYr-GJYLVtwea9paIB_ju6Plnp966oNgN9IagpdcpEAEgxuCLeWC7hoCA0AqgAdCQ1_0DyAEJqQIJ3SUKJYq1PqgDAcgDywSqBO0BT9Ayf1E8IW0tbU0OCwMbXIuQCXVmiT0Tu6uGEw4HO-1zbHpQJ1GRPffrf1M4cQi7QmLm2BRRznM1LEi4swYa-390i5iwC019lexadPm4E_wq-szeqwKPN6kfRLw84Eww1DzQO5DyI3oFCK_f4Qg7AfrSSgsonSnCCVq6rwHFSKeHNnQbw3a78kR5kRwcWMdw9xsfEbMXew5-TwXJuiS_HR5x-HrLqbVwg4aOFEQ1RonaQq3pdCDbrKLzkIS-NmdHg1jRP3vKiYQxQ363vKQZBg77e8zGTLY07eTsoDQLuS6Ofszmc4kIxuCLcu-5wASHiOPLwAOgBi6AB5jvqAKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAcBABGB-xCSEwgndAno7SgAoBmAsByAsBgAwBuAwBuBOcG9gTDYgUB9AVAZgWAfgWAYAXAQ&sigh=AjRKJmJcvec&cid=CAQSGwCNIrLMf_IsWPkrxNjBjRLS9vLudYes2d8Jog&label=adresume

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AB9 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178755
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:20:32 GMT

GET
DATA 200
OK truncated
/ 211 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H/1.1 200
OK prebid.1.2.aspx Show response
inv-nets.admixer.net/ 42 B
500 B 164ms
164ms XHR
text/javascript 204.62.13.72
NATCOWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://inv-nets.admixer.net/prebid.1.2.aspx

Requested by

Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

Date: Sun, 24 Apr 2022 07:59:47 GMT
Server: nginx
P3p: CP="NID DSP ALL COR"
Access-Control-Allow-Origin: https://kolobok.ua
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/javascript; charset=utf-8
Keep-Alive: timeout=25
Content-Length: 42
X-Xss-Protection: 0

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 134ms
50ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kolobok.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 132ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kolobok.ua

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 07:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
10 KB 416ms
331ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3775603991270847&correlator=276792473639174&eid=31063378%2C31067095%2C31067209%2C44759850%2C31064019&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_kolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=3748113755&sfv=1-0-38&ecs=20220424&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D06a3e642d69b2601-225a97d77ecd00df%3AT%3D1650787186%3ART%3D1650787186%3AS%3DALNI_MYvJztLPHFT3amJOv7mmgU3SpMKYA&abxe=1&dt=1650787187895&lmt=1650787187&dlt=1650787185560&idt=2282&biw=1600&bih=1200&adxs=310&adys=1208&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=true&btvi=1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

ee968ba0acf63288590c042859f6ac4bb54022f954706f9aa5210a7320a9369a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9822
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 58 KB
13 KB 474ms
389ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3775603991270847&correlator=276792473639174&eid=31063378%2C31067095%2C31067209%2C44759850%2C31064019&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_kolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=1490098338&sfv=1-0-38&ecs=20220424&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D06a3e642d69b2601-225a97d77ecd00df%3AT%3D1650787186%3ART%3D1650787186%3AS%3DALNI_MYvJztLPHFT3amJOv7mmgU3SpMKYA&abxe=1&dt=1650787187900&lmt=1650787187&dlt=1650787185560&idt=2282&biw=1600&bih=1200&adxs=310&adys=1208&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=true&btvi=2&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

10bc15f7d18071d176f3868430f0f04a352a387003015a402c73858adaac91e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 18 KB
10 KB 587ms
502ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3775603991270847&correlator=276792473639174&eid=31063378%2C31067095%2C31067209%2C44759850%2C31064019&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Ckolobok.ua_C_WW_728x90_%2C728x90&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=826581836&sfv=1-0-38&ecs=20220424&fsapi=false&sc=1&cookie=ID%3D06a3e642d69b2601-225a97d77ecd00df%3AT%3D1650787186%3ART%3D1650787186%3AS%3DALNI_MYvJztLPHFT3amJOv7mmgU3SpMKYA&abxe=1&dt=1650787187903&lmt=1650787187&dlt=1650787185560&idt=2282&biw=1600&bih=1200&adxs=310&adys=1208&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=true&btvi=3&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

9e221cd2da06d8c59f44e133e090f645cf49a33f45a1b82f0983e15ef87f6c4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10228
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 117 KB
36 KB 672ms
588ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3775603991270847&correlator=276792473639174&eid=31063378%2C31067095%2C31067209%2C44759850%2C31064019&output=ldjh&gdfp_req=1&vrg=2022041801&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Ckolobok.ua_C_WW_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C980x120%7C980x90%7C970x90%7C970x66%7C960x90%7C950x90%7C930x180%7C750x200%7C750x100%7C728x90%7C468x60%7C336x90%7C321x123%7C320x100%7C320x50%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&adks=2562182862&sfv=1-0-38&ecs=20220424&fsapi=false&sc=1&cookie=ID%3D06a3e642d69b2601-225a97d77ecd00df%3AT%3D1650787186%3ART%3D1650787186%3AS%3DALNI_MYvJztLPHFT3amJOv7mmgU3SpMKYA&abxe=1&dt=1650787187906&lmt=1650787187&dlt=1650787185560&idt=2282&biw=1600&bih=1200&adxs=310&adys=1208&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fkolobok.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=980x-1&msz=980x-1&fws=516&ohw=0&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=true&btvi=4&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

50dd02e62490e5d09a7501b95ccbfb9cbf3889dff24b6ccbf0ab39c7b1552e67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36715
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://kolobok.ua
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1DB1 6 KB
4 KB 166ms
48ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:48 GMT
expires: Mon, 24 Apr 2023 07:59:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 144ms
103ms Image
text/plain 204.62.13.72
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=8ea486a5-d161-46a5-a5a4-b1d24d77a9af

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Apr 2022 07:59:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H/1.1 204
No Content logcz.aspx
inv-nets.admixer.net/ 0
220 B 248ms
103ms Image
text/plain 204.62.13.72
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://inv-nets.admixer.net/logcz.aspx?zone=a075cdda-98ba-41a3-b223-8962ea9eb7f3

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 24 Apr 2022 07:59:48 GMT
Access-Control-Allow-Credentials: true
Server: nginx
Connection: keep-alive
Keep-Alive: timeout=25
X-Xss-Protection: 0

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame FAE0 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:20:32 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0625 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET ads
googleads.g.doubleclick.net/pagead/ Frame F4B0 0
0

GET page.php
www.facebook.com/v3.2/plugins/ Frame 8AE9 0
0

GET /
exchange.informer.ua/informer/stat/ Frame A9DE 0
0

GET /
exchange.informer.ua/informer/stat/ Frame F310 0
0

GET /
exchange.informer.ua/informer/stat/ Frame 9E93 0
0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 56ms
56ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220420&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e7f3f599d8cd1ac4684bda0c75a8e6e0abf4b8fcb61af597cb9704d792fcdb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10558
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 container.html Show response
8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 7A86 6 KB
3 KB 125ms
41ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:48 GMT
expires: Mon, 24 Apr 2023 07:59:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 43ms
43ms Image
text/html 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=NldFRnVzWXo1VDlvV0JsS2dSUHBGOWlFV0Y2bmwyYWIwbWdXNkJpd2lKT3AxQUtYODNUNXprWTMxNk9IU05ON2svNnZyazlBUlFsOTRmaE5MeDk0dndueldFUFUwYVVrdlhQejBidEVCRTBUWFpZWXc2OXpkTjVjNUpDakRnbEN2Rlo5cXZCc3NDRzJZQkJMYy9xQVg1WlRMd0ZtWk45aS9TWnM0MDFyN0hMbHVuT3pZc1FiOVVwaXpPejlHRWxOMmx2N2J6enhlU2g1Q0hRbmE5NlNFbmZKSENsSlFHMXBRUDR1b3Zyc1lxUGcvUmZrUE5nUlBpRXJ6ZC9PeXV5ZlZPNkFJZlhQR2xxYW1oZThYeFhqSGc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 07:59:48 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012203150226000/ Frame 6518 222 KB
62 KB 149ms
45ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 163710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62084
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "fa1474a6dd6481f4"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 6518 16 KB
6 KB 221ms
118ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 163710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5728
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "d91e62368f79b48d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 6518 96 KB
29 KB 225ms
122ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 163710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29618
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "9a9baa9802fa29d2"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 6518 5 KB
2 KB 253ms
150ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 163710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1900
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "3393210d007db9ca"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 6518 42 KB
13 KB 245ms
142ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 163710
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13669
x-xss-protection: 0
server: sffe
date: Fri, 22 Apr 2022 10:31:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "565eca32a909292d"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 22 Apr 2023 10:31:18 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 6518 8 KB
892 B 133ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 07:28:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 07:59:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 07:59:48 GMT

GET
H3 200 ru.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6518 3 KB
3 KB 41ms
41ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/ru.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 05:59:37 GMT
x-content-type-options: nosniff
server: cafe
age: 7211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6726277462267614359
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3041
x-xss-protection: 0
expires: Mon, 25 Apr 2022 05:59:37 GMT

GET
H3 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 6518 344 B
368 B 41ms
41ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 06:46:14 GMT
x-content-type-options: nosniff
server: cafe
age: 4414
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 6766994032117382215
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Mon, 25 Apr 2022 06:46:14 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6518 0
0 139ms
52ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ7A3bS-49u6wNEv3QX7I0tfLPj0r3c98VRt6odUWhvQuHuSq1QEigdmisuxim-7ukT_Qn7p5XGMuiJ2WETsTjSR0MvJQ
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 6518 0
0 88ms
88ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CXZERdANlYumHA_6Ax_AP-4C0iAaIzN7cab6_gbvpD5aCzYWIFhABINLIxnxgu4aAgNAKoAGbjPOYA8gBCakC6vCDEzIfsj7gAgCoAwHIAwqqBPsBT9B5draQ1wkjE2Jlq_Cqm-xTA7lkE9wOk-8iiC0Oo7AOsKpE4dS9x4ZQ_nLWzXiyKuziW7xQcJ0b7cSEcIeZbkzyfb1MuJLhu2_5FndAHKBdb3fAmkGj1LGY1jnIpRkBEo-6MEBb1SNtJ_kcO09Ka1tudNmGTPgRKmcPrKbtX9iOQTm2UIhw991z2Jt80mZ6FceIR2_YG9sYzgGKHA9sa89v3YnRvWc50L45IR5QrOJ__mmBztXY7MG3dBB6HbiUkSpdQV-0KZHidODmGZKkt4_2xvxF6zVZcT48ZTm5vWOR7OMUjWKdOuWa6BKDuj26-3LadekOWeSteYDABObXgIfxA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfN84xnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQmPUt0ggJCIDhgBAQARgd8ggbYWR4LXN1YnN5bi0yOTYwMDYzNTQwMjEyNzI4gAoDyAsBuBOIJ9gTDNAVAZgWAYAXAbIXHgocCAASFHB1Yi0xMjkwOTk1OTAxOTA1NTg4GLuJdg&sigh=XoJc4PySdnw&uach_m=[UACH]&template_id=5000
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 42ms
42ms Image
text/html 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=RU9vSS9zUHBoMDVZL0ZJSlVOMm0xMkZhZTh6d2lxUVpQTU1xYm11WXQ2cWtkcGRna0lnZW9ERFhMRHBtQVlJRVBmNnJ0ZWtDRXgxWWlDbUVRMnQzN2NSK2w5RkhCRlBGUTBqK1ZBYjl0YmFkdWJETFNtRUc4OFhOUnlBRURQbEZWQ2hZcDkxbDZtMWcyRmhkKy9vb2NUMnQ4V2NpM2J0RmRJWHp3ZFduSEg0WTNHZERvR084dVFsUUxtVUc1ZTdMTTdLNlVMa29KQUtwcEpOdkxKZXJ1eUxOVG41S2E0RSs0cHhHVTQxZWx6TmFLby9vM3NRcDF2cVpCRTZxRnk3Uw%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 03C7 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 226
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:56:02 GMT
expires: Mon, 24 Apr 2023 07:56:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3376 783 B
535 B 112ms
55ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d053b3394c0c63056d08da72b151ddee65a7af7993f49034bea5f502eb451b48

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-iYB5pLwKd6pdj+PA7G5SLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-iYB5pLwKd6pdj+PA7G5SLA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:48 GMT
expires: Sun, 24 Apr 2022 07:59:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CD05 624 B
297 B 70ms
69ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi93pe8ATAB&v=APEucNXVPuzjRz4-W-SUEFEdB-IoJlDA2Yv3D1cTgbRB6iS5Fx92qv3kf3nVtumQ_o-rZFoko0XbRD-6EVczc3-MHyi-is71Bsa1Qw1l8rYomjjuTQZ6P1dPlM0VP9zKRADJm2S7-TVKkZyUq023v_dqVnM29viaSFbenJNPbVXpmqWxxTZeykY

