shafa.ua Open in urlscan Pro
2606:4700:20::681a:e31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.likegirls18.com/qYQcxGLD
Effective URL:
https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Submission Tags: falconsandbox
Submission: On February 19 via api (February 19th 2021, 9:22:20 am UTC) from US

Summary HTTP 137 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 35 IPs in 7 countries across 23 domains to perform 137 HTTP transactions. The main IP is 2606:4700:20::681a:e31, located in United States and belongs to CLOUDFLARENET, US. The main domain is shafa.ua.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 12th 2020. Valid for: a year.

This is the only time shafa.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	185.179.190.151 185.179.190.151	44094 (WEBHOST1-AS) (WEBHOST1-AS)
9	2606:4700:20:... 2606:4700:20::681a:e31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
32	193.34.169.9 193.34.169.9	43896 (EVO) (EVO)
7	193.34.169.4 193.34.169.4	43896 (EVO) (EVO)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a05:d018:ac8... 2a05:d018:ac8:b920:6095:dc29:ee4b:3ced	16509 (AMAZON-02) (AMAZON-02)
1	34.254.211.84 34.254.211.84	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	185.86.57.248 185.86.57.248	43896 (EVO) (EVO)
2	13.226.159.106 13.226.159.106	16509 (AMAZON-02) (AMAZON-02)
1 2	185.184.8.30 185.184.8.30	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	193.34.168.232 193.34.168.232	43896 (EVO) (EVO)
2	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
1 1	193.34.169.36 193.34.169.36	43896 (EVO) (EVO)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	95.100.64.146 95.100.64.146	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:400c:c02::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 14	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
137	35

1 185.179.190.151 (Russian Federation)

ASN44094 (WEBHOST1-AS, RU)
PTR: static.151.190.179.185.ip.webhost1.net

www.likegirls18.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::681a:e31 (United States)

ASN13335 (CLOUDFLARENET, US)

shafa.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracker.shafa.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 193.34.169.9 (Ukraine)

ASN43896 (EVO, UA)

shafa.c.prom.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clerk.c.prom.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
colbert-static.c.prom.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.34.169.4 (Ukraine)

ASN43896 (EVO, UA)
PTR: images.shafastatic.net

image-thumbs.shafastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
avatars.shafastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
uploads.shafastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:ac8:b920:6095:dc29:ee4b:3ced (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.211.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-211-84.eu-west-1.compute.amazonaws.com

script.esputnik.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.57.248 (Ukraine)

ASN43896 (EVO, UA)
PTR: shafa.ua

assets.shafastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.226.159.106 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-106.dus51.r.cloudfront.net

www.dmpcloud.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.30 (Amsterdam, Netherlands) 1 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-30.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.34.168.232 (Ukraine)

ASN43896 (EVO, UA)

shafa-sentry.evo.run	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.34.169.36 (Ukraine) 1 redirects

ASN43896 (EVO, UA)
PTR: colbert.evo.company

colbert.evo.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.100.64.146 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-100-64-146.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c02::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	prom.st shafa.c.prom.st clerk.c.prom.st colbert-static.c.prom.st	672 KB
22	googlesyndication.com 1 redirects pagead2.googlesyndication.com tpc.googlesyndication.com	384 KB
15	doubleclick.net securepubads.g.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	169 KB
11	shafastatic.net image-thumbs.shafastatic.net avatars.shafastatic.net assets.shafastatic.net uploads.shafastatic.net	337 KB
9	shafa.ua shafa.ua tracker.shafa.ua	92 KB
7	google.com 1 redirects adservice.google.com www.google.com	1 KB
7	google-analytics.com www.google-analytics.com	56 KB
6	gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	112 KB
6	google.de adservice.google.de www.google.de	1 KB
4	googletagservices.com www.googletagservices.com	113 KB
3	facebook.com www.facebook.com	485 B
3	googletagmanager.com www.googletagmanager.com	133 KB
2	googleadservices.com www.googleadservices.com partner.googleadservices.com	13 KB
2	creativecdn.com 1 redirects creativecdn.com ams.creativecdn.com	842 B
2	dmpcloud.net www.dmpcloud.net	4 KB
2	facebook.net connect.facebook.net	92 KB
2	esputnik.com esputnik.com script.esputnik.com	66 KB
1	googleapis.com fonts.googleapis.com	634 B
1	teads.tv sync.teads.tv	172 B
1	evo.company 1 redirects colbert.evo.company	171 B
1	evo.run shafa-sentry.evo.run	525 B
1	trafmag.com t.trafmag.com	336 B
1	likegirls18.com www.likegirls18.com	2 KB
137	23