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7A86 61 KB
30 KB 86ms
85ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnoOxg2xcusovFksYOk3t2fz3pR2PBdNrX27E2FchDowuAN9qABQSZVWBDZfYmkD2kuGteyT3YTZqjbfuvCFevqISEjg_-OLdzxNzU0Rpjgd6xSWwsnJjBSuA17zcJVe0b1U8g3sa4QVMQIN4k_yoCgt5pSg&dbm_d=AKAmf-BM4ieyeNrd2lLQeA_pujVFrcgl81rM3wDLCp8BnJFf5l4JrYFQFdqGIImAQcSY9Wxibd7I7Li70bWMEhDl8Vvqobdfh5g1q6JpOIMSf2tzGZT3DH_XCEDZlsJvk2c9799oGv5syYmPUSVsz-EJuUFZTK6pwgqDu0Ty6b4RVmx2hkiUmAqEd-dk_Utp-lRj4y9MigWCKj0Y7dVlV3yDbpCsP3wVjujCFy1JSGMYekSMkSQ4IFFsXnJz5h7OzzesQvLlOdhal41qfmiLPqy-cdI_fRPw293sK48dtTeSjPUs0wwgU2sTizT7YytgH3OIucg3-nTuucrs3w2g1hInQlO-Oj7v-CkxB11QNMUk_dvH5JAyeFOj5mkToOdr3ncuLnzZTao6G4CKuj6jYylGOt_KUZrjjM1cuv5LHQ_TeKizCUXYcNN2EKiubQcWEl0R8D0JkMUdHc-hq1HsNczJGwewhNkSlNey6uVNxhRRInVDtS1V-sTYMt7rrZDMrOBk7cS8D3JnC06OmaKSgrNPE05DVBFwqFQWjgxvEPYaGDGlcgSL0xSS5RAktKX01_z9EGL6mn9144bFOZ_CKqKpoRz8pQahFCci07H-W1YbebWybXjddE8EzDJQC_xGPbO3wyuW6FlWNTKQ2KVFjj6Q2a5q4KoBZ1UK0bfNsb1d1PGwLfHqt9774eFNLTyVTX7VsDjgXAauJ49mn8hXuV1LkyCygFkeIK64DvJRljY-kMa_GtvTXduDvusRVEqb9FhzN4RAxpenW8vHLdUGmDRaSnlkZMlM_xMUMSty8Q6QoXM5G9z82huYFukx-1y8z8BDfdU_6NAl7wgWNZuwqWg2HAC9Ie17Koc6VINn7umDpqdk7scrDnSp_4L1J6R46zC1rkqdvhr-v0MZR5oZ3Rzw4Hy_Cms6TVWIexSN1a6fEjsbiUcjPmFhkcJOnXAezMs3e5834AaLxWa1y2K1v7wfzoFdMCFNxmIDdgIUiqTnW8L21nuK0AXwLI1CWqtB1CdfI3No91aGfoo56kgBK-12Pqd76jk5Ur6gGi59NnRyuo2Mnvm8L5h4840myoaA5UM4n82Y8b4FDpZyB3O2eKR4kOfBiIr3oLB5ft4J-2M_mCFbJfw_POK_xBfRdp_Ckj6HFAWIrnllyeVZh9OJrpuGnI9JxRetSno0o2Dx0wGr2sg0lXw_0C36mUltY7eGEdJ8orxffclJWDQYyr6QA3ST83UpYItDoOaPDsvYaGbgF40cC85p6XPF9UHGqmSBgnHIIOtoq7rgMm8T7SYyNjBLjmuS8BlPnySK_YC0QSNS9O4UUmlSQVc3buqNv3wGbNz6vPL1P0LizwzQSXARPSq0o3oTHX6HLu2QwXIZcDXNwkwQziDr91IdxgCX07DjAdMDQDFwSJl6amUOjoYHitjBFej5wJr8afEFZgIVAyitYb_3iG-67EWWf7OCoj0wZaCfPZl3FY_nSZV3rXxzyj6A4GA9wXI2eu2JxLTm2z91xbh0GCNL-p1SUqQIsulSrodWiQIcRHiVBgZSfoQw7LonmaJs-xpqQlldYpztOH9CHhcYiL4gIutCvbcxnuGCUYhzEnRrgUmkHVHPu_svoI6bZHHWSnSR8ehk8pIF0Zxr3VNEFiLHHfOky7NoyTad646e9qtRT3chfg4TH7ZFEJsoPYNeUZDB1rVd5SfDDMwvXjtH-nPOtz4fb6t4tfsNe8qbA-kSApao2je6AtPFyCz-jb87Uf19SmuIngMQTGEXkOwZvktZ7yIui8I_o4oKjgUCfAvRGfSoCvIF1ckaNqF5qIT21Mc-SNGhf3oKUtG1ThFYuyj1kMO9UG3P6ivi_OdovekAn22TIuvdad0rn7L-Ji4LabCqDsxvCT-1J76CetgJRyANl3YW5S3AznmJ4NzogwNF3DKo8leLph4KEpuKblLWgrvkW6Tqu_JrjTAf_XtcGuuJ5-hLvZIBzOF0GxntiduQP6r2H0wcerk4x87DRo_W0T6cxtCZZj_oXsvpc7L-v1P4qsz-C1gf6TfaAZZkomUoKHjKMK7f2r41hPa-8_2ioHvt1pyulPHYk8GqbHgabnLp32SYUrIrCv2VSBE_FgV_glGMBwAx3BwvYsMTrb-I5mrLNE_CO0gWomFJeE3VqpLTX5sq3a12BWGCBwbyPvOUUUBzbRJ2RVicYfEvdvil9YDppaVPILFOzmkUrrxZDBjeDJ3Uytmv-Hfec4ln4ytZM98rndHvly8s8aDYZ91_0NyiP1sofOF7-aGcBj2gOXONwGW0ceXq_7dwAe5PRiRH9ASIItW8zw2BNry0djkkcp0-nYT2EMWCowKCsrIPK_6RmBLxda7V5b77ZRJudyrsrRZKb1FEJBJJ-W70iTAsseysE7JO8RknElUZ6g5gg_iEFYupMK6fXtO4OZ7OXoap5trNVuU3EVlEquPLDwlD0PF_hQyGjOJrFwlOafpQbDswTTBaMwQwXktv3bB7dZ1qTe4v2W7DVhM9kmp2ZB3cZQEU8HjFUk0RFd5K7k0iMQ8cAMmjSgvZfAQ3tz2RZUDcDckQLCgBPh5uy5GvG8ddGytSqIKzqI_-wpm8u1GFT6HhQ1_Z6bE94LZy0uB0OcwwzsgBog7yva8fqozjgo661Rc62iR8LHk_vWKEBei4SVwMKVz-l2y-Y1quPoMWsiKIcyZIg1wmFOsEwOQhFyqsbTcaY_HUaf9xrXROjk_fhDsS0YaitDpokWT7B3Wo8ZqpbFodan-fffYypwTIvMKe0a_ePcR6cglbJrVXi_EJ1txLqfxtcOY1nHyz090mWwe15VK0WQ3n228_p_5lut3jFZe4tAi9jwk9r86IbjhZIqKSE23mtx9k2N8WkKgfgaBrYthW82uOdMYEMhP0yDMW9tx-pbGfHMD2HK6clbLSp3cPsWjRPSnlMKaRdUKgjQ3l4inSfGfuBGSoM9ibUGi1n9figVxphi22gJofc9xpYA4B9zjQa0UJnOHAD0uYE9kxqzzBAitqvQIWikwgYgsWanpgCRBaplrkK5qvRenqqY6cK8_dZ0lPvPjvbVzW8hU3ikc8RHDFDrKqCn8lohMQ9hB2jmrMsduaO_apGjUQ_d3DZxfPsg_b2dMtpAZXDG0TIwH6Ml_M4C7AP1lA0Xz9_ff51KeilHPB5CIsKJGlavpTygxJM9kEsfEXaCz4Ctax6Kg1wHqrZHXOTfZpvcUNcb8rPGmcMBM59QF5-wlNE7v0q_7yyspP1p-Orb9K_NWLj93U-2xJnF5r1RAIsZXav4aE5faxBiT6t0pCQHABhLl7idY9NGfg5RTwHOY0G1r-iWhkKk5SDuyFe3OO_bRBlWRGAU3v0RFrlsmiXPLacOVOZlhrsNSZbfAWWV7xJLsp04jMWiSHuvNNmujRLlRldRH1_ALxe42t9hmhhzqOh7MV3Xq1b26ED4bnAFR1I5vuCFj3&cid=CAASJORo4P3pqshf5QjJCkt1LEPDSal2K4MiFsYYCrpk_i1f4oC48Q&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

39a3a957720560137e80256c4e78c730d2a7cd4be1b045dfc7c8893b1dc5d96c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30778
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7A86 42 B
63 B 78ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dp1X6FrsuEOd25AL0qdfs40_w1l-V4FnwVLrYH8_4TQi_ll0Z4OrZLB638GBZ6nLlU6rusjXWFecLuU5EY-3urHooJ4oEBGMybiWyCRQ2-ZXih6hM

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 7A86 3 KB
1 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:57:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7A86 119 KB
36 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 07:59:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 7A86 15 KB
6 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:53:15 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7A86 0
0 57ms
57ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRJ7mOVBsBZ1UJjnp6n1cUKLX7HcbwIUdwl4G2WL-8mhGfTE3FzRVZ0HP9h7M9USnOGQcvf1GsSBo6HHw3oJG7tBaPBsg
Requested by: Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 container.html Show response
8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E975 6 KB
3 KB 55ms
54ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:48 GMT
expires: Mon, 24 Apr 2023 07:59:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 45ms
45ms Image
text/html 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=WU5TbWFrRk5vZnVWSVFTTWZvWVpNc21PbjNqT0ljREkzL0ZWdG1GTjFCWmZ6cEZLRkpGVjhtcklCOENGa1BIcElCTkFDOGM3NldNOVNhKzR0K0l3eVl6K01MUjRkOUlGd2NSV0t0ZWZCZ1RBdHZVcHE2Qi9qbSsyalVueWZDbEhjbGllMkVDV3RITCtnWjBFMUw5eGg4TTFaR1NsR2NoNDhFSkxuMU5CZEdjWUorQW1ZeEtTV3FFc2JpOEZqWlpaSVFpTkxpeTIxaDgvT21OeGZrY09TaGpvTisxdkJXL2E5ci80U1R4RlBIMkJwYVFpb210S1NRejd6RFpYRTIzQg%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame 03C7 35 KB
13 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:20:32 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12623762915722938300/ Frame 6518 8 KB
8 KB 45ms
41ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12623762915722938300/downsize_200k_v1?w=400&h=209

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd7bd0ce1eabb5b893c9f5df238f6f1bef17ca440deee95bd82f07aa66c24c51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 14:35:47 GMT
x-content-type-options: nosniff
age: 321841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7870
x-xss-protection: 0
last-modified: Thu, 27 Jan 2022 12:44:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 20 Apr 2023 14:35:47 GMT

GET
DATA 200
OK truncated
/ Frame 6518 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6518 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6518 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbb94c29f4cf9034c6a1b206cfced5bec63e76d552ab90ab39f83495b623ffa7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 6518 28 KB
28 KB 135ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kolobok.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 380768
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28276
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:33:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:13:40 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CD05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1&C=1

43 B
1012 B

56ms
56ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi93pe8ATAB&v=APEucNXVPuzjRz4-W-SUEFEdB-IoJlDA2Yv3D1cTgbRB6iS5Fx92qv3kf3nVtumQ_o-rZFoko0XbRD-6EVczc3-MHyi-is71Bsa1Qw1l8rYomjjuTQZ6P1dPlM0VP9zKRADJm2S7-TVKkZyUq023v_dqVnM29viaSFbenJNPbVXpmqWxxTZeykY
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 07:59:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 24 Apr 2022 07:59:48 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 07:59:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sun, 24 Apr 2022 07:59:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame CD05
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmUDdJ-fGHzclxlrgJlyNAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1

43 B
892 B

56ms
56ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi93pe8ATAB&v=APEucNXVPuzjRz4-W-SUEFEdB-IoJlDA2Yv3D1cTgbRB6iS5Fx92qv3kf3nVtumQ_o-rZFoko0XbRD-6EVczc3-MHyi-is71Bsa1Qw1l8rYomjjuTQZ6P1dPlM0VP9zKRADJm2S7-TVKkZyUq023v_dqVnM29viaSFbenJNPbVXpmqWxxTZeykY
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 07:59:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sun, 24 Apr 2022 07:59:49 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIRuSw8Pnfe6L7dH8w8JJfE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame CD05
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEF7Be_WE4RJPDMkCGMqlvjM&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF7Be_WE4RJPDMkCGMqlvjM%26google_cver%3D1

43 B
1 KB

53ms
53ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF7Be_WE4RJPDMkCGMqlvjM%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLbFxQEQq9bcARi93pe8ATAB&v=APEucNXVPuzjRz4-W-SUEFEdB-IoJlDA2Yv3D1cTgbRB6iS5Fx92qv3kf3nVtumQ_o-rZFoko0XbRD-6EVczc3-MHyi-is71Bsa1Qw1l8rYomjjuTQZ6P1dPlM0VP9zKRADJm2S7-TVKkZyUq023v_dqVnM29viaSFbenJNPbVXpmqWxxTZeykY

Protocol

HTTP/1.1

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 07:59:48 GMT
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 430b208c-b6c8-4a65-b640-f9089e6c456a
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 07:59:48 GMT
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7b193a05-3555-47ad-8341-0cba184996ba
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEF7Be_WE4RJPDMkCGMqlvjM%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CD05
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjExMzczNDEyNzY4MjI1NTkxOA%3D%3D

170 B
188 B

51ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjExMzczNDEyNzY4MjI1NTkxOA%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 07:59:48 GMT
X-Proxy-Origin: 217.138.196.103; 217.138.196.103; 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a3854c37-5d9a-4879-a7f3-8ed7003bbbea
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjExMzczNDEyNzY4MjI1NTkxOA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame 7A86 25 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DnoOxg2xcusovFksYOk3t2fz3pR2PBdNrX27E2FchDowuAN9qABQSZVWBDZfYmkD2kuGteyT3YTZqjbfuvCFevqISEjg_-OLdzxNzU0Rpjgd6xSWwsnJjBSuA17zcJVe0b1U8g3sa4QVMQIN4k_yoCgt5pSg&dbm_d=AKAmf-BM4ieyeNrd2lLQeA_pujVFrcgl81rM3wDLCp8BnJFf5l4JrYFQFdqGIImAQcSY9Wxibd7I7Li70bWMEhDl8Vvqobdfh5g1q6JpOIMSf2tzGZT3DH_XCEDZlsJvk2c9799oGv5syYmPUSVsz-EJuUFZTK6pwgqDu0Ty6b4RVmx2hkiUmAqEd-dk_Utp-lRj4y9MigWCKj0Y7dVlV3yDbpCsP3wVjujCFy1JSGMYekSMkSQ4IFFsXnJz5h7OzzesQvLlOdhal41qfmiLPqy-cdI_fRPw293sK48dtTeSjPUs0wwgU2sTizT7YytgH3OIucg3-nTuucrs3w2g1hInQlO-Oj7v-CkxB11QNMUk_dvH5JAyeFOj5mkToOdr3ncuLnzZTao6G4CKuj6jYylGOt_KUZrjjM1cuv5LHQ_TeKizCUXYcNN2EKiubQcWEl0R8D0JkMUdHc-hq1HsNczJGwewhNkSlNey6uVNxhRRInVDtS1V-sTYMt7rrZDMrOBk7cS8D3JnC06OmaKSgrNPE05DVBFwqFQWjgxvEPYaGDGlcgSL0xSS5RAktKX01_z9EGL6mn9144bFOZ_CKqKpoRz8pQahFCci07H-W1YbebWybXjddE8EzDJQC_xGPbO3wyuW6FlWNTKQ2KVFjj6Q2a5q4KoBZ1UK0bfNsb1d1PGwLfHqt9774eFNLTyVTX7VsDjgXAauJ49mn8hXuV1LkyCygFkeIK64DvJRljY-kMa_GtvTXduDvusRVEqb9FhzN4RAxpenW8vHLdUGmDRaSnlkZMlM_xMUMSty8Q6QoXM5G9z82huYFukx-1y8z8BDfdU_6NAl7wgWNZuwqWg2HAC9Ie17Koc6VINn7umDpqdk7scrDnSp_4L1J6R46zC1rkqdvhr-v0MZR5oZ3Rzw4Hy_Cms6TVWIexSN1a6fEjsbiUcjPmFhkcJOnXAezMs3e5834AaLxWa1y2K1v7wfzoFdMCFNxmIDdgIUiqTnW8L21nuK0AXwLI1CWqtB1CdfI3No91aGfoo56kgBK-12Pqd76jk5Ur6gGi59NnRyuo2Mnvm8L5h4840myoaA5UM4n82Y8b4FDpZyB3O2eKR4kOfBiIr3oLB5ft4J-2M_mCFbJfw_POK_xBfRdp_Ckj6HFAWIrnllyeVZh9OJrpuGnI9JxRetSno0o2Dx0wGr2sg0lXw_0C36mUltY7eGEdJ8orxffclJWDQYyr6QA3ST83UpYItDoOaPDsvYaGbgF40cC85p6XPF9UHGqmSBgnHIIOtoq7rgMm8T7SYyNjBLjmuS8BlPnySK_YC0QSNS9O4UUmlSQVc3buqNv3wGbNz6vPL1P0LizwzQSXARPSq0o3oTHX6HLu2QwXIZcDXNwkwQziDr91IdxgCX07DjAdMDQDFwSJl6amUOjoYHitjBFej5wJr8afEFZgIVAyitYb_3iG-67EWWf7OCoj0wZaCfPZl3FY_nSZV3rXxzyj6A4GA9wXI2eu2JxLTm2z91xbh0GCNL-p1SUqQIsulSrodWiQIcRHiVBgZSfoQw7LonmaJs-xpqQlldYpztOH9CHhcYiL4gIutCvbcxnuGCUYhzEnRrgUmkHVHPu_svoI6bZHHWSnSR8ehk8pIF0Zxr3VNEFiLHHfOky7NoyTad646e9qtRT3chfg4TH7ZFEJsoPYNeUZDB1rVd5SfDDMwvXjtH-nPOtz4fb6t4tfsNe8qbA-kSApao2je6AtPFyCz-jb87Uf19SmuIngMQTGEXkOwZvktZ7yIui8I_o4oKjgUCfAvRGfSoCvIF1ckaNqF5qIT21Mc-SNGhf3oKUtG1ThFYuyj1kMO9UG3P6ivi_OdovekAn22TIuvdad0rn7L-Ji4LabCqDsxvCT-1J76CetgJRyANl3YW5S3AznmJ4NzogwNF3DKo8leLph4KEpuKblLWgrvkW6Tqu_JrjTAf_XtcGuuJ5-hLvZIBzOF0GxntiduQP6r2H0wcerk4x87DRo_W0T6cxtCZZj_oXsvpc7L-v1P4qsz-C1gf6TfaAZZkomUoKHjKMK7f2r41hPa-8_2ioHvt1pyulPHYk8GqbHgabnLp32SYUrIrCv2VSBE_FgV_glGMBwAx3BwvYsMTrb-I5mrLNE_CO0gWomFJeE3VqpLTX5sq3a12BWGCBwbyPvOUUUBzbRJ2RVicYfEvdvil9YDppaVPILFOzmkUrrxZDBjeDJ3Uytmv-Hfec4ln4ytZM98rndHvly8s8aDYZ91_0NyiP1sofOF7-aGcBj2gOXONwGW0ceXq_7dwAe5PRiRH9ASIItW8zw2BNry0djkkcp0-nYT2EMWCowKCsrIPK_6RmBLxda7V5b77ZRJudyrsrRZKb1FEJBJJ-W70iTAsseysE7JO8RknElUZ6g5gg_iEFYupMK6fXtO4OZ7OXoap5trNVuU3EVlEquPLDwlD0PF_hQyGjOJrFwlOafpQbDswTTBaMwQwXktv3bB7dZ1qTe4v2W7DVhM9kmp2ZB3cZQEU8HjFUk0RFd5K7k0iMQ8cAMmjSgvZfAQ3tz2RZUDcDckQLCgBPh5uy5GvG8ddGytSqIKzqI_-wpm8u1GFT6HhQ1_Z6bE94LZy0uB0OcwwzsgBog7yva8fqozjgo661Rc62iR8LHk_vWKEBei4SVwMKVz-l2y-Y1quPoMWsiKIcyZIg1wmFOsEwOQhFyqsbTcaY_HUaf9xrXROjk_fhDsS0YaitDpokWT7B3Wo8ZqpbFodan-fffYypwTIvMKe0a_ePcR6cglbJrVXi_EJ1txLqfxtcOY1nHyz090mWwe15VK0WQ3n228_p_5lut3jFZe4tAi9jwk9r86IbjhZIqKSE23mtx9k2N8WkKgfgaBrYthW82uOdMYEMhP0yDMW9tx-pbGfHMD2HK6clbLSp3cPsWjRPSnlMKaRdUKgjQ3l4inSfGfuBGSoM9ibUGi1n9figVxphi22gJofc9xpYA4B9zjQa0UJnOHAD0uYE9kxqzzBAitqvQIWikwgYgsWanpgCRBaplrkK5qvRenqqY6cK8_dZ0lPvPjvbVzW8hU3ikc8RHDFDrKqCn8lohMQ9hB2jmrMsduaO_apGjUQ_d3DZxfPsg_b2dMtpAZXDG0TIwH6Ml_M4C7AP1lA0Xz9_ff51KeilHPB5CIsKJGlavpTygxJM9kEsfEXaCz4Ctax6Kg1wHqrZHXOTfZpvcUNcb8rPGmcMBM59QF5-wlNE7v0q_7yyspP1p-Orb9K_NWLj93U-2xJnF5r1RAIsZXav4aE5faxBiT6t0pCQHABhLl7idY9NGfg5RTwHOY0G1r-iWhkKk5SDuyFe3OO_bRBlWRGAU3v0RFrlsmiXPLacOVOZlhrsNSZbfAWWV7xJLsp04jMWiSHuvNNmujRLlRldRH1_ALxe42t9hmhhzqOh7MV3Xq1b26ED4bnAFR1I5vuCFj3&cid=CAASJORo4P3pqshf5QjJCkt1LEPDSal2K4MiFsYYCrpk_i1f4oC48Q&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:58:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame 7A86 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:55:41 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A86 0
622 B 190ms
86ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuBRVVSeVD5Xqdp6FcSp6Jww9ZWR_b3fliZRdJGQ3tZn_uuL8U0RALPQ2ALRviMwFf-UJfDnCGmHe1c1jDf_8gsDBEwf8Knft48uA0QwsFrwKF_2aTQ09MFDnBPbYfDcl5mAO9YTI7oBSdkKLqO1vEmusdZeZ2Daefvbs6VIwLDBcFMulQ7Ceh7VyyoA9uZ9kUVKaJip_FocoUPYUxHv8MA52P0SAPWVRUn5LMBF7LGdtDThTwArYLL8RjbmwyN4TkbIsOJZ9WZmUT3wfeSA9GQ4l45I-9UeCDa9czN8QGs9NF5zmQkgVnsAoeiK5RbnnsLhKwYhk81pi4uRRCWy5QNkNI1zg5jGLhMn5YFmh3JWEWceJIsAHwDbbW3yEgMT_r4wa06EOIoCuKy7REtak8-oo8Zh7i1_2JKzZZynhFgTw6v_0hVT8t1lPzc7TeCkD3xH5_0UuN5wcGKV-Um6FQF0xSsMQleHkvqIIFXaIQ-2pW10A-BihHCexY0SksCsrRGN2G1nnZn4hW7MliwigfoVwr61YTJZtFhkUyrR05tGUxwJiRUlGMjmafX0FDF1kB-ubYD9b5h5cVmh7sAOIF8U_wp30bOl7x907mhCRoQ6tm2lgETCaHskJRDSagvMQCYFlqp632qci86CO_93w22HYyHbVDMYmsqbuqpyPvSBZwyGPSg6NcIE8iu4hTVYpd_xt-ag-YFXgs8ruRo_aNLTMr11ql7Q1Iy1p8uTEkILxKuVxnkxkD3QS4GdzUOx4k6OvZ67-smSjtba6CRnncvnAh45ImXkGz-7zM3EMgOsx60nBqVOO0iF99M2h2yNSkbbyzai7PON_OPnduGJh1HOmrys42hkzBWLBx_8obuiRHthqox4wMAbwoKEIaAdHaRbnq5S3uzExmdLP4M78JshdpVP1NjPMjT8-cD71PLt8llwFSd0PNJ0D4ghCci6MjYwaHgIjQlpxWJqDYyyCAnSeINWjA5v0GIAOc29KmOSXrk6izSztTBlJudMFlPcaepX_XKEWtPaRRpR95lUBCnARdjAWChMDitCP8teSQMO9HFwXXljRo7YddHsJODaeztWaG0kyn5AzbbW4tWJJ6xkOifxHdBC-rVTvAodxak4B9_AzTqpv2LGb_E-mFBEUJ9ip9f5qyqKt1-g3sdLkMwMoQR-o08qjQsRkxGIoZMRTMm3AoDu_G3zr3mH3QUiCuQ4Y-SXc_X4t_k1fumR3cEB8TAbqmUnU8O9j4dM2TzO8rjKCWxrNPoFszShfIHaUBRHosh063FCEF6tsMAk_SCTHO5-onCygw1nMM8TdKjLisbZ7yiiQlcvGzO-cLIe3Dfj-CrvVwJFQvE0fSGqGLpouet&sai=AMfl-YSITFaauo0bjjncoPM25h5cnE6huqbq4XoeMBqfNzlYZAfYjzUYlknN6x5svujwqy5q90GMejWrwrsgCVQlaJp7K4SkqPE2ayKxUuP75nl-VhTDZmwv5-VM08m1E9HtdVvCD_nYhBHEWdge7aUM6osMSdrB0j7v5XjplpTsmhnKXS_Nza84u4ipB8X4sDP39vTud2jR6-9vdeIirRn5iqCo&sig=Cg0ArKJSzOr_QA9utoV6EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20220420.77747&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 24 Apr 2022 07:59:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7A86 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 15:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 15:03:03 GMT

GET
H2 200 8829081100400245597
s0.2mdn.net/simgad/ Frame 7A86 39 KB
39 KB 157ms
41ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/8829081100400245597

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21ccb645ef85fdecd03d594ba8c641ce71c338a9808682e15312f612fb7c4a8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 15:50:42 GMT
x-content-type-options: nosniff
age: 144546
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39668
x-xss-protection: 0
last-modified: Wed, 24 Nov 2021 09:42:26 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 22 Apr 2023 15:50:42 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C4F1 640 B
316 B 52ms
51ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPxZBCR7Z4BGPrH9MUBMAE&v=APEucNUwaKc1c4wo0rYi5clXnCa0tEQ1-K1XEl9CNzkQy--aN4RT7Lu0hzGHARY0_feKE_ekOgUnxH27bCZUNhx7upggpqhgkxMJhrNn9vQ3-Y3hz5jvoyEJSrn1t2-DRsUrkw86wKcH0bO7ARebQTtbl1LsQOVmTTNL823yjDjpIjcHW5sVE6g

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame E975 64 KB
31 KB 90ms
89ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnyqHPeStrfWTKdvTgrpFHrWS4zjMfwxb7ATzygBKBp3iJGp8TbTPoEadg94EQkFV72GsV5BpEPwLIg5tqDzeyBM3ifi4stiXR0xMljtgfNrcfLtr6ppb6bD942vBFNHaOYt16LLxedEou5cD2vObSrcAOSg&dbm_d=AKAmf-DR0RTec57RdDLH7V8_tgtFHtoDgAfHBVdxFLSPDO9ICrm9Y8QFAg9l8diPYpoHgr_boIrtwBjFM3pPwOGxyCMbZb9TnRxVyniCla31zSeJq4wsd4KoE3AWHL3h9JY6qD6umMlc2iCi7yRT4qUq-cSay_lUQ-1oa4MIWGmPcyvJyuRtAozndYWYIur7Ri2LUwfKEK2hwdeeJcPl2XWZPUiZiB9SVEt63cdzp-LlVl_0V-KM-FCC_abulilKOU6fIrHG9aXvOAZzsol7mMOMQExm-x_3TkvKEVJKdyuig8Of-csBVsB7QGDzXPUmnwAKUeFv37fyxlGEaOxYNihDsgfm5hbU7Zk9DorzdDCNkE2bwIc1P8C7gE_fQRNeDwqsmqfkkHurZyr9t1lRt5au-MVSoy9xSkCftlOr5hpLvAC4238AEmnLgt0q2Vj1c7LKvwazedRG69YP-BDLYvFDW6yCvozbDAUJ1O2J7yD6y_2IkyVe3TGbXaPiXuS7kMHvmmo4ikS5PkHSoPSQgQsLVvr98l0Hu5ks_U_i_rDTBaaankk8y8HRTjAjTPPwc5skr5ggNMpmA0EIQK1FDGHRiARWl61kD0I3T2nK5COnCQ_eHdmJpYKvWyzqcnOAD5X5LSNVsOm7z__2js3bqZnkY2KFff1QKFsNe17rQ4Qc1f6vH766O38yk_ZKvVfvL_xdrYcsnoE-nvA07Q_HQsYTdJyUtPPYw3UCdRNVVXNsTThri_DSBmIbMywxlkb-rVtKTvfjd43UvXc8uzwWeuJTEMTYlyiP_UFpNE79Oj0bMtza81IRM-7xYU858oIBT5Tyme89kpP6XmMo4MaZl0WNiaoFuvdRnRUo2bArCMjW1KYvbeeoiYsXgoiDQcaGBU37HN8UDAnO6Jvfk_YK1kNRFjbxBGJcD03OzIU3_qeFWHXtK96fUhRrONBLOTzYOZZh5P_ROaAVxTu6oe6zVWcS6w3ONamqTAI5WP-g7jj91lvG2AtkUBBqUxUmbndCcQCNJvOkHqh9_ouETJiwyZRdPZf4Fe30EvVnvR_1c6dLIXgUec0ckK7nMPyqINlfa6-s33zsYsjVH9qQoo-krOiJWpyQwYMo-Ry6TJkERIrX8QeINpYOl4hclfO30yzeH3aG_vyyfWV-H-NfJiznFAlQEQkK8OYpmK58bjmBh3BNtHuzQRrh6mtK6RrPmH4RUFizL0mijNFHJpySYt6aFPe1LGdaYiLaGt0tgUMgZbWsU9yXIsvMsVMhP0243v6Mp8_17m5GkTaRShr8l5gqMqXx0LOLF-oYWJsAtuR6iUIHTckDYj5LrPJ-HKw3kh8YGjf1MhvZM-RWjLJZ6VeoUYoYSra8Ko05zf_AfAgzHMfoIIRdj0-LxeKRfyAJjMch-hKf2lXGV_CTV3Jdc8P5givNvgA980Ko0FyZkmgDjZZefnEhxELt9cxC6TwqAv3sC6xFuFaE9RUzVazBvBZb7dtRA2-W_bB7i98sCc9ngafItEzAZ67YV_FSXJKwSJtwTZk2HeInUkmSgvUVIHaHP-tpDM7o5XRJkHq-2CYup0FD9hY6EvTMu26DVBWAQXts4PbUMiLHENG6XJgn7fY-ZWejmMBNE9kCE_R535StS8LVF426xTGvjSXnat-3myg5Qi-Xkn7hEisNcw-QO3rpm4CC5LI_UrlKADJkQ83CtAOroysds56ihVj28eQC7JVcOzH4DtXrGAuw5okF8ttCAp95YghUVAkHMnTfy2_I_NzmFC-1ih3DCaiLsMKAyF_ixzr6CW4dRlaeu0mloIvMDsFfaCYdTlJ6qZjUxjoo0RwMUX-RyWsaMCoW8d-6IwGA8Io_56BbXQFIWSyq-GRsLkZeUUA-9hSSaVHB0rTnybOpiGun_7WwUm7S3FiarIjsYH8iGJUydPXX8WLunYQ25U7_LVz2XB9EVIusEQQDi5Gxrad_BqWRKM_8pNc1YJ3EYQNVZpJ3TnKmzend5JTE6xPI5mFh-Gi8qdOFhmxwDmc3zDYb0XAwwNoUIOFvpVSbzMqzHnhr4Vmf0HYrklT3AaPb4VZXCcwkdZiTx_ykWIe5Y6RbGGhQlAXclwMFbEJtnJurgvvVzETaFxyrjHn6GIzH6jzFALdxAWInlaZEVcZCYYM7Csbsse7sovKnBQn37sccmFt72KwPMziTP0B59Wu6FWGV-3pM9OyUTgwmKAkJVIIn_K0IiCH1aANQsH7AyTJYkRAqIM59IfFDB4ue3r-M3RfRCG0MWnCplNqsow7MY1Sdi2S7d2eluXN0LoRg9q_fMOqNFftCSM0A3RGcuS0AIqdWoen1df4L4OiMnQF8cL2f_21PfDGJrqjjVYIxq_PdMaBGzFC7ZmtwXOXTKYsWgQzDnSlwHBMZJE46PbmV8IKcMCvgmXzJX8J0DhyQVLydeqGMBA1cbgRB0PNNnboJ29pFbVJgwjgzoFe8cRRoy28LOOXURfFSkYOz-JnmXM4IZHalpskg9m5fmtJyNGDQ7DetZ2-hnNf4979Pbpg5PHXj8OT-PTFHSgKQxH1nJBOh7SOSr48BaPuEE_TNXmsFe6BvGsZShQtwRTvURZ_KP7Sxjc0girqds0ZK5CxAx0aUbnpiByZ4Tlsy69XHhpYamo6mVTWgWlkj-6y4nChUUcNR6hhHmiEmo-fL8Pb3Jk4aVWvTmYKvIwmem1cJqFQFhqPbgCm6lB4Z_XcfusfOBXiYvHctK7N-Ro7r4pJ58xwxhfgCaN26U8fnEya8j4tWI9Z0LWA1gjaH12fP1R7uyxOVjhKWRYqhCcO8krz43aGuF24auuUo94Ynx1t8lm6bFbcsk99jLA92vV4UFAKGsBV449HT0fWckMVjW1jIYGoH1eUkSRu5mvlm3U2VKQE7VNm-4UEgAnSlmkUB11GwJcrDCw82iFPvgSYiTGdpXqhoYm5nOpgD9Oz-ZK9XmOMb8IncWB9s1QQNeX5SNus1N5q0xdRs0jHvFBhsbTBmh8kTqBvJsej5Y0KDqTvaJ14V1oWBCm6O9OcPJ3V0o719gA1FjBXJq-v0K3Mr0PTIaIr6XCwqVJCKvGJI1YwibLn2R_WDurTyZxoYeGam5GsyJOvb1rcw606IoByQDh8KHWyn7oqH9sq5977FnhJefx8eIZVd58-niFC37scdR3h4i2tWSasm_gM8IGBPVJpqb0d6-TLa-zRondL6tUQ82WQmr6s7bYXpflv4CBaPVONyyr7_mNt5EN0iMpk-5RDkocah6WFS3NxmDqm5ACuADkysXHJ0rQQPVOqwPQG3Sc5f9YAbguU2PgYtfyIeNXO_qrqcH8XahlhJUhHiveBm7D4ve9Ei3J1NCzuPJNXPaZCY8S4zOd4PSFg&cid=CAASJORomEy3H0s4J9DvrdPVmbCzEejHElMO3lYNgvxl16FqwWlhdw&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5ee543419645db5fac49170129bdf7db0879e77f83957b4363926d380b050648

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32106
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame E975 42 B
63 B 74ms
73ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AmPbQjZ3hUDVUAmpUmlRBWMfAssYC1IebfMt1CmOUNAoDLWs-3J_kSkf5Ytm8p-P58vguHX1zFf8rr0Mcg_9yqbVsf10JhHa8LN3z18gszxW9Go2o

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame E975 3 KB
1 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:57:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E975 119 KB
36 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 07:59:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame E975 15 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:53:15 GMT

GET
H3 200 container.html Show response
8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D005 6 KB
3 KB 40ms
40ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041801.js?cb=31067209

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kolobok.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 07:59:48 GMT
expires: Mon, 24 Apr 2023 07:59:48 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 tracking
ad.mox.tv/delivery/ 51 B
51 B 42ms
41ms Image
text/html 190.2.151.10
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.mox.tv/delivery/tracking?hash=ZnZlQ1BFVzBGOE9Cc3h6cW5WY2hLcytlUUYya2hSdE9wS2R6OFFCM1ZTTUpuYjBzck5mWFhUUTl5VEtad1RobXFYdFVZYkJtWG1MZEtHeHFvY2xkOSttVkZoNVdWTXppOG1tRG1ZbjNYR0dCTkRwcWk3Z3BDRCtzcWJ1K2NRYU02TVlmZUdqWEt5QVlmRytRV280R1lPZW5EKyszSnlaY2VBSkJWUTZEL0xGazJJYU01eUNCdDRtMVJWWGo1SnUrbHl1QVdTNGcwQU16UU90VTJBcXBnOEtzdm84MUFZVnorMy8xWW9KVVQzWjFoYnh3VytpUmhOdzRPUk1RV2J6YQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.151.10 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-151-10.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3376 0
0 82ms
80ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220420&jk=3775603991270847&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame C4F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECVfkFqzjfx41oE1Yjwbaqc&google_cver=1