	Domain	Requested by
29	shafa.c.prom.st	shafa.ua shafa.c.prom.st
14	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com www.googleadservices.com googleads.g.doubleclick.net www.googletagservices.com
8	pagead2.googlesyndication.com	shafa.ua pagead2.googlesyndication.com googleads.g.doubleclick.net shafa.c.prom.st tpc.googlesyndication.com www.googletagservices.com
8	shafa.ua	www.likegirls18.com shafa.ua shafa.c.prom.st
7	www.google-analytics.com	shafa.ua www.google-analytics.com shafa.c.prom.st www.googletagmanager.com
6	www.google.com	1 redirects shafa.ua
5	www.google.de	shafa.ua
5	image-thumbs.shafastatic.net	shafa.ua
4	assets.shafastatic.net	shafa.c.prom.st
4	www.googletagservices.com	shafa.ua pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.facebook.com	shafa.ua connect.facebook.net
3	www.googletagmanager.com	shafa.ua www.googletagmanager.com
2	encrypted-tbn3.gstatic.com	googleads.g.doubleclick.net
2	stats.g.doubleclick.net	shafa.c.prom.st
2	www.dmpcloud.net	shafa.ua www.dmpcloud.net
2	connect.facebook.net	shafa.ua connect.facebook.net
2	clerk.c.prom.st	shafa.ua
1	tracker.shafa.ua	clerk.c.prom.st
1	fonts.gstatic.com	fonts.googleapis.com
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
1	www.gstatic.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	uploads.shafastatic.net	shafa.ua
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sync.teads.tv	ams.creativecdn.com
1	colbert-static.c.prom.st	shafa.ua
1	colbert.evo.company	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	securepubads.g.doubleclick.net	www.googletagservices.com
1	shafa-sentry.evo.run	shafa.c.prom.st
1	ams.creativecdn.com	shafa.ua
1	creativecdn.com	1 redirects
1	script.esputnik.com	shafa.ua
1	esputnik.com	shafa.ua
1	t.trafmag.com	shafa.ua
1	avatars.shafastatic.net	shafa.ua
1	www.likegirls18.com
137	41

This site contains links to these domains. Also see Links.

Domain
images.shafastatic.net
www.facebook.com
vk.com
twitter.com
www.pinterest.com
plus.google.com
www.odnoklassniki.ru
blog.shafa.ua
shafa.kayako.com
www.instagram.com
www.youtube.com
play.google.com
apple.co

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-12` - `2021-08-12`	a year	crt.sh
c.prom.st R3	`2020-12-06` - `2021-03-06`	3 months	crt.sh
images.shafastatic.net R3	`2021-02-09` - `2021-05-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.trafmag.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-15` - `2021-06-21`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.esputnik.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-28` - `2021-11-27`	2 years	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
assets.shafastatic.net R3	`2021-02-08` - `2021-05-09`	3 months	crt.sh
www.dmpcloud.net Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2 years	crt.sh
evo.run R3	`2021-01-04` - `2021-04-04`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
teads.tv R3	`2021-02-18` - `2021-05-19`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Frame ID: D15125DB1C5B183085B25D2A97A8EBB2
Requests: 101 HTTP requests in this frame

Frame: https://clerk.c.prom.st/v4.2.0/iframe.html
Frame ID: 6EEA75EA48A74F4C4348BA257AA83991
Requests: 1 HTTP requests in this frame