43 B
114 B

34ms
34ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECVfkFqzjfx41oE1Yjwbaqc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPxZBCR7Z4BGPrH9MUBMAE&v=APEucNUwaKc1c4wo0rYi5clXnCa0tEQ1-K1XEl9CNzkQy--aN4RT7Lu0hzGHARY0_feKE_ekOgUnxH27bCZUNhx7upggpqhgkxMJhrNn9vQ3-Y3hz5jvoyEJSrn1t2-DRsUrkw86wKcH0bO7ARebQTtbl1LsQOVmTTNL823yjDjpIjcHW5sVE6g
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESECVfkFqzjfx41oE1Yjwbaqc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame C4F1 43 B
305 B 101ms
34ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPxZBCR7Z4BGPrH9MUBMAE&v=APEucNUwaKc1c4wo0rYi5clXnCa0tEQ1-K1XEl9CNzkQy--aN4RT7Lu0hzGHARY0_feKE_ekOgUnxH27bCZUNhx7upggpqhgkxMJhrNn9vQ3-Y3hz5jvoyEJSrn1t2-DRsUrkw86wKcH0bO7ARebQTtbl1LsQOVmTTNL823yjDjpIjcHW5sVE6g
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
server: OXGW/18.0.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame C4F1
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEBE5eSa4S32C6UGN1nhkYho&google_cver=1

23 B
172 B

146ms
70ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEBE5eSa4S32C6UGN1nhkYho&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPxZBCR7Z4BGPrH9MUBMAE&v=APEucNUwaKc1c4wo0rYi5clXnCa0tEQ1-K1XEl9CNzkQy--aN4RT7Lu0hzGHARY0_feKE_ekOgUnxH27bCZUNhx7upggpqhgkxMJhrNn9vQ3-Y3hz5jvoyEJSrn1t2-DRsUrkw86wKcH0bO7ARebQTtbl1LsQOVmTTNL823yjDjpIjcHW5sVE6g
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 24 Apr 2022 07:59:48 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEBE5eSa4S32C6UGN1nhkYho&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame C4F1 23 B
172 B 219ms
71ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMPxZBCR7Z4BGPrH9MUBMAE&v=APEucNUwaKc1c4wo0rYi5clXnCa0tEQ1-K1XEl9CNzkQy--aN4RT7Lu0hzGHARY0_feKE_ekOgUnxH27bCZUNhx7upggpqhgkxMJhrNn9vQ3-Y3hz5jvoyEJSrn1t2-DRsUrkw86wKcH0bO7ARebQTtbl1LsQOVmTTNL823yjDjpIjcHW5sVE6g
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sun, 24 Apr 2022 07:59:48 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame C572 1 KB
749 B 41ms
41ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 7564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 25 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 01B5 22 KB
8 KB 41ms
41ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 257519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 08:27:49 GMT
expires: Fri, 21 Apr 2023 08:27:49 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame D005 2 KB
532 B 50ms
50ms Stylesheet
text/css 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e88adda18aa09bcb1b6747436882f40a0074574df0ca4bc130779bb440e19d9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 24 Apr 2022 07:54:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sun, 24 Apr 2022 07:59:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 24 Apr 2022 07:59:48 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame D005 2 KB
918 B 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:56:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 212
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:56:16 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D005 0
0 81ms
81ms Fetch
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cx4lUdANlYoLGA_vYx_AP3p64yAu2_fblaa2t_4-mD4G_-eHPLhABIJvciSJgu4aAgNAKoAHPidWbA8gBCakCCd0lCiWKtT7gAgCoAwHIA8sEqgT7AU_QdhoJ6JVXQ1LX8xpItnjkgP3UV_XsTK6egHW1qYTCCFGwFkYDdZ8hj_xDZulcpFgFWKca8rRkRDtGcCZvBxmdzyLr3ALnW7uQrDNGvZuufcQM0nXs6muSM3kk4HZ5C_5IS-ooBIsydLClvsk_0xZVpGmCrYdQT1P6c_te-Jq6RBgllr4GMdQ0WFsOUE8UmP4Hao2WaxCxwroaQc1TOuJhD0XoU-QPWGUKLq2yHnD4P47KEjvQAHkXNFsGNv5OnmsPKSPVrKzyTzGYAENQlWVoN1VBYXSoeDys90p5ZZsV7GK2C3XDfQuiVO1JCvBx86TZ5BQqg51C3ZwowAT-qNvB8gPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHmfaqZKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBD_nyXSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTQzNTQzMTc0MTA4MzI4MjaACgPICwHYEw7QFQGYFgGAFwGyFx4KHAgAEhRwdWItODI0MTA0OTQ5NzYwODk5Nxjz8RY&sigh=x70q8y5Vv0k&uach_m=[UACH]&template_id=494
Requested by: Host: kolobok.ua
URL: https://kolobok.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: zrh04s06-in-f130.1e100.net
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame D005 19 KB
8 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite_fy2019.js

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:56:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:56:02 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame D005 3 KB
1 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:57:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 128
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:57:40 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D005 119 KB
36 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 24 Apr 2022 07:59:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame D005 15 KB
6 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:53:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:53:15 GMT

GET
H3 200 3bde1d5944145a46a8b91d920db5ec4d.js Show response
www.gstatic.com/mysidia/ Frame D005 30 KB
12 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/3bde1d5944145a46a8b91d920db5ec4d.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 21 Apr 2022 14:06:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12194
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 05:04:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 20 Jul 2022 14:06:22 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/ Frame E975 25 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AnyqHPeStrfWTKdvTgrpFHrWS4zjMfwxb7ATzygBKBp3iJGp8TbTPoEadg94EQkFV72GsV5BpEPwLIg5tqDzeyBM3ifi4stiXR0xMljtgfNrcfLtr6ppb6bD942vBFNHaOYt16LLxedEou5cD2vObSrcAOSg&dbm_d=AKAmf-DR0RTec57RdDLH7V8_tgtFHtoDgAfHBVdxFLSPDO9ICrm9Y8QFAg9l8diPYpoHgr_boIrtwBjFM3pPwOGxyCMbZb9TnRxVyniCla31zSeJq4wsd4KoE3AWHL3h9JY6qD6umMlc2iCi7yRT4qUq-cSay_lUQ-1oa4MIWGmPcyvJyuRtAozndYWYIur7Ri2LUwfKEK2hwdeeJcPl2XWZPUiZiB9SVEt63cdzp-LlVl_0V-KM-FCC_abulilKOU6fIrHG9aXvOAZzsol7mMOMQExm-x_3TkvKEVJKdyuig8Of-csBVsB7QGDzXPUmnwAKUeFv37fyxlGEaOxYNihDsgfm5hbU7Zk9DorzdDCNkE2bwIc1P8C7gE_fQRNeDwqsmqfkkHurZyr9t1lRt5au-MVSoy9xSkCftlOr5hpLvAC4238AEmnLgt0q2Vj1c7LKvwazedRG69YP-BDLYvFDW6yCvozbDAUJ1O2J7yD6y_2IkyVe3TGbXaPiXuS7kMHvmmo4ikS5PkHSoPSQgQsLVvr98l0Hu5ks_U_i_rDTBaaankk8y8HRTjAjTPPwc5skr5ggNMpmA0EIQK1FDGHRiARWl61kD0I3T2nK5COnCQ_eHdmJpYKvWyzqcnOAD5X5LSNVsOm7z__2js3bqZnkY2KFff1QKFsNe17rQ4Qc1f6vH766O38yk_ZKvVfvL_xdrYcsnoE-nvA07Q_HQsYTdJyUtPPYw3UCdRNVVXNsTThri_DSBmIbMywxlkb-rVtKTvfjd43UvXc8uzwWeuJTEMTYlyiP_UFpNE79Oj0bMtza81IRM-7xYU858oIBT5Tyme89kpP6XmMo4MaZl0WNiaoFuvdRnRUo2bArCMjW1KYvbeeoiYsXgoiDQcaGBU37HN8UDAnO6Jvfk_YK1kNRFjbxBGJcD03OzIU3_qeFWHXtK96fUhRrONBLOTzYOZZh5P_ROaAVxTu6oe6zVWcS6w3ONamqTAI5WP-g7jj91lvG2AtkUBBqUxUmbndCcQCNJvOkHqh9_ouETJiwyZRdPZf4Fe30EvVnvR_1c6dLIXgUec0ckK7nMPyqINlfa6-s33zsYsjVH9qQoo-krOiJWpyQwYMo-Ry6TJkERIrX8QeINpYOl4hclfO30yzeH3aG_vyyfWV-H-NfJiznFAlQEQkK8OYpmK58bjmBh3BNtHuzQRrh6mtK6RrPmH4RUFizL0mijNFHJpySYt6aFPe1LGdaYiLaGt0tgUMgZbWsU9yXIsvMsVMhP0243v6Mp8_17m5GkTaRShr8l5gqMqXx0LOLF-oYWJsAtuR6iUIHTckDYj5LrPJ-HKw3kh8YGjf1MhvZM-RWjLJZ6VeoUYoYSra8Ko05zf_AfAgzHMfoIIRdj0-LxeKRfyAJjMch-hKf2lXGV_CTV3Jdc8P5givNvgA980Ko0FyZkmgDjZZefnEhxELt9cxC6TwqAv3sC6xFuFaE9RUzVazBvBZb7dtRA2-W_bB7i98sCc9ngafItEzAZ67YV_FSXJKwSJtwTZk2HeInUkmSgvUVIHaHP-tpDM7o5XRJkHq-2CYup0FD9hY6EvTMu26DVBWAQXts4PbUMiLHENG6XJgn7fY-ZWejmMBNE9kCE_R535StS8LVF426xTGvjSXnat-3myg5Qi-Xkn7hEisNcw-QO3rpm4CC5LI_UrlKADJkQ83CtAOroysds56ihVj28eQC7JVcOzH4DtXrGAuw5okF8ttCAp95YghUVAkHMnTfy2_I_NzmFC-1ih3DCaiLsMKAyF_ixzr6CW4dRlaeu0mloIvMDsFfaCYdTlJ6qZjUxjoo0RwMUX-RyWsaMCoW8d-6IwGA8Io_56BbXQFIWSyq-GRsLkZeUUA-9hSSaVHB0rTnybOpiGun_7WwUm7S3FiarIjsYH8iGJUydPXX8WLunYQ25U7_LVz2XB9EVIusEQQDi5Gxrad_BqWRKM_8pNc1YJ3EYQNVZpJ3TnKmzend5JTE6xPI5mFh-Gi8qdOFhmxwDmc3zDYb0XAwwNoUIOFvpVSbzMqzHnhr4Vmf0HYrklT3AaPb4VZXCcwkdZiTx_ykWIe5Y6RbGGhQlAXclwMFbEJtnJurgvvVzETaFxyrjHn6GIzH6jzFALdxAWInlaZEVcZCYYM7Csbsse7sovKnBQn37sccmFt72KwPMziTP0B59Wu6FWGV-3pM9OyUTgwmKAkJVIIn_K0IiCH1aANQsH7AyTJYkRAqIM59IfFDB4ue3r-M3RfRCG0MWnCplNqsow7MY1Sdi2S7d2eluXN0LoRg9q_fMOqNFftCSM0A3RGcuS0AIqdWoen1df4L4OiMnQF8cL2f_21PfDGJrqjjVYIxq_PdMaBGzFC7ZmtwXOXTKYsWgQzDnSlwHBMZJE46PbmV8IKcMCvgmXzJX8J0DhyQVLydeqGMBA1cbgRB0PNNnboJ29pFbVJgwjgzoFe8cRRoy28LOOXURfFSkYOz-JnmXM4IZHalpskg9m5fmtJyNGDQ7DetZ2-hnNf4979Pbpg5PHXj8OT-PTFHSgKQxH1nJBOh7SOSr48BaPuEE_TNXmsFe6BvGsZShQtwRTvURZ_KP7Sxjc0girqds0ZK5CxAx0aUbnpiByZ4Tlsy69XHhpYamo6mVTWgWlkj-6y4nChUUcNR6hhHmiEmo-fL8Pb3Jk4aVWvTmYKvIwmem1cJqFQFhqPbgCm6lB4Z_XcfusfOBXiYvHctK7N-Ro7r4pJ58xwxhfgCaN26U8fnEya8j4tWI9Z0LWA1gjaH12fP1R7uyxOVjhKWRYqhCcO8krz43aGuF24auuUo94Ynx1t8lm6bFbcsk99jLA92vV4UFAKGsBV449HT0fWckMVjW1jIYGoH1eUkSRu5mvlm3U2VKQE7VNm-4UEgAnSlmkUB11GwJcrDCw82iFPvgSYiTGdpXqhoYm5nOpgD9Oz-ZK9XmOMb8IncWB9s1QQNeX5SNus1N5q0xdRs0jHvFBhsbTBmh8kTqBvJsej5Y0KDqTvaJ14V1oWBCm6O9OcPJ3V0o719gA1FjBXJq-v0K3Mr0PTIaIr6XCwqVJCKvGJI1YwibLn2R_WDurTyZxoYeGam5GsyJOvb1rcw606IoByQDh8KHWyn7oqH9sq5977FnhJefx8eIZVd58-niFC37scdR3h4i2tWSasm_gM8IGBPVJpqb0d6-TLa-zRondL6tUQ82WQmr6s7bYXpflv4CBaPVONyyr7_mNt5EN0iMpk-5RDkocah6WFS3NxmDqm5ACuADkysXHJ0rQQPVOqwPQG3Sc5f9YAbguU2PgYtfyIeNXO_qrqcH8XahlhJUhHiveBm7D4ve9Ei3J1NCzuPJNXPaZCY8S4zOd4PSFg&cid=CAASJORomEy3H0s4J9DvrdPVmbCzEejHElMO3lYNgvxl16FqwWlhdw&rfl=1%2Chttps%253A%252F%252Fkolobok.ua%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:58:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 59
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9777
x-xss-protection: 0
server: cafe
etag: 12512753850102923420
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:58:49 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/ Frame E975 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220420/r20110914/elements/html/omrhp.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:55:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 247
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 08 May 2022 07:55:41 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame E975 0
64 B 85ms
85ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuI64aHRGxv1uyfyeR1nQHsXQ4gXAl1FSW8G6qmjVtxLa5YxucPZoVEjAhEOsjNExl5GLFZ0pEMqwgZLr2NJ99v18dIGWdA3lEPgo4NwGo_lfJkJw83YjKd5IqPCWK-W6kQpaMZWaQ_3GuB7HLdIsaUIHIen2BE9SvCseaj3IMxxchFM6sA7dTwmZQBZHLpy9ar5Jg3XyKj2U9fc9xLNx0pMxnEDAPwAtKUG2Fg4vluXVmkXDB5fBtWWKBTWlCjISjU2jXaVn-lfYAez6fjwsXISm0P-wOIcdDAfxK6vqsoNemHkRLl18oNmhTDg4vDAGsdrWAv6kivEpJIfVXBcxkbQW6N3GS-GLYAPv5uiBHNKLGBPVlkJ5-t82A41UlGafZYbIKwDVGdIKAr2ZwwsOd1Y1JNEakddT-DtuUwqWH6_ZEYFZP0iCRFpH7vkphxUelmTNZsKL7Hk2Dni-nyxxyxQTnJQJ77T2_6HLmelnMt95YTQ9T4lo_nYfG8lbo3v1bYfN0PJKP7rw4oNZcUMNt2L5Ena5gMo05mb7c7qfdS3a1hbVqLdjsHVczcwO4IO74PgFggPrb8e8n_fH1z0PR9Y_-GE4yXymZYnUDmXF4LayGQrilh-EsbPRskW4LVRhbrezT_H0Kz86Rr_mlZSh7obRppKfAmXGglveRNlNvH2SYLpF95ilsR7wOpBlGnSy2iDo0Zx0ewyz6Fd3U_WIj1DfS-5ctjP7R9OVg0XfUDOLb91k9HfN4Yz94WLYnN3IIMJDA11DN7PjvOW8NWE4Rcdl0k6QxDGjXq14CH-KBNExsFAuCEq2VrTvUMmBK-NIkEEjmD5yh5DLypMs70frOmm1lnazJuElsfl-19MKP5wBMT_VHYxqpWi3RrvrLIES4xQB58AjHSS2ZYMvtl-VmMo7tTOR4mTmVg2y-zKLgSHGPlxURTIUb6uKsmaB8ByPDnDZb50PFW8STXtFXA1_Ls6fWG392Kj2AfByc7aABOjTTmTAcbi-hfPzYMAKjtBZW7E4X-TEHVgmZABEPgoF1taAzJW2p7189mv9zcJ2THCxqdAzIlNjb3-eOj7JeWDwxG_vARuHo4Qalf2LOj3Jed25Ud4fIemNR1z6u3hMCn-HLHpy5UpmFITjhxgwXnQe_BtAoJpP05dLBB2Oz1vT1iE1VLKWtnBP2EjW7j8fTcb0eKbSalslbrpbpL_egIxHSdFogaonTM3MVnpFTYw1ZjXXtz-sqQR3UHIjZH16C95zUD1D0pMix5d3Crgi0TwaVxJEEkDtzhqmsK65v5pJh7LUtM96MbjY-3-mXi6A&sai=AMfl-YRPstRcI0W4MHlDDthpcG3Wtvm-9uP3t2iSLP10Bm89THOzv36Zn-U4Su0xz8RkbOxkZmugShH8UIeTgpXiga35kqWz-8sK9ifu80EphpKiD41N6vImVsqX8pnHwLxYEI-y74HUKvpp66RltEtEylFJYlT0x52eaHSAlUTKw6X11K8Wn_ZLxiTirMp54afbgymwXoW4kNWlAgWJfjHaX2wU&sig=Cg0ArKJSzCFeBTrpnk7PEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220420.26294&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Sun, 24 Apr 2022 07:59:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame E975 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 20 Apr 2022 15:03:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 320205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 20 Apr 2023 15:03:03 GMT

GET
H3 200 318586291823275941
s0.2mdn.net/simgad/ Frame E975 136 KB
136 KB 124ms
42ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/318586291823275941

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5d419e15c28041f6cd710c385a45ffbf274e6980a668349e9584b1a8ce09e72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 11:54:49 GMT
x-content-type-options: nosniff
age: 417899
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139648
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 11:43:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 19 Apr 2023 11:54:49 GMT

GET
H/1.1

200
OK

impression_pixel
t.myvisualiq.net/ul_cb/ Frame E975
Redirect Chain

https://t.myvisualiq.net/impression_pixel?r=401349745&et=i&ago=212&ao=795&aca=27459952&si=6033200&ci=168420707&pi=332048446&ad=524088361&advt=4662460&chnl=-7&vndr=115&sz=8913&u=16626492143|27478160...
https://t.myvisualiq.net/ul_cb/impression_pixel?r=401349745&et=i&ago=212&ao=795&aca=27459952&si=6033200&ci=168420707&pi=332048446&ad=524088361&advt=4662460&chnl=-7&vndr=115&sz=8913&u=16626492143|27...

43 B
573 B

41ms
41ms

Image
image/gif

52.59.143.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.myvisualiq.net/ul_cb/impression_pixel?r=401349745&et=i&ago=212&ao=795&aca=27459952&si=6033200&ci=168420707&pi=332048446&ad=524088361&advt=4662460&chnl=-7&vndr=115&sz=8913&u=16626492143|27478160|ABAjH0hcX9TYWVTdUxPGofVIzQV2&pt=i
Requested by: Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 52.59.143.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-59-143-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 24 Apr 2022 07:59:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://t.myvisualiq.net/ul_cb/impression_pixel?r=401349745&et=i&ago=212&ao=795&aca=27459952&si=6033200&ci=168420707&pi=332048446&ad=524088361&advt=4662460&chnl=-7&vndr=115&sz=8913&u=16626492143|27478160|ABAjH0hcX9TYWVTdUxPGofVIzQV2&pt=i
Date: Sun, 24 Apr 2022 07:59:48 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
DATA 200
OK truncated
/ Frame 7A86 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e7f3a97ce93fc97f75fc6d75428d11d5cabbf483fb19cd5e17c828429bdb746

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame D005 29 KB
29 KB 204ms
99ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTf_Mz6PGAofXQsRwg4F_FdXYzctVKL8Xjvmiuj6w3LYhqlrV8DxgzHRMz6vA&usqp=CAI

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cbf1f6419deb3763e207fa001eb2e046b9cda79b5393cd9717ea543fdf0b5f37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 06:38:45 GMT
x-content-type-options: nosniff
age: 4863
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29782
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 01:38:56 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 24 Apr 2023 06:38:45 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame D005 24 KB
25 KB 145ms
40ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQgmAycPR3uhNMkxOsf4gNW7QRKZCRPozZnKiBfsqAapkgeRxyvrb0_-K42hQ&usqp=CAI

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84c70fda0de3acf1dd3cbb40cd681a568bc55d3b9ad011c6985f797161c2e1d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:57:02 GMT
x-content-type-options: nosniff
age: 154966
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24819
x-xss-protection: 0
last-modified: Fri, 22 Apr 2022 02:15:23 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Apr 2023 12:57:02 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame D005 16 KB
16 KB 145ms
41ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQKuR1zcitc4T3QtrsqVDH81-w5tAIfJ9v0m1mL-JQr4MIuKdozcYrP15QhHVw&usqp=CAI

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca43b01bb909b19624a58b15390d9c5375bfdd3d44c8d7e8a4e88e9cd56ddc69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:12:41 GMT
x-content-type-options: nosniff
age: 485227
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16254
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 02:05:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 18 Apr 2023 17:12:41 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D005 17 KB
17 KB 149ms
48ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTZCqjHPyWkmMjJlmWohiKgIx-OCftjtOgHPtXi3fT5z-DB8p0KwY0FvcM5B3I&usqp=CAI

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd3a59ddafea07c272b9139960169bf8ea43af970c51875d842147113cf51aef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 12:51:09 GMT
x-content-type-options: nosniff
age: 155319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17462
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 02:50:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Apr 2023 12:51:09 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame D005 35 KB
35 KB 147ms
42ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSjzsR9lECrIi0H0LpHNm1jG-l_kR5nefaENBTj5t6D4tWaxJ3sgTmgjbrHpA&usqp=CAI

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd513f04af7ecabf8af5ad35a411480827f04b46b12f15878f52891341042b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 23 Apr 2022 03:27:35 GMT
x-content-type-options: nosniff
age: 102733
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35684
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 01:06:45 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sun, 23 Apr 2023 03:27:35 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame D005 29 KB
29 KB 156ms
53ms Image
image/jpeg 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQtWwUNDzsDcmJb1JtSMeJ47Y5Z7woVW88WDaRtnL0eeiW32BY0brlg7go28XQ&usqp=CAI

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ae41d42a4f2bdc4776697aa34050d8cb63d78149ca8691c209ecb76dc3867ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 17:24:51 GMT
x-content-type-options: nosniff
age: 138897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29870
x-xss-protection: 0
last-modified: Fri, 08 Apr 2022 01:42:46 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Apr 2023 17:24:51 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame D005 12 KB
13 KB 141ms
40ms Image
image/png 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTKXa7QvhgllP9cVtvVi1xO2IjErbN6Rrfg7TmE-8BG3GW8qYU&usqp=CAI

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1206b19f62d91c2402b59fa14e6e18107046d2b613700899687d8040ad0d2fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 10:43:17 GMT
x-content-type-options: nosniff
age: 162991
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12446
x-xss-protection: 0
last-modified: Thu, 13 Dec 2018 16:51:17 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 22 Apr 2023 10:43:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 03C7 0
9 B 41ms
40ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?OeMjBg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0625 42 B
64 B 75ms
75ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssOVOvxSZswvbPMe9THmX3xvzTc1JZR3km3S6xEKUCilq69C-JlAWIPImJCvFViscuE3j1sTsuExXfvZDg85Lk9fiaXmDcfTGCB7qo6myXYKtDxQxzNJw&sai=AMfl-YRpNTYOhEf66zGB87xFrd6hLNwjcO6vvbb77RDHI92-iqyJl5yYfn1OQTvA7YImrwJmnl0RbSvhz_Yf&sig=Cg0ArKJSzGQpSvrrOgo3EAE&id=lidar2&mcvt=1018&p=0,0,600,300&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2236407440&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650787186520&rpt=1290&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7A86 0
26 B 159ms
76ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 07:59:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 dpixel
cms.quantserve.com/ Frame C572 35 B
363 B 43ms
41ms Image
image/gif 2620:116:800d:21:fcb8:22d2:d390:5f1b
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHF88oCB7y2wBUKVQp2Do1M&google_cver=1&google_push=AYg5qPLBVWXw5DqJnWtcuyNEVQBqDkXmQjM7tC_9rKYPFyqVX8EChShlST2687OyjUX7togrEViery4PB4XtjtV6TVSycABBmuxjVA

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:fcb8:22d2:d390:5f1b , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame C572
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEFoYyR6yBL6ILDxkhAhxGTo&google_cver=1&google_push=AYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotd...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFoYyR6yBL6ILDxkhAhxGTo&google_cver=1&google_push=AYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCo...

43 B
415 B

206ms
206ms

Image
image/gif

2606:4700:4400::6812:230b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFoYyR6yBL6ILDxkhAhxGTo&google_cver=1&google_push=AYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotdQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotdQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700:4400::6812:230b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 700d4d3c8e360221-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 96
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 700d4d3b2c5c0221-ZRH
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEFoYyR6yBL6ILDxkhAhxGTo&google_cver=1&google_push=AYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotdQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPIvIfGNTbFEYLvBciO0Y24do4mK1PXdun2kX4UFgtFFra8IciQ-QS7gQoyiPXWkpS4DWQ49RzNIUEH_sGB_fXcm1ACDBCotdQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C572
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHBY2oGVZsx5zOn5RqG37MU&google_push=AYg5qPLOiWf4tH33Va76WOf2Dy1AMdqZkYwfbEHqsAfY8jaoJnKW7vr50x...

170 B
188 B

52ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHBY2oGVZsx5zOn5RqG37MU&google_push=AYg5qPLOiWf4tH33Va76WOf2Dy1AMdqZkYwfbEHqsAfY8jaoJnKW7vr50xsvam1q4e1l-3WBDlDP2icYslx8ILFizCmLi4KWPDhW7A

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1650787189.966052,VS0,VE78
x-served-by: cache-lcy19282-LCY
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEHBY2oGVZsx5zOn5RqG37MU&google_push=AYg5qPLOiWf4tH33Va76WOf2Dy1AMdqZkYwfbEHqsAfY8jaoJnKW7vr50xsvam1q4e1l-3WBDlDP2icYslx8ILFizCmLi4KWPDhW7A
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame C572 14 B
14 B 519ms
117ms Image
text/plain 3.214.20.70
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEKi24ucPgC9a_MUgDmSnMwE&google_cver=1&google_push=AYg5qPLkqjavKlsjtZSQsaynhsQN7iMGptnbDe1bBAv9yYMtKIwn4gI7KBX-HMhkNEraWY2YiqkJKvWvUDSlRCHVU4z-y94FxcNvWA
Requested by: Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.214.20.70 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-214-20-70.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H2 200 dds
rtb.openx.net/sync/ Frame C572 43 B
135 B 99ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGraFL2g-hMYk8f-AHlK4ko&google_cver=1&google_push=AYg5qPKxID8HO92p6gwfVxlq3zw3gOVJKYPJ8GorEqvlxapZ5fx4dDZHDEgrMer5VVwpoHlfzfNQ8U50-ALHJ6e0XUDz6U1q9Nda
Requested by: Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 5tou4unorkl2qn7rdn2s0ph36sir49jn

GET
H3 200 dot.gif
s0.2mdn.net/ Frame C572 43 B
65 B 133ms
132ms Image
image/gif 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESELVlrhrkrbU1KNVkTeoox2U&google_cver=1&google_push=AYg5qPJ7Sq-xX-uL1joGK8M5k3Mx2tKUnJ1W2vELqFgP74toGMw6-rDR7PKpE-GJqoFKviOumGlGKGWedXyGI_W8T_o3GEySTP4pwKY

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 25 Apr 2022 07:59:48 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame C572 0
12 B 50ms
50ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQBMX13IQINQOaQ8TF7pHWPPLogYvDLZQ9MwrTvXSFxet03xnfEmgsvhQC9FUKShE

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F241 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 7564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 25 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 118C 1 KB
749 B 40ms
40ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 7564
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 24 Apr 2022 05:53:44 GMT
etag: 48472445140208031
expires: Mon, 25 Apr 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D0EE 22 KB
8 KB 42ms
40ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 257519
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 08:27:49 GMT
expires: Fri, 21 Apr 2023 08:27:49 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E975 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d9593ece624216cf8957d0e1cc9df0e9fe0c12cc819a9b41bbe56686a86303f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D005 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3e34bfff79e95cc96928baa3fe86bc77b044f2b4707be2c0251d70ba097faec

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame D005 20 KB
20 KB 42ms
41ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 19 Apr 2022 22:12:48 GMT
x-content-type-options: nosniff
age: 380820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 19 Apr 2023 22:12:48 GMT

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame 01B5 35 KB
13 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:20:32 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0625 0
54 B 676ms
371ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l2d02hzm&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&dm=13000&event_name=first_play&asset_bytes=121795&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=11&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l2d02ibq
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame F241 70 B
265 B 125ms
41ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESED1wZKaAyDvHp5juYvpd8mE&google_cver=1&google_push=AYg5qPK0U-UXCXETzeI7fVQ3zTRtl2hCdRo50KkeAzAwQ9gRHJqgx7X4QSGMGg0GWCXhVwu4vpzxZiR1iIXRnpByzJ7YWsH3kUMm_Q
Requested by: Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F241
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAGdqHe1hrdAwd3VjNVnnDI&google_cver=1&google_push=AYg5qPIScWgoGyNIMA3sD2iPV0HKICF6IRMO3r8ih5vvf5pFrtgwQiawiUu0P2JxUjnQR5DVtr1vbzHtgrd0EC...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5MDA3Njk4OTQxMTc1MjA3OA%3D%3D&google_push=AYg5qPIScWgoGyNIMA3sD2iPV0HKICF6IRMO3r8ih5vvf5pFrtgwQiawiUu0P2JxUjnQR5DVtr1vbzHtgrd0ECJAvw...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5MDA3Njk4OTQxMTc1MjA3OA%3D%3D&google_push=AYg5qPIScWgoGyNIMA3sD2iPV0HKICF6IRMO3r8ih5vvf5pFrtgwQiawiUu0P2JxUjnQR5DVtr1vbzHtgrd0ECJAvwQOlrxc7ecJvg

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzA5MDA3Njk4OTQxMTc1MjA3OA%3D%3D&google_push=AYg5qPIScWgoGyNIMA3sD2iPV0HKICF6IRMO3r8ih5vvf5pFrtgwQiawiUu0P2JxUjnQR5DVtr1vbzHtgrd0ECJAvwQOlrxc7ecJvg
Date: Sun, 24 Apr 2022 07:59:49 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 dds
rtb.openx.net/sync/ Frame F241 43 B
134 B 40ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGraFL2g-hMYk8f-AHlK4ko&google_cver=1&google_push=AYg5qPIX4dl_EgzMio5ceYztZ4aswtH1kZNYKOZojHObLvxbrIjP2KR-YeP-WFcOuJoM52yPEEkBOP8uw92VmVv5CZmYM2WwFSriXg
Requested by: Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: nonlthgdl4fnr8otod2l6dbdpmmggsrj

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F241
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHNVJnsv9V1UyayyZMTfbOs&google_cver=1&google_push=AYg5qPJFG9rzvWcWGA8YLnSJY_gKdDUJyXuugS-uDrVkHlwZvCng6ADLvfNFiFczI9_MdBFvonO...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJEMDJKNTEtTy01Njk0&google_push=AYg5qPJFG9rzvWcWGA8YLnSJY_gKdDUJyXuugS-uDrVkHlwZvCng6ADLvfNFiFczI9_MdBFvonOEMYIsl65OY3CRibHV4eRzeTXJxA

170 B
188 B

63ms
62ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJEMDJKNTEtTy01Njk0&google_push=AYg5qPJFG9rzvWcWGA8YLnSJY_gKdDUJyXuugS-uDrVkHlwZvCng6ADLvfNFiFczI9_MdBFvonOEMYIsl65OY3CRibHV4eRzeTXJxA

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJEMDJKNTEtTy01Njk0&google_push=AYg5qPJFG9rzvWcWGA8YLnSJY_gKdDUJyXuugS-uDrVkHlwZvCng6ADLvfNFiFczI9_MdBFvonOEMYIsl65OY3CRibHV4eRzeTXJxA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Expires: 0

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame F241 0
478 B 148ms
34ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAYg5qPLlPjeIkQVm0v7-Y614oeLNbou2gJFLmm7JYxDHP9KWwtGICZ1DXG6P1HkaMlt-yLJPU1tFKWHTpX7k3XwKlkVfUV2dt0qHHw%26google_hm%3D%5BUID%5D&google_gid=CAESEGgy6jpmFsGTKaz-ZUWKIdk&google_cver=1

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 24 Apr 2022 07:59:49 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F241
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDcb7Whv6DDwtdAvpBG-UPs&google_cver=1&google_push=AYg5qPI-w6tt6dK9DvYqyJmPzJlSe6UPCtdm3HUSlMeAJgZNEPT3aAJh41spSvB0atq8rNBCF_wWfrMMKx673hw46...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDcb7Whv6DDwtdAvpBG-UPs&google_cver=1&google_push=AYg5qPI-w6tt6dK9DvYqyJmPzJlSe6UPCtdm3HUSlMeAJgZNEPT3aAJh41spSvB0atq8rNBCF_wWfrMMKx673hw46...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI-w6tt6dK9DvYqyJmPzJlSe6UPCtdm3HUSlMeAJgZNEPT3aAJh41spSvB0atq8rNBCF_wWfrMMKx673hw46A3sCU9Qn5VGCw&google_hm=4031284446f90d4fef11...