Frame: https://ams.creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888&tc=1
Frame ID: 6D3A07338A0DA618D5E6A075BDAB25C7
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html
Frame ID: 134F76EBCF24C7F34FF2BC2EE306AB1D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
Frame ID: 769E255EA01C32806C12F82BE0508B11
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
Frame ID: 834AC054D43AAD456B1F482215C5E19D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&adk=1812271804&adf=3025194257&lmt=1613726521&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ea=0&flash=0&pra=7&wgl=1&dt=1613726520727&bpp=1&bdt=786&idt=281&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C840x280&nras=1&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=287
Frame ID: 6B6595CF8D9B47BD30A8CE8D6214F6ED
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js
Frame ID: 45C211C1CF7B7741CF50EE9384398DEC
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html
Frame ID: 4D45464BF0861BEEA1E5E0F40D8875FE
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: C2E0A88DB429ABC48748ECC693F5A22A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: DC94D6CCEC0B2E594EC5EBAD1E48DE87
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.likegirls18.com/qYQcxGLD Page URL
https://shafa.ua/men/obuv/kedy/41168888-kedy-vans Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

137
Requests

99 %
HTTPS

63 %
IPv6

23
Domains

41
Subdomains

35
IPs

7
Countries

2249 kB
Transfer

6210 kB
Size

15
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://images.shafastatic.net/170320052
Title:

Search URL Search Domain Scan URL

URL: https://images.shafastatic.net/170320104
Title:

Search URL Search Domain Scan URL

URL: https://images.shafastatic.net/170320121
Title:

Search URL Search Domain Scan URL

URL: https://images.shafastatic.net/170320138
Title:

Search URL Search Domain Scan URL

URL: https://images.shafastatic.net/170320155
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://shafa.ua/men/obuv/kedy/41168888-kedy-vans&title=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%20Vans%20%D0%B7%D0%B0%20460%20%D0%B3%D1%80%D0%BD.
Title:

Search URL Search Domain Scan URL

URL: https://vk.com/share.php?url=https://shafa.ua/men/obuv/kedy/41168888-kedy-vans&title=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%20Vans%20%D0%B7%D0%B0%20460%20%D0%B3%D1%80%D0%BD.&image=https://images.shafastatic.net/170320052
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet/?text=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%20Vans%20%D0%B7%D0%B0%20460%20%D0%B3%D1%80%D0%BD.&url=https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Title:

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/pin/create/button/?url=https://shafa.ua/men/obuv/kedy/41168888-kedy-vans&media=https://images.shafastatic.net/170320052&description=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%20Vans%20%D0%B7%D0%B0%20460%20%D0%B3%D1%80%D0%BD.
Title:

Search URL Search Domain Scan URL

URL: https://plus.google.com/share?url=https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Title:

Search URL Search Domain Scan URL

URL: http://www.odnoklassniki.ru/dk?st.cmd=addShare&st.s=1&st.comments=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%20Vans%20%D0%B7%D0%B0%20460%20%D0%B3%D1%80%D0%BD.&st._surl=https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Title:

Search URL Search Domain Scan URL

URL: http://blog.shafa.ua/
Title: Наш блог

Search URL Search Domain Scan URL

URL: https://shafa.kayako.com/category/1-kak-eto-rabotaet
Title: Как это работает?

Search URL Search Domain Scan URL

URL: https://www.facebook.com/shafa.ua
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/shafaua
Title:

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCWn_Jh5KFT_EImWHt7oCGDg
Title:

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=shafa.odejda.obuv.aksessuary
Title:

Search URL Search Domain Scan URL

URL: https://apple.co/2pE66cJ
Title:

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.likegirls18.com/qYQcxGLD Page URL
https://shafa.ua/men/obuv/kedy/41168888-kedy-vans Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42

https://creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888 HTTP 302
https://ams.creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888&tc=1

Request Chain 55

https://colbert.evo.company/static/colbert.js HTTP 301
https://colbert-static.c.prom.st/static/colbert.js

Request Chain 109

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrw7O6IhCwCRisAjII9947V29w5qI HTTP 301
https://tpc.googlesyndication.com/simgad/6390794388280864672

Request Chain 131

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

137 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Cookie set qYQcxGLD Show response
www.likegirls18.com/ 1 KB
2 KB 221ms
154ms Document
text/html 185.179.190.151
WEBHOST1-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://www.likegirls18.com/qYQcxGLD
Protocol: HTTP/1.1
Server: 185.179.190.151 , Russian Federation, ASN44094 (WEBHOST1-AS, RU),
Reverse DNS: static.151.190.179.185.ip.webhost1.net
Software: nginx /
Resource Hash: 68bc7402165e2a9909475c5f88763b82639415093ec634c1c94d27210d371c26