170 B
188 B

52ms
52ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI-w6tt6dK9DvYqyJmPzJlSe6UPCtdm3HUSlMeAJgZNEPT3aAJh41spSvB0atq8rNBCF_wWfrMMKx673hw46A3sCU9Qn5VGCw&google_hm=4031284446f90d4fef117bb9

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 24 Apr 2022 07:59:49 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AYg5qPI-w6tt6dK9DvYqyJmPzJlSe6UPCtdm3HUSlMeAJgZNEPT3aAJh41spSvB0atq8rNBCF_wWfrMMKx673hw46A3sCU9Qn5VGCw&google_hm=4031284446f90d4fef117bb9
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F241
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFvbUwkjbQ-J3dgjUrE9zBs&google_cver=1&google_push=AYg5qPJtqM6wKnoUWmNiM4NGwmC3ywtT_TYiVTx8cebo0gNXghfPyPDDcDamEMaI1OVRBzNU1oUIYHmjleB-QdD63KgPPnSbsZ...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AYg5qPJtqM6wKnoUWmNiM4NGwmC3ywtT_TYiVTx8cebo0gNXghfPyPDDcDamEMaI1OVRBzNU1oUIYHmjleB-QdD63KgPPnSbsZU...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE1MDY3NjI2Mjc3MzE1NDIzNTgw&google_push=AYg5qPJtqM6wKnoUWmNiM4NGwmC3ywtT_TYiVTx8cebo0gNXghfPyPDDcDamEMaI...

170 B
188 B

52ms
52ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE1MDY3NjI2Mjc3MzE1NDIzNTgw&google_push=AYg5qPJtqM6wKnoUWmNiM4NGwmC3ywtT_TYiVTx8cebo0gNXghfPyPDDcDamEMaI1OVRBzNU1oUIYHmjleB-QdD63KgPPnSbsZUHNw

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=ODE1MDY3NjI2Mjc3MzE1NDIzNTgw&google_push=AYg5qPJtqM6wKnoUWmNiM4NGwmC3ywtT_TYiVTx8cebo0gNXghfPyPDDcDamEMaI1OVRBzNU1oUIYHmjleB-QdD63KgPPnSbsZUHNw
date: Sun, 24 Apr 2022 07:59:49 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F241 0
12 B 52ms
49ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWze6QcG4vbff9h57wuEwG7VFjnXsWCy5ajL5n4ZIZ6U7JzoHMYgKBumy3Ok0HCp65GG42

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 118C
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHF88oCB7y2wBUKVQp2Do1M&google_cver=1&google_push=AYg5qPJFJCqWv7z024I12IplmZhkalVFGwWaIKJDiAe2nlzzigOmQkEVPR...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJFJCqWv7z024I12IplmZhkalVFGwWaIKJDiAe2nlzzigOmQkEVPR5EJHYm33kTXELOTX2Cq9eCdofdyg5rQJ5LQiK3Jdvmwg&google_hm=nC_U0OwONe...

170 B
188 B

52ms
52ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJFJCqWv7z024I12IplmZhkalVFGwWaIKJDiAe2nlzzigOmQkEVPR5EJHYm33kTXELOTX2Cq9eCdofdyg5rQJ5LQiK3Jdvmwg&google_hm=nC_U0OwONetv5F0HAG-Leg

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AYg5qPJFJCqWv7z024I12IplmZhkalVFGwWaIKJDiAe2nlzzigOmQkEVPR5EJHYm33kTXELOTX2Cq9eCdofdyg5rQJ5LQiK3Jdvmwg&google_hm=nC_U0OwONetv5F0HAG-Leg
pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 118C
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIUHAeJmpNk6xEeENW_AuzrIHZBDq0LjHfNb1a...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1VRGRRQUFCRzF2Q2xuYg&google_push=AYg5qPIUHAeJmpNk6xEeENW_AuzrIHZBDq0LjHfNb1aDC7YyT-9k7gs5geOHaoL_91VYdoGN98dloi5I0tQmooEh8g3edfenk2...

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1VRGRRQUFCRzF2Q2xuYg&google_push=AYg5qPIUHAeJmpNk6xEeENW_AuzrIHZBDq0LjHfNb1aDC7YyT-9k7gs5geOHaoL_91VYdoGN98dloi5I0tQmooEh8g3edfenk20D_Q

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1VRGRRQUFCRzF2Q2xuYg&google_push=AYg5qPIUHAeJmpNk6xEeENW_AuzrIHZBDq0LjHfNb1aDC7YyT-9k7gs5geOHaoL_91VYdoGN98dloi5I0tQmooEh8g3edfenk20D_Q
Date: Sun, 24 Apr 2022 07:59:49 GMT
Server: Apache
Connection: keep-alive
Content-Length: 393
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 dds
rtb.openx.net/sync/ Frame 118C 43 B
351 B 35ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEGraFL2g-hMYk8f-AHlK4ko&google_cver=1&google_push=AYg5qPJj1b5-oW7U5XjgQx4kKrm7fiskCKwJ1Sb0hzWGsxAr3ZRhWmq8THkBap9enzMh9q1bztHUW2d7CdA1LC82tCYhfKkYs8seBg
Requested by: Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:48 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 24l7fk544bcuuaieag42u027ptqhj83j

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 118C
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3j25UGdWTnyhOPfpFhjBsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

53ms
52ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3j25UGdWTnyhOPfpFhjBsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUr0Jmt_AaHxOdxcdjI92pwx8-AxiSKOqth3f1Evb3xkLsS8h5AqcL2PEs4RSFsWfMvpTwYBaEAKyFC926c0UoBl-jwV1gwQ

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=3j25UGdWTnyhOPfpFhjBsA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKUr0Jmt_AaHxOdxcdjI92pwx8-AxiSKOqth3f1Evb3xkLsS8h5AqcL2PEs4RSFsWfMvpTwYBaEAKyFC926c0UoBl-jwV1gwQ
date: Sun, 24 Apr 2022 07:59:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 118C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEHNVJnsv9V1UyayyZMTfbOs&google_cver=1&google_push=AYg5qPJTCK1mWyO9XvJHxvG4DrMnXu6aEPUnvMpF3kTFWHLY7tQAPm3C5dhUn2xQdwQiR05vHoB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJEMDJKNTQtMTQtRzRRTw==&google_push=AYg5qPJTCK1mWyO9XvJHxvG4DrMnXu6aEPUnvMpF3kTFWHLY7tQAPm3C5dhUn2xQdwQiR05vHoBpwFusLuHdf569waSij3DY6oSFkw

170 B
188 B

55ms
54ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJEMDJKNTQtMTQtRzRRTw==&google_push=AYg5qPJTCK1mWyO9XvJHxvG4DrMnXu6aEPUnvMpF3kTFWHLY7tQAPm3C5dhUn2xQdwQiR05vHoBpwFusLuHdf569waSij3DY6oSFkw

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDJEMDJKNTQtMTQtRzRRTw==&google_push=AYg5qPJTCK1mWyO9XvJHxvG4DrMnXu6aEPUnvMpF3kTFWHLY7tQAPm3C5dhUn2xQdwQiR05vHoBpwFusLuHdf569waSij3DY6oSFkw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 118C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6o...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame 118C 43 B
297 B 185ms
36ms Image
image/gif 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMUlbBVKUz0h5lYDRZQBSx0&google_cver=1&google_push=AYg5qPIsCf_STw7562quSh3oHqR4rWFNC6yOjdA9iWvZuEoHZkljg3RWN3fd0k_Jxv0VR5pmk0WDN6wc62gx1DUxUwcZFlMrG1CWbw
Requested by: Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 118C 0
12 B 51ms
50ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IriW60QlxdsOHgJvgpLHZVdDlKe0vOl8EwvtBqnMt7FwJQrIHTl6vn7eMWpbGtvszdwdbk

Requested by

Host: 8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
URL: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 07:59:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js Show response
pagead2.googlesyndication.com/bg/ Frame D0EE 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/LE6A1jkwhzHIveaC2PWdXlafu4EKGxRoxiYl273qJjE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 06:20:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 178756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13647
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 06:20:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 45E4 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuZQy7vG2gbib9jrmQuk6o3iYPvrAsZLaa-MhkZPoBHv695JGZFDWUWT5dyQqR95NPkFTjWXnElauoLRc98AKku6ndik3N4A2fGvNfExdqK-6Ge1O1ITA&sai=AMfl-YR0WGvjWeueSyGsRWsjVbGVhS-26qRfbJPbj-5nCfzA5xd1LvsumXwgNiG5UrCETiLHc9ft2MuT3bsK&sig=Cg0ArKJSzB5BbdvqD-JjEAE&id=lidar2&mcvt=1000&p=0,0,180,960&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3824879818&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650787186508&rpt=1473&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame E975 0
26 B 77ms
76ms Ping
image/gif 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 24 Apr 2022 07:59:49 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js Show response
pagead2.googlesyndication.com/bg/ Frame A002 35 KB
13 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/d_XgMe7_8DX3JscHlpumBxzOcHqlAtWKp75Cu0r3_I4.js

Requested by

Host: kolobok.ua
URL: https://kolobok.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 23:14:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117893
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 23:14:56 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 01B5 0
20 B 77ms
77ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BcGTbdANlYtnsH7uQjuwPmaaOmA8AAAAAOAHgBAI&bg=!4uGl4aXNAAYXWUUuN1k7ACkAdvg8WjVZnuQYK4hirvwsC2ajC08RPCseFsW9mVQ-TAhYGau6Q948EQIAAACMUgAAAAdoAQeZAvDh6GAGTdyTJGaCsASKhp97lZjhvpYgMEhcBXHUybsS2WrnTBUV_rZ7L0ZRKH_PPAytgV89cyL0bejp1uYpFANO_YYKWYK-KUy6HiHGQJORBca5m8d9t7dxNUNtzrfuJTsGtaeEALXPnbrMCmZk4fkrlQI20nurmmo_tDOqj_1SDTY8j0d8-kSci_WjSNYaAhHpBhz6KNw5TUrG9uU5vUtuYm-NU3mvfkp8NaNwkriU8rSXkwwX92XO0FOrCfgAfyr9eIqckyJz5A0A6T6aToU1UBnb--dpu2viTRytL82m9H-B-H3df364w307TRj04gMpCI4P7_rJMU7_MB4r3KmtvForYmwM5HdcG2wmlZUUQMeRA9shpBPteXzp_m7441UHxyfhi5lJPdHXA-jW8G6xO7QEX0v-juXiCeSDayInHaVSuJJNIJy-Ay65RimXJaOn78knh0ZnlECIg7n872P3qbxjFeznCZQqmkVdyccApG4FQC8pkjiDeOuFvZPAtIKcCeW0N-S0pSPFuTU9_eBQmcorPSxJqsVAZfM3gWt4Wu01-pG4vnNnHjWSHnsPYwJ3y7_HrXbw7ZH6pahHRIl7AUXvFlyB-V3Rausu2jCqxoVRGTGz5hRejl0Xrk42foL5xKT4uMas1ZQhnnNwQuLBNzT7cBD82OpWpRVobaMe_CGjlAKSK9NpSy-8F4RPzf6CHWVaDIu6eYyxRj1N_jcwzObdT4tMj6Yb1YQS8SDVr5ux4Bb-ZBEKL3Ud7oF6uOLuT8YxlhDJ4d2j4hGGN-iPA1uN-T1e67L6Uy7kwExhnryn-oGFPTJPeN3gwcO4SKBlk8x96v7AyIjoNy0ddCRMGvbpGQvEEunaSOCa3irhye0Pv9XvHTr_fVtfVWA6dic1OCnXymT8lZfvWnMi8FlJaGioGmVguuXcNHLqYlAHNKlOMXH0hbTi1br9fj1umnUjpwJ6JsJgll5EkmcTAakXX8F9xPN6-3q46a9LRE1wLg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D0EE 0
20 B 79ms
78ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkNu5dANlYoX2J_-FjuwPvfm8oAQAAAAAOAHgBAI&bg=!8fKl8rbNAAYXWUUuN1k7ACkAdvg8WhfBoLPxD4ZEZZbXndskGxqNNk-dxh16AbCrB2n5uJrF3_sYSQIAAACuUgAAAAJoAQcKAIpOVxW6nviu-M2XRIF-wXPdkRrVMQbbDoMz0kJIzO4Hx5ncjKPLiClCOsWmm9ZC3fbX8-r4kzwPzqNwhDzjx1BjOqWhZXMx_jzdrkzfu3UTd4x54BQ1G4cJYz0cKOYShxhF_msNG7IJ4DOhH1fBrvOHaTWqrvPcIPIR4TL-HfNoq9XEGu0VqIIBAdOZAvL3Jvib4vMt6NMHf8AkPUgwqVpuzjBlw49Vmr5cf7qJJcxpkei34bf2ceInzyLkAHwFfPUIUD2BV-FnCg7o9YUa9uuCr3Jnc1_gkQFCdnz4wfggro8g2zNeHp0H4r36-YfwBt9EDppmn_BgGlqwuShUmPNvjC6SxlWBQlGcvEp3ps6Jc5LIayZR5Extwi2zBbGM3bR9hkNbMoZG-odGj8AyGnfSi8PsSDy9Jv0dwbOiOpkWf4sOZfvBVF9xIN9BLWt3sekVRV99ZNAmibjIWoabjNFRnSG2SmrMxJdty92zecW2n9TmaLON4yTbNZivFV4UeAj--DO8aCAu_CiU5fSeuF8_za9473WYSLBirDKFhgva--ZvGqazlQAe0j7Rs9mnQ8bqbY9wpBvPYfjVPNMf-awnfKvRzQzxf7UWxYNgrgavXP6Q-AoKyOrIfJgxWoXtZP3R2nCgyqTYPo0RAdNG4iWPQUXd6YTG6dn6eY68_JdkZatVQWYSKeaRVJ_WqDuFGUrVtHb99grlsxRNc1Vw0AkAmD0VSlRmlrjPvhak11tnDxe5YcoOly68wEkttdASHpoz0zYnAWNwqcww-UD7cOeuVPNQQVZsgkhwNLHd-yRYL7cWtLAWxvkg3zSs0XOYqSgedqtQv9m4y-be-_qonTUgbz69QQSTiGpwINbKhj3TJl42jGm5rA5Ax8J3Xs4VVOu02DWLrCFqLL_m1H7V26IymsbpxDAfWAIIRk8GernVjZHXKv-S6b8H2ZJo1Y2hhsXqqvPud1pJAlIM8_2SYtKiqx2c2qQE4g5yKGipqUlkeUQHjYGRO5VJDx8SkCdoqxn_AI3_TQN4_8uIUT3KdhvEkJZzwl8Uxa73n0isZImGEKOq3lKk58dpYQyFyU7-jARim9zav3vcmxIj_4jl14kO460d-xyJ0GZM2sOloxj09dlwoaeFpPDroj2IQHYOQkHckBpUcGhhbVbYhMvxBtU1bQlj_yOelW_wv4bXQVYE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ev_view.aspx
inv-nets.admixer.net/ 43 B
300 B 104ms
103ms Image
image/gif 204.62.13.72
NATCOWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

204.62.13.72 Clifton, United States, ASN46636 (NATCOWEB, US),

Reverse DNS

Software

nginx /

Resource Hash

281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 24 Apr 2022 07:59:49 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Keep-Alive: timeout=25
Content-Length: 43
X-Xss-Protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 93ms
93ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220420&jk=3775603991270847&bg=!5uWl5aHNAAYXWUUuN1k7ACkAdvg8WjWhlWnVNNHH5BJ6d-RRs6KDT_SyWSaYYA_gSdP0MVbkvC37GgIAAAEFUgAAAAdoAQcKACGdysRvK_21gNfYECTEfleF4tbeJAPgdUTWVJubF00L-qWZAqXc6RdgjduebJwQvDmAmdZuH1tWtt_OSzhHocu1RxjCRg5nsPyquPe4N1FDmUbdawxqMFey_yLbN1QTOg5DF0a7fuL2eKKaTJJjQzjjIH4R-J2OvYKOiCGiS7pXbXXYSfvuvWXJAD8OxV_KVX9byC9VINvoU6IjrTju5Hk700kblcUDA15tTYpjBryfmQfUa17N5kPuoXp2Cj9IUPGG2yrMoqaU6wIVEG7MIXNHy1FdEjgibjdaKWt1YbiA5LnNY4PxRxxhb2hSuPE5LMUiDdaWpqqm-jwy1zeiM5IQuYmH-J255827itvxJypv8WdWPdBVoEYYWQVZdLEneb8VGaZOe2NfHmVlM588E7VeVv3J8nmN5KpmASqmRFx_MEGlvrjYiv7d6d1Nd_nPZO0KzfbU5qcKdZ9_7Fa0jLoMEyGNIdtBfknn3NGu9s72zX3KR8SynCO-AyFBkBTGnH7CEgD_pf0ORSxZvvhn47nOq2-SqcfaNdB-I_ZelvNIFvt99ksK7V6KDIPiDOb8Y3QZhmVu-eli4PlP1UVigzq0LOH-uC2uN4pKoNysHD0hphG2e-MOXn84T_NKbvCI3Bf7gwluAXi68HwrFMK6biIIijTq7aju3G8a9JC3Rdvo1UOhbUugTalpzoYn4usaaSfX3rzHNPbx80xVDmFpUzNlfKycWb43VN0o8rgxHOLZ2kpBeFI-WCtcpwTd5FTOxJPkYynGv06Z4abgqnh_Xtako3uiMgYn3FtFizwzr5ruEoeUBJ1g5qSf8WgxneksqJqo1CciFyLlEEd44gc-j4WMZ_UVo8GMSSAa_zLcRbTrXQbux2zGwZyLmMKAUm3lDE-1lHxpexAAwNl-CG0Vv76lVphg290xQ5ewyLrZXL3oVyPYPrAuXQxaVQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7A86 42 B
64 B 81ms
81ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu3nTF0qiTiG9X8F8ux3OhvT83NCYSr1uFUkjeoApYxfL6oj1T41YP0Hw9iXBn88woUi1tezr2qsLU8cQyD3c2YWXmNgpRiP0-psR5j2IBSrzO2P6nKQg&sai=AMfl-YTwYxByC5XVxSNgUIP1y1_BsFrJOBGMrendiWQSGUeecllezA_6wiCtEcOBHuYfcRy4oJMnOPhy5moAYUbhiLBAJzd1dvJpTUnWQlG5rTmOEPbPkgPkXletLOI&sig=Cg0ArKJSzKpo1OMoHH0_EAE&cid=CAASJORo4P3pqshf5QjJCkt1LEPDSal2K4MiFsYYCrpk_i1f4oC48Q&id=lidar2&mcvt=1000&p=1055,436,1145,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3748113755&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650787188342&rpt=510&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0625 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0625 42 B
64 B 54ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6518 42 B
64 B 82ms
82ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvBkb8BvpigA2HLeV__XLh5IUuKXfLznvC5akJWgI4L1VLmRWU67Im8H0Xt9b2Y6et6XlGSgUwBhd2T79qUWw9tbFwpot4c6LlB09oUMpuMjXBA5eB9rw&sai=AMfl-YTdEDx_Ht52fE6J0P_JB-Ji4xPPqdLGKcq2L7J-ZKk5yEtvOtvJT3gLq9DtH5UnBkOVW1PqYT6zZwEtIbkNDhFd58pTzuJH43cS16y57BqvKoiT1-SlxI7Zi-8&sig=Cg0ArKJSzMs0IyoopCeHEAE&cid=CAASF-RoqNUxkF8zQhC4hmlIBtn3E2rO5jLY&id=ampim&o=310,1200&d=980,200&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=4992&tls=6110&g=51.343750953674316&h=100&tt=6110&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=1490098338

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kolobok.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0625 42 B
64 B 52ms
51ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0625 42 B
64 B 53ms
53ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 07:59:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E975 42 B
64 B 82ms
82ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss3hhQNf5gn-uMeDE1BthUf51IXVfSuBswbxWlXotl4ZNwPrIRpJWFP2NU-go7zGXdPajyuk7_upUF0q0qS_2Kk4I1uKEgkO9u4aSE4iGDBShhgF1qQ4w&sai=AMfl-YSm5Ck32CYm8dcBM1Y4byBNJams7qgxqwFdhDD1uYV3TuCPO2OyxDmVvhVvecDjk_JXRIahqk1wf-ijdjqf1ZeTuc2ky21RULnEDK1g7zseweRzrIKdTj3Ogys&sig=Cg0ArKJSzBuNIF9g4Vr0EAE&cid=CAASJORomEy3H0s4J9DvrdPVmbCzEejHElMO3lYNgvxl16FqwWlhdw&id=lidar2&mcvt=1001&p=1455,315,1545,1285&mtos=935,968,1001,1017,1050&tos=935,33,33,16,33&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=826581836&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650787188504&rpt=518&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 08:00:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0625 0
17 B 373ms
373ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~l2d02j02&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&dm=13000&met.4=5s.l2d02m3j~10s.l2d02pyi~2sbc.l2d02qqa&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F583c04eba622323b1bc7d6fda2f57e1e.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 08:00:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0625 0
17 B 375ms
375ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=7~l2d02s7t&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&dm=13000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F941aba49c4a9a4a77bd31b3f24758f2e.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 08:00:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0625 0
17 B 366ms
366ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=8~l2d02s7t&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&dm=13000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F3bde1d5944145a46a8b91d920db5ec4d.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 08:00:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0625 0
17 B 365ms
365ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=9~l2d02s7t&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&dm=13000&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fredirector.gvt1.com%252Fvideoplayback%253Fid%253D0434ac11bea8b047%2526itag%253D18%2526source%253Dweb_video_ads%2526requiressl%253Dyes%2526cmo%253Dsecure_transport%253Dyes%2526ip%253D0.0.0.0%2526ipbits%253D0%2526expire%253D1650794387%2526sparams%253Dip%252Cipbits%252Cexpire%252Cid%252Citag%252Csource%252Crequiressl%2526signature%253D152E64B64BF71E17375EBECAA4292FCC17E309DA.73CC5CE2ADDD53F18FAC7D8F5941A305A8F1B427%2526key%253Dck2&encoded_body_size=0&transfer_size=0
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 08:00:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0625 42 B
64 B 53ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 08:00:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 0625 0
17 B 368ms
368ms Ping
image/gif 2404:6800:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=a~l2d02s7u&c=6180715912341&slotId=3090357956170.5&qqid=CL-H7r6drPcCFYLq7QodGrsFcQ&dm=13000&event_name=first_pause&asset_bytes=152423&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=19&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=4&video_played_seconds=13.00&video_muted=true&video_seconds_loaded=13.00&vqdf=0&vqtf=390&vqfr=30&endedMediaDiff=-3.1750000000010914
Requested by: Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/941aba49c4a9a4a77bd31b3f24758f2e.js?tag=video_mra/web_raspberry
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2404:6800:4001:803::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 08:00:01 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
googleads.g.doubleclick.net/pagead/interaction/ Frame 0625 42 B
64 B 52ms
52ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 24 Apr 2022 08:00:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 3114497524627790778
tpc.googlesyndication.com/simgad/14645774982113863395/ Frame 0625 170 KB
170 KB 87ms
87ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14645774982113863395/3114497524627790778

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a037366310f70f825c4a067da7ba067682761060e0b9743a04c59a7d8e9b993

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 24 Apr 2022 08:00:00 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 174462
x-xss-protection: 0
last-modified: Fri, 10 Dec 2021 06:07:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 24 Apr 2023 08:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=1979561508&adk=2236407440&adf=59350530&pi=t.ma~as.1979561508&w=300&lmt=1650787186&psa=0&format=300x600&url=https%3A%2F%2Fkolobok.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650787186167&bpp=1&bdt=608&idt=349&shv=r20220420&mjsv=m202204190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C960x180&nras=1&correlator=7060697850119&frm=20&pv=1&ga_vid=1151495306.1650787186&ga_sid=1650787186&ga_hid=111218242&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=970&ady=453&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44759850%2C31064019&oid=2&pvsid=3775603991270847&pem=521&tmod=26253513&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=Lqcym4bxmv&p=https%3A//kolobok.ua&dtd=352

Domain: www.facebook.com
URL: https://www.facebook.com/v3.2/plugins/page.php?adapt_container_width=true&app_id=202832543530482&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df5d9d4ac385534%26domain%3Dkolobok.ua%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fkolobok.ua%252Ff947f185476828%26relation%3Dparent.parent&container_width=300&height=345&hide_cover=false&href=https%3A%2F%2Fwww.facebook.com%2Fkolobok.ua.group%2F&locale=uk_UA&sdk=joey&show_facepile=false&small_header=false&tabs=timeline&width=300

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=smak

Domain: exchange.informer.ua
URL: https://exchange.informer.ua/informer/stat/?s=ivona

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ

Verdicts & Comments Add Verdict or Comment

199 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

67 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kolobok.ua/	1969-12-31 23:59:59	Name: b Value: b
kolobok.ua/	1969-12-31 23:59:59	Name: Value: store.test
.kolobok.ua/	1970-01-20 20:04:19	Name: _ga Value: GA1.2.1151495306.1650787186
.kolobok.ua/	1970-01-20 02:34:33	Name: _gid Value: GA1.2.1665119369.1650787186
.kolobok.ua/	1970-01-20 02:33:07	Name: _gat Value: 1
.cdn.umh.ua/	1970-01-24 11:43:58	Name: AU Value: 925e668d6f6f8a5c
.kolobok.ua/	1970-01-20 12:01:55	Name: __gfp_64b Value: RU8cQamZ4qVph2OteN9yljHZ153fxUP2D_adZA_oPWP.17\|1650787186
kolobok.ua/	1970-01-20 12:01:55	Name: __atuvc Value: 1%7C17
kolobok.ua/	1970-01-20 02:33:08	Name: __atuvs Value: 6265037260363acf000
.hit.gemius.pl/	1970-01-20 02:43:11	Name: Gtest Value: KlGLnRXGQMGGS47XiHawoalissGMXP8c25nSGFQyNkSRXBG.
.addthis.com/	1970-01-20 12:01:55	Name: uvc Value: 1%7C17
.facebook.com/	1970-01-20 04:42:43	Name: fr Value: 0BqNG2KwohnOmL9Ri..BiZQNy...1.0.BiZQNy.
.addthis.com/	1970-01-20 12:01:55	Name: loc Value: MDAwMDBFVUdCMDAyMzE0MTc4NzA0NTAwMDBDSA==
.hit.gemius.pl/	1970-01-20 12:01:55	Name: Gdyn Value: KlSSsRMGQMGGS47XiHawoalissGMXP8c25nSGFQyNkSRFRxSG7RrGS6Gtg8BFlnMxgGPoeISD0F6Sssa
kolobok.ua/	1970-01-25 07:39:25	Name: cbtYmTName Value: 1q30v7L07PS05rK15+fn4LXj57Tn4Lfu9KvU
.admixer.net/	1970-01-20 04:42:43	Name: am-uid Value: a599687bd29940b98276add61f369c42
kolobok.ua/	1970-01-20 02:43:11	Name: am-uid Value: a599687bd29940b98276add61f369c42
loadercdn.net/	1970-01-23 18:09:07	Name: vui Value: 40469f66bf784c07824269ae4874eda4
ad.mox.tv/	1970-01-23 18:09:07	Name: moxuuid Value: 2dc386a0-9fb6-4ca3-adda-c642773ed699
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_zone_imp[4191][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_zone_imp[4191][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15425][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15425][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[4843][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[4843][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15361][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15361][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[3878][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[3878][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15418][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15418][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[4421][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[4421][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15406][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15406][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[3964][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[3964][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15453][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_imp[15453][frequencyPeriodEnd] Value: 1650873587
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[1949][count] Value: 0
ad.mox.tv/	1970-01-20 02:34:33	Name: _mwayss_camp_imp[1949][frequencyPeriodEnd] Value: 1650873587
.quantserve.com/	1970-01-20 12:03:21	Name: mc Value: 62650373-607b1-0cb5e-dd9e0
.doubleclick.net/	1970-01-20 11:54:43	Name: IDE Value: AHWqTUmMyV1QfLVfRW4L1VkHOOszsTgY6rfsE87RqEsK8WBw-1_ko4_2zqo5qSijHQs
.bidswitch.net/	1970-01-20 11:18:43	Name: tuuid Value: 2d4535db-87e2-47cf-8692-cfa7a237739c
.bidswitch.net/	1970-01-20 11:18:43	Name: c Value: 1650787187
.bidswitch.net/	1970-01-20 11:18:43	Name: tuuid_lu Value: 1650787187
.doubleclick.net/	1970-01-20 02:33:10	Name: DSID Value: NO_DATA
.kolobok.ua/	1970-01-20 11:54:43	Name: __gads Value: ID=06a3e642d69b2601:T=1650787186:S=ALNI_MZbpAvg1betjq4DKipFYl99da6qiQ
.casalemedia.com/	1970-01-20 04:42:43	Name: CMPS Value: 709
.adnxs.com/	1970-01-20 04:42:43	Name: uuid2 Value: 2113734127682255918
.quantserve.com/	1970-01-20 04:42:43	Name: d Value: EEABCQH9JYEA
.adnxs.com/	1970-01-20 04:42:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImIKNz@^!@wnfH8K6pQK`!5=E<L5?%MlfT-Ilxr`p2(=.dl^Hq3[0NJA8_f.Tk`dW%nugO%v4VB%nm::)p'F
.casalemedia.com/	1970-01-20 11:18:43	Name: CMRUM3 Value: 2d626503742760CAESEIRuSw8Pnfe6L7dH8w8JJfE
.myvisualiq.net/	1970-01-20 20:04:19	Name: tuuid Value: 1b8be1f3-ad7e-4374-882a-ed1b427156e1
.myvisualiq.net/	1970-01-20 20:04:19	Name: c Value: 1650787188
.myvisualiq.net/	1970-01-20 20:04:19	Name: tuuid_lu Value: 1650787188
.pubmatic.com/	1970-01-20 02:34:33	Name: KTPCACOOKIE Value: YES
.everesttech.net/	1970-01-20 11:18:43	Name: everest_g_v2 Value: g_surferid~YmUDdQAKx6xSmQA-
.adfarm1.adition.com/	1970-01-20 04:42:43	Name: UserID1 Value: 7090076989411752078
.3lift.com/	1970-01-20 04:42:43	Name: tluid Value: 815067626277315423580
.lijit.com/	1970-01-20 11:18:43	Name: ljt_reader Value: 4031284446f90d4fef117bb9
.pubmatic.com/	1970-01-20 04:42:43	Name: KADUSERCOOKIE Value: DE3DB950-6756-4E7C-A138-F7E91618C1B0
.casalemedia.com/	1970-01-20 11:18:43	Name: CMID Value: YmUDdJ-fGHzclxlrgJlyNAAA
.casalemedia.com/	1970-01-20 04:42:43	Name: CMPRO Value: 645
.casalemedia.com/	1970-01-20 02:34:33	Name: CMST Value: YmUDdGJlA3UA
.innovid.com/	1970-01-20 04:42:43	Name: uuid Value: 7f73a985-069d-45e8-8eb2-10a49fa93d7a-20220424 03:59:49
.tribalfusion.com/	1970-01-20 04:42:43	Name: ANON_ID Value: aKnseFxNeThBeZdwQMhEogb6EfTPO7mqQp8erv8oqNDVAb2PbykoxibZceW65cgUdnExZc5nZbMjaRSHBdVE39ov