Request headers

Host: www.likegirls18.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx
Date: Fri, 19 Feb 2021 09:21:59 GMT
Content-Type: text/html
Content-Length: 1154
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Fri, 19 Feb 2021 09:21:59 GMT
Pragma: no-cache
Set-Cookie: _subid=2m7gn571h6br;Expires=Monday, 22-Mar-2021 09:21:59 GMT;Max-Age=2678400;Path=/ cde6e=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjY3XCI6MTYxMzcyNjUxOX0sXCJjYW1wYWlnbnNcIjp7XCIzM1wiOjE2MTM3MjY1MTl9LFwidGltZVwiOjE2MTM3MjY1MTl9In0.IkuSm3-ZXf8XnDnOeHhfUUaNFbsppLshb2aY_qqhtOg;Expires=Sunday, 10-Apr-2072 18:43:58 GMT;Max-Age=1613812919;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *

GET
H2 200 Primary Request 41168888-kedy-vans Show response
shafa.ua/men/obuv/kedy/ 415 KB
27 KB 480ms
457ms Document
text/html 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Requested by

Host: www.likegirls18.com
URL: http://www.likegirls18.com/qYQcxGLD

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a848fe56b8851b2d5ef5abd34c804c955e5150b5702a283523034101ed3a5ec6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: shafa.ua
:scheme: https
:path: /men/obuv/kedy/41168888-kedy-vans
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: http://www.likegirls18.com/qYQcxGLD
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://www.likegirls18.com/qYQcxGLD

Response headers

date: Fri, 19 Feb 2021 09:21:59 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d318d8b63170151eeeb9ce87c2584b9a21613726519; expires=Sun, 21-Mar-21 09:21:59 GMT; path=/; domain=.shafa.ua; HttpOnly; SameSite=Lax events=""; expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/; SameSite=Lax csrftoken=OhFkIEcb4fGT3GVEFSafFKcWDGUKYGf2QsKBwLjCRaiFgNVw5P7ONMOecdxDtF2S; expires=Fri, 18 Feb 2022 09:21:59 GMT; Max-Age=31449600; Path=/; SameSite=Lax
expires: Fri, 19 Feb 2021 09:21:59 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
vary: Accept-Language, Cookie
content-language: ru
referrer-policy: no-referrer-when-downgrade
x-served-by: shafa-prod--web-58958b58-rpfvq
x-frame-options: SAMEORIGIN
x-envoy-upstream-service-time: 223
access-control-allow-methods: GET, OPTIONS
access-control-max-age: 86400
cf-cache-status: DYNAMIC
cf-request-id: 085b31a8bb000017829e11f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qBIJfVNcFUrvTK3rGeyvkBI1jamMru4n%2FBK9IdZG%2B%2Bye0OBsMNPmzEjC2KOowvWAXojXemRxiNmTFOkYME1SnHJRsLoY3VyoNoJv%2FINZXkroJjJicA%3D%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 623eebbacac11782-FRA
content-encoding: br

GET
H2 200 main.8501d773.css
shafa.c.prom.st/build/ 204 KB
34 KB 231ms
76ms Stylesheet
text/css 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/main.8501d773.css
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7e85fd91dce1869a84364e0dc1144cab1f4c0430e528be8f7f6c3036d4210d80

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx00000000000000169ee82-00602e7374-19ba88b-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/main.8501d773.css
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 33855
last-modified: Thu, 18 Feb 2021 14:00:05 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: habu
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 global.a1e8d5143f8e1f9b6a84.css
shafa.c.prom.st/build/css/ 11 KB
3 KB 261ms
106ms Stylesheet
text/css 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/css/global.a1e8d5143f8e1f9b6a84.css
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: d9f3255049031af0942d337a07176487ac7d6d6cdf98fc48757331912a781287

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx000000000000000e3e06e-005fe9d711-19ba88b-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/css/global.a1e8d5143f8e1f9b6a84.css
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 2902
last-modified: Mon, 28 Dec 2020 12:57:47 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: himehabu
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 product.45cd9ec4f552aea28bb9.css
shafa.c.prom.st/build/css/ 27 KB
8 KB 260ms
105ms Stylesheet
text/css 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/css/product.45cd9ec4f552aea28bb9.css
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 06f0b87df6a5129c3c362fb28694ab39fdd36d133cdc084d67abda4bc19bb2a7

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx0000000000000016617e2-00602cce6d-202a855-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/css/product.45cd9ec4f552aea28bb9.css
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 7158
last-modified: Wed, 17 Feb 2021 08:03:57 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: himehabu
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 api.js Show response
shafa.ua/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 17ms
8ms Script
text/javascript 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shafa.ua/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SvZJJ6N6ChJ0YNKLF7i8N33o5naK2CgrfVuZKyb2HHktQIkONuYVJVNrSBzS9UUuTn4Rv36bR%2BKyijKD2BZiDT6rZgYt%2FrpX%2FWO%2Bk92YqIjLjG9YuA%3D%3D"}],"group":"cf-nel"}
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 623eebbf5f211782-FRA
cf-request-id: 085b31ab9c000017824d05d000000001

GET
H2 200 170320052_310_430
image-thumbs.shafastatic.net/ 12 KB
12 KB 233ms
89ms Image
image/jpeg 193.34.169.4
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-thumbs.shafastatic.net/170320052_310_430
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.4 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.shafastatic.net
Software: nginx /
Resource Hash: efb57cb766c178136be7af3f1c80219885ae34548155c47845e87a0cb08bd5e1

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Tue, 16 Feb 2021 10:00:23 GMT
server: nginx
x-cache-status: MISS
content-type: image/jpeg
x-cache-source: local
x-servant: lancehead
cache-control: max-age=31536000
content-length: 12371
expires: Sat, 19 Feb 2022 09:22:00 GMT

GET
H2 200 170320104_310_430
image-thumbs.shafastatic.net/ 13 KB
13 KB 246ms
103ms Image
image/jpeg 193.34.169.4
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-thumbs.shafastatic.net/170320104_310_430
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.4 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.shafastatic.net
Software: nginx /
Resource Hash: ad24b005bd60eca026ff96ba2939219a78a7affd12394fd51db48d1f9d5bd83c

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Tue, 16 Feb 2021 10:03:35 GMT
server: nginx
x-cache-status: MISS
content-type: image/jpeg
x-cache-source: local
x-servant: habu
cache-control: max-age=31536000
content-length: 13069
expires: Sat, 19 Feb 2022 09:22:00 GMT

GET
H2 200 170320121_310_430
image-thumbs.shafastatic.net/ 11 KB
11 KB 212ms
68ms Image
image/jpeg 193.34.169.4
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-thumbs.shafastatic.net/170320121_310_430
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.4 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.shafastatic.net
Software: nginx /
Resource Hash: 88ff3cf185129db3988cf97e0f5aca6de4e7c29767a07420241ab2c614d0a0b9

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Tue, 16 Feb 2021 10:02:57 GMT
server: nginx
x-cache-status: MISS
content-type: image/jpeg
x-cache-source: local
x-servant: ferdelance
cache-control: max-age=31536000
content-length: 11058
expires: Sat, 19 Feb 2022 09:22:00 GMT

GET
H2 200 170320138_310_430
image-thumbs.shafastatic.net/ 8 KB
8 KB 234ms
91ms Image
image/jpeg 193.34.169.4
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-thumbs.shafastatic.net/170320138_310_430
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.4 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.shafastatic.net
Software: nginx /
Resource Hash: a65312d3977e859602758969f81711e8a401791c027b75de1d63c85b854cc2bc

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Mon, 15 Feb 2021 21:30:50 GMT
server: nginx
x-cache-status: MISS
content-type: image/jpeg
x-cache-source: local
x-servant: habu
cache-control: max-age=31536000
content-length: 7993
expires: Sat, 19 Feb 2022 09:22:00 GMT