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://kolobok.ua/(Line 1733) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n920013&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://kolobok.ua/(Line 1733) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v16945258&s16946721&t0&c1&n920013&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://h.holder.com.ua/s?ta&bholder_300x100_6255&c1&r43992134&dholder1584315929&hhttps%3A//kolobok.ua/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
network	error	URL: https://h.holder.com.ua/s?ta&bholder_300x50_6256&c1&r43992134&dholder1466079092&hhttps%3A//kolobok.ua/ Message: Failed to load resource: the server responded with a status of 400 (Bad Request)
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
javascript	warning	URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?act=catFish&background=3bb345&opacity=0.5&pzoneid=4191&height=90&width=728&tld=kolobok.ua&ctype=div Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEKi24ucPgC9a_MUgDmSnMwE&google_cver=1&google_push=AYg5qPLkqjavKlsjtZSQsaynhsQN7iMGptnbDe1bBAv9yYMtKIwn4gI7KBX-HMhkNEraWY2YiqkJKvWvUDSlRCHVU4z-y94FxcNvWA Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YmUDdJ_fGHzclxlrgJlyNAAAAoUAAAAB&google_cver=1&google_gid=CAESENd2_T8LVyTNPQwwLXAYc2o&google_push=AYg5qPItPEHiFedTh1O4uwMmNyAe1iTo00z6ocgEvuWQbAoOdWPsZ7pHA6gVMrizm9ZxMglEBlL4gApVFXjOsZM5NtD8WibTUw6jGQ Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8a61363b20ef3bb23d782557b98f761a.safeframe.googlesyndication.com
a.tribalfusion.com
ad.mox.tv
adservice.google.co.uk
adservice.google.com
ag.innovid.com
ap.lijit.com
api.phnx.click
bgstats.mox.tv
c.bigmir.net
cdn.admixer.net
cdn.ampproject.org
cdn.jsdelivr.net
cdn.syndication.twimg.com
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csi.gstatic.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
exchange.informer.ua
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.holder.com.ua
i.bigmir.net
i.holder.com.ua
ib.adnxs.com
image6.pubmatic.com
inv-nets.admixer.net
kolobok.ua
loadercdn.net
ls.hit.gemius.pl
m.addthis.com
match.adsrvr.org
maxcdn.bootstrapcdn.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.twimg.com
pixel.everesttech.net
pixel.quantserve.com
pixel.rubiconproject.com
platform.twitter.com
r1---sn-aigl6nl7.gvt1.com
redirector.gvt1.com
rtb.openx.net
s.tribalfusion.com
s.znctrack.net
s0.2mdn.net
s7.addthis.com
securepubads.g.doubleclick.net
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.adaptv.advertising.com
sync.go.sonobi.com
sync.teads.tv
syndication.twitter.com
t.myvisualiq.net
tpc.googlesyndication.com
unpkg.com
upload.wikimedia.org
us-u.openx.net
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.umh.ua
z.moatads.com
cm.g.doubleclick.net
exchange.informer.ua
googleads.g.doubleclick.net
s7.addthis.com
www.facebook.com
104.111.242.245
104.244.42.8
104.75.88.126
142.250.186.34
146.59.30.104
15.197.193.217
151.101.194.49
167.71.9.19
172.217.16.130
178.162.133.149
185.187.81.41
190.2.151.10
192.229.233.50
193.239.68.97
193.239.71.100
193.29.200.142
193.29.200.162
198.47.127.19
204.62.13.72
23.35.236.247
23.35.237.151
2404:6800:4001:803::2003
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:4400::6812:230b
2606:4700::6810:5814
2606:4700::6810:7aaf
2606:4700::6811:190e
2606:4700::6812:bcf
2620:0:862:ed1a::2:b
2620:116:800d:21:fcb8:22d2:d390:5f1b
2a00:1450:4001:80e::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::2002
2a00:1450:4001:813::200e
2a00:1450:4001:827::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2006
2a00:1450:4001:831::2002
2a00:1450:4009:12::6
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a03:90c0:41:2801::254
2a05:d01c:1d8:8101:7625:bb22:a4a3:e7e2
3.214.20.70
34.98.67.61
35.186.253.211
35.211.178.172
35.244.159.8
37.252.172.45
52.18.148.209
52.59.143.230
54.37.238.28
69.173.144.165
72.251.249.13
76.223.111.18
78.159.118.240
85.114.159.118
91.198.36.26
91.198.36.35
02c30a2f8ab99e50290330ce2b9c3b7df9bcabbbd0f65442d2f929cb2fec3162
0497a8d2a9bde7db8c0466fae73e347a3258192811ed1108e3e096d5f34ac0e8
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
073fb309d5f0f8aac25fbfde4bcbde780eed5981b9589f62a7efd49a8596c690
081ae9baaacc857c1c2cb51de6dbd0e1eb811c2761ef01a50df373f2f6eefe22
085583262fc989309eef660f40bfcd1725cc57edb8cad2c03e95382ce3e0b50f
091105bb0811a882fd4f7fedb9e8dcf8a8fd0358106f000d7dd74cd1626dabe5
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0a95921db9171e0d643e275396758be2e677cdd968573300feb31ece7ca16c6d
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf67a88e4158309a7aec1613a776c80db3dc47769b1865ba427078bae937819
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10a174ee36c89015b513c53561bcb8382b70c9ecb696526210e40447e4faa6de
10bc15f7d18071d176f3868430f0f04a352a387003015a402c73858adaac91e3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1206b19f62d91c2402b59fa14e6e18107046d2b613700899687d8040ad0d2fb0
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12a2e37cf9365c6322d859f383c809e707d6e30972a27c327ea78d69fdbf1487
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a3c7635495e1b85002d6bbcf930526068bf11b1616a82d621c3cbeee877afa3
1e1684520b8ad979cf79d9bcf1c1b699161e6e3785698d2ab91c7c58df799a88
1e99d1e6fe74443f70e6b1bb68cca578728ec9d7669c2ee3ecaef8239f6eb956
1f7c5b9fc7520d2735786380c08033a9d450b27ef40c0f660f03b615aecb2293
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
21ccb645ef85fdecd03d594ba8c641ce71c338a9808682e15312f612fb7c4a8c
22da82d1cbd97e36fa29018fc8a8669d238cd378094f1217814ddcf51f85ced3
23cf8643e60f9e01b1bcf914c323f3861466997045f8aee8ea1c737f6fb5a21b
254f33bb44c46523cce6e349f8ea4ec60151ca4337024b647502da496df48b9c
27c135ee588f442bf5c59527117a1c6de82259597bf1c84a2be39218d8ca00af
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
281c5ae8bf152f644e12a943ec5d59681e1950c54fb6c0b3cc77539bf5e69340
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2c4e80d639308731c8bde682d8f59d5e569fbb810a1b1468c62625dbbdea2631
2e7f3f599d8cd1ac4684bda0c75a8e6e0abf4b8fcb61af597cb9704d792fcdb4
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2ecd0b5916e26d54760d24872ff76b2bd4632a0b7c02d30a1c1fd331ab6ac69b
2f1924ee0ccfc921a2f6d00afdc6b8a94112e76d706af0df6279ee5de19fafe2
301898d6bce363fd706de16a2d915e0382fc1a60d07b91d0ffd0609dd90b78a4
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
329bd139b12fdde5748b8317b6fc8a091d0a5c5179fe68115dad1522acc5a812
33d18e9820655d5e3df0d86a3e28b961f3767db98d06d2388b1d6ce19cb92c3f
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
35fd8976c95449e2fab9b80964acb6fbe8dd31c5989ad6b57a50e0a33065f4a1
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
387980c8b6a1ed97151290c26f3b297ffbfbafcdfcb631df727627bc739ef17a
39a3a957720560137e80256c4e78c730d2a7cd4be1b045dfc7c8893b1dc5d96c
3b1f077f14d808f4558bd983f89cb01164e431ef43051b7f052053e0426e40a1
3e78d7cda1a0574586b0ccb95ab53f1d0d9bde3fd65f2064e2a71e3173486421
3e7f3a97ce93fc97f75fc6d75428d11d5cabbf483fb19cd5e17c828429bdb746
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3eb4c5a5b9cbe9aca2ac1ea7729ee61b277819a7a7e2d0c657db0ac2f12efcfc
4156c6c84c92409761867d4794d02e607f40afd295c05be6e5f44db7612be831
4473f3c3f8541d270e2040eba93ecabc6e9d1a55eb4db735eab8f3f368d18f01
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
47d0e0a9ad5c86d6364b323e21203ca4f7f634c2cd397aad66f82f5de0370df7
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
494bf5a334d5a8035148037786031da26a47786e8b79806531e78761e64fa961
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4a3af19dd92c2af1af81d60f39cdb14519ecb6fb264e036811c3a2aba1345c21
4a64c3f8968235caf4367a733443be4ab6274fd32383d31bf96f607d1f87153a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f0587538d12f59dd42ad64d424a607c735ef5d6546516ff51320c1124ec8a49
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
4fce02aef5542a40509dce7f66aec864d7a2a070ac671b06ed235cbcd4743821
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50dd02e62490e5d09a7501b95ccbfb9cbf3889dff24b6ccbf0ab39c7b1552e67
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209
5225e55a9f76662488dbb2fe50d3f061a1d30ac33e80fd807918a871f7197dee
5380c242e0f1f0053e963a1612925778f1ec569b54d9033e32b7730040c500d6
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57d288caf8204ce94605421fa41eab7fa4c4da7254634eb2ac6291bc28464013
59fe052fa30275b48b087c29ee1e47022c320d5f4081d8e15015caee0f2a6283
5ad0966e290f5ecae0d3dcfe2da7110521dd24e1c8614bae686ed249299095a7
5ee543419645db5fac49170129bdf7db0879e77f83957b4363926d380b050648
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6121ca306ad1045453d52517b8f436eb5a68055c82aefa46a9a77de36996a3df
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d
68a0125044395d932f7a7a1320ba73aef0c7aaa22b2c84a1289bcdcfa890b8dd
6adfc0815036d31d722765828f79d9f7f22ee207d730f56633b8d9d9dd81d693
6b3de80a9f039cd539102e303c613d3c84945123c9f2aeea48c63fdb1ac83ab1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6d56101134b1780c0ff5b05701887e8810af1349d59c68c589800aa49d131e75
6d7dd97b1b8f9a6dd66cc9025d3b6603d371173712d103fa273e20a3013a5370
6d93025e7ac604a74c77cda1264b492afe94918444fd80a6a202683b614991d0
6f51b9306a9b1dba6bb4044eb9a433f12c7fbc8f5e8316bceb59108f56f91586
71f632d0b879487e08f47bc979ec5696f6820f234e79359d87f9fd2f5ed79fb0
725143dc665755eddcd2fb384bcf3039cb250fcb1c3af87d8fb258ba689c9b55
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
77efaadd626b5e79f480465dac8687c7bf0ce74123ebd626d14e43947126ebf6
77f5e031eefff035f726c707969ba6071cce707aa502d58aa7be42bb4af7fc8e
7a037366310f70f825c4a067da7ba067682761060e0b9743a04c59a7d8e9b993
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7d41cc80678502aaf3181f2f00f46553773fc0da93ab9290f2da2ae64720f1f7
7d626dd90c4757f69fb5216bbd2ceac1461cb0eb4e27147508fb39a3e8da0898
7d9593ece624216cf8957d0e1cc9df0e9fe0c12cc819a9b41bbe56686a86303f
81b500a065c842cbbe96dac2f133c288ba2c1487afb35dbdcfa4dc1aba451b89
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
8231b63a9bea8566687d34805a0d91c74d3c4b78027b11cad3a01cc09b0a3b7d
83256161be4addb3aefe369a31de46f42def521d423ab1b344883d49c2bd1953
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
84c70fda0de3acf1dd3cbb40cd681a568bc55d3b9ad011c6985f797161c2e1d0
86b67e98ae1805a0fa348e3e1d118a7b6661d66a6fd88609e8c7f59562a986a3
8a322ede0b619b9051fccbe2a1a31f402f416d45f92c245aafcbe75e42f6f2b2
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae41d42a4f2bdc4776697aa34050d8cb63d78149ca8691c209ecb76dc3867ad
8c39ce2883aad8a36c4194dc053127b29efa1677cc12db45e805760c5d9f14d1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8f3cf2225a7f4ab0953ac2ac0bf1c38874ee7bd6a56bf937c52688ac419a2dc3
8f8971058530863cdfbe3d156d8d5c6f7a6a42d5884f4e82cde8e3692b91e535
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf
94994fe4a1e5b6a18470b80b196cbc6fad4974a4547a4ed809f4cc07cf56935e
94d5253c7c33ad2a37b73edcce28cda63f7791a078fdee092861e95ad0164520
970fbd8d452e775c85db197dcced9843fa8c27850c0d29a36e3d7d4cb82497ac
97d726ff03b745813d3eafe624a634f84b5d492e9919a7298bed8da0dcbac597
98d456b12b8a6c3e1fcd81c680cefefbb38eaeec25d85a31757ac2417b2ff2e2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bcdfc9421524082b08208626e08051538d2a73901b58e148ed88a7ce7cf7a41
9d97f7a4b2edbb8f6a045125a686b58f5990f700c1a7aeabc8a90ec8bd3ba022
9e221cd2da06d8c59f44e133e090f645cf49a33f45a1b82f0983e15ef87f6c4f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1fd281902276d154751864bbf5d9dc6fa7c6b826d548cbaeeabc048bfd5fcd4
a37d848620d81a5fd27dff6e15af34f37fd05384f7d5337053c98efd0fe5a7d7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ec23f627568cedd2389d195103767bc8abe6b78c1cc262e54c59492d14e834
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
a9aa80adf0c2356b9e6841f3320b6dc3a102ed9de62ddd42a04f05ec467c9622
a9c66fdf1ceba24566394390e94faa182b2c23ab4c2df2faf2fdda296b4f4457
ac7eed07b5d8d9f32110d81fd1def84f3ee9a59d7fe7941a79a2b014f3fa1afb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
ae79d0e217643fd3bf26c1ee3036a276bbe875a82884e1d60524a9fff374c0de
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b162e213f6ab4c40f928f87d2f9f19104a8b51bde02de33720d908a7a99da931
b1d76224d2d919a0d3e8950b5f754d60d84cb73037a463cdf0d61a52853757f6
b2bbd2f460b12e9e57c06bd38e47d76a1b564055cd0d99e20085a16aa3830a0b
b5228c3cfde462641acf7901801a02057b709c98c6d0f78e746fc2432e00bb1b
b731f41ef96931e56af4ad0f58b8e9a58e9b534e8a4bb5599ad1be872c323b37
b94df33a0a563c19e0742f46241f42ba1c1d27dbb99d5588bc4342e589867f57
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
bd62fd631f2f388a0ffb74ec23e67f2baf8816e8a9bc2df95ebad6f63a575b9c
bd7bd0ce1eabb5b893c9f5df238f6f1bef17ca440deee95bd82f07aa66c24c51
be6613dda2ca59c3d2725ef7c7205cf0141adf31c0a0ae159328f951b7ab247e
bead87b2c8ee8424cda8e6d4dec906754c8b4c9860f9e8a84d4c62c3ba288ee2
c08c6f405c04cfe55a844e21b46746de2034a29f8e41523c195ad0922db8b32d
c17a0d41861ea06a326148782f7fd4d75ff7dfccdcac9b8f01e8ee5850e11c1f
c24f37ff564a8fad4604b9fb74aac57958b6f0e3ae724595e726cdfbfdee11d7
c6a2f6b42d23d9aeeefddd0186a6fc7cd1a2eba7e7ae873f9f985861cec39dfd
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9c616de646e94b9adea60ef1e8ffe5246f82b82baa1e039b1b6007067791773
ca43b01bb909b19624a58b15390d9c5375bfdd3d44c8d7e8a4e88e9cd56ddc69
cbb94c29f4cf9034c6a1b206cfced5bec63e76d552ab90ab39f83495b623ffa7
cbf1f6419deb3763e207fa001eb2e046b9cda79b5393cd9717ea543fdf0b5f37
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d053b3394c0c63056d08da72b151ddee65a7af7993f49034bea5f502eb451b48
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d0f1e4e77e17ce26fbc4740970cb36bf9c1448242bbed6725897c804ad099416
d3e34bfff79e95cc96928baa3fe86bc77b044f2b4707be2c0251d70ba097faec
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d54ac0208d59cd7d261f9ad3c02558ad7cdad6785a35514e25e872d055d28ec2
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8
d98aa0687e86fbb1f5cd8d8a4eb7dd217a5698d0c6c80bf24e4114896c519d1d
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
db3ce8768c4e10435d706169fbf1c5d3ed4703f01fd5d428abf2a4eb87a2e734
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dd513f04af7ecabf8af5ad35a411480827f04b46b12f15878f52891341042b00
de3e7fcab25d8103d31dea640867362bed737df932100d794426c96b03c4ac3d
e084c8a87da9ce64e34972a1718ce788ea46bb7898330c73e1a7f2b6c9936d98
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5d419e15c28041f6cd710c385a45ffbf274e6980a668349e9584b1a8ce09e72
e66bfceb15a6ee125dff79826be02a07b766843e6c660edf55ec0c22d1a407c1
e79ff5fb403dfd221e1b8a531424bb7579536c61b54839ab8e77ba322a9b212a
e88adda18aa09bcb1b6747436882f40a0074574df0ca4bc130779bb440e19d9d
edc82838d493cfae4dabce623d9bb4d6d0cdb2cdbc04121afc8738a7f5ae0e45
ee968ba0acf63288590c042859f6ac4bb54022f954706f9aa5210a7320a9369a
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
ef686defd0a3a84f11249b5ec488b63c0d5228da9b0649208bb2d8f8c5d2835b
f5045e129c9340344febc5d9f499b425a146fa6e090880581d2ca20a69513b6f
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f748110cf8280254c6705d7cf18de8b04369c521d9db43e63897e531c283578d
f808bb2768fa43845c8a69532ce00c7368cfaf7ebb3eabb87a3afc5142ce1aa8
f8f2a604c1bdeb2706adba802dd90f6698a74ccd5e8375a589180852d5950044
fac0e13bfe90135764a88b128aeba6907c4eb0bfba06d573329e13ca95e3d801
fc1cee21376da3a4fdf8f62d3bb1d46c80c763d447da7e7c07112f45eee09d3f
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fd3a59ddafea07c272b9139960169bf8ea43af970c51875d842147113cf51aef
fed2d61088cba54be39b2069add7103160e31f07c950c0e2e7706d6d6dc9ebf6
ff75dfd781902579ee80a09ee0d001927c94d7d6cff9cb08f011ec2b799ca5c9

kolobok.ua Open in urlscan Pro 193.29.200.162 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

339 Requests

91 %HTTPS

48 %IPv6

54 Domains

82 Subdomains

63 IPs

9 Countries

4959 kBTransfer

9733 kBSize

67 Cookies

3 Outgoing links

Page URL History

Redirected requests

339 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 15 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kolobok.ua Open in urlscan Pro
193.29.200.162 Public Scan

Screenshot
Live screenshot

Full Image

339
Requests

91 %
HTTPS

48 %
IPv6

54
Domains

82
Subdomains

63
IPs

9
Countries

4959 kB
Transfer

9733 kB
Size

67
Cookies

339 HTTP transactions
15 data transactions