GET
H2 200 170320155_310_430
image-thumbs.shafastatic.net/ 11 KB
12 KB 263ms
120ms Image
image/jpeg 193.34.169.4
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image-thumbs.shafastatic.net/170320155_310_430
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.4 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.shafastatic.net
Software: nginx /
Resource Hash: 59059aa5d490f9d3951128d4ca6d8f6c33080495c74a2e8e93a85333cb6d451e

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Mon, 15 Feb 2021 21:30:20 GMT
server: nginx
x-cache-status: MISS
content-type: image/jpeg
x-cache-source: local
x-servant: himehabu
cache-control: max-age=31536000
content-length: 11579
expires: Sat, 19 Feb 2022 09:22:00 GMT

GET
H2 200 spa_entry.6ef2f9991a55ea105200.css
shafa.c.prom.st/build/css/ 8 KB
2 KB 45ms
45ms Stylesheet
text/css 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/css/spa_entry.6ef2f9991a55ea105200.css
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: fe5c83fdd68ae9c0e01bc6b971e98dc8194bf8c45976eb5223941870204246e4

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
last-modified: Wed, 18 Nov 2020 11:06:11 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/build/css/spa_entry.6ef2f9991a55ea105200.css
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: sidewinder
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 1999
x-cache-type: main

GET
H2 200 spa_entry.46dda66670b8fd25c454.js Show response
shafa.c.prom.st/build/ 205 KB
47 KB 54ms
45ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: bbfb90901956b14a22275ff771b7c2d13f1696d61d20fc6e4e0b1d3f2a516046

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx00000000000000169ee83-00602e7374-19ba88b-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 47691
last-modified: Thu, 18 Feb 2021 14:00:05 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: sidewinder
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 female-photo-310.png
shafa.c.prom.st/ 5 KB
5 KB 54ms
45ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/female-photo-310.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9759b270eda04746ca0fcf6485e9fe4d357ae9c0e5bb8bdd3313a695f97d53cb

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
x-amz-request-id: tx000000000000000caf0b0-005fdc5961-202a855-openstack-1
x-cache-key: cdnshafa.c.prom.st/female-photo-310.png
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 4809
last-modified: Fri, 18 Dec 2020 07:25:20 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: sidewinder
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 2015317
avatars.shafastatic.net/ 6 KB
6 KB 209ms
67ms Image
image/jpeg 193.34.169.4
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.shafastatic.net/2015317?v1593256572
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.4 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.shafastatic.net
Software: nginx /
Resource Hash: 3dff6250e724a628c8eab5c94770e4b3d47371254b8d5ad99bbc87ebb0e249a1

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Tue, 16 Feb 2021 10:00:07 GMT
server: nginx
x-cache-status: MISS
content-type: image/jpeg
x-cache-source: local
x-servant: habu
cache-control: max-age=31536000
content-length: 6033
expires: Sat, 19 Feb 2022 09:22:00 GMT

GET
H2 200 catalog-hanger.png
shafa.c.prom.st/img/ 656 B
1 KB 54ms
46ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/catalog-hanger.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 83cf2b7e5e68d46dd9247757385c4df7c6519daaa67cbd21217a92bdccb4a50c

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
x-amz-request-id: tx00000000000000151ef49-006023ad5f-202a855-openstack-1
x-cache-key: cdnshafa.c.prom.st/img/catalog-hanger.png
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 656
last-modified: Tue, 09 Feb 2021 14:27:53 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: lancehead
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 facebook.png
shafa.c.prom.st/img/ 397 B
826 B 53ms
46ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/facebook.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9f77d907e18d2c0778fa295b6793ada1bd5fe5c80ec73e7d3f3909234799e988

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Thu, 16 Apr 2020 10:53:46 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/img/facebook.png
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: ferdelance
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 397
x-cache-type: main

GET
H2 200 instagram.png
shafa.c.prom.st/img/ 2 KB
2 KB 54ms
47ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/instagram.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: d18817bc0bc085c068b259c6396ee71532fa5e9cf91ef4c2797c21450cd143fc

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Thu, 29 Oct 2020 15:23:47 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/img/instagram.png
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: lancehead
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 1609
x-cache-type: main

GET
H2 200 youtube.png
shafa.c.prom.st/img/ 270 B
699 B 84ms
77ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/youtube.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: e795fa520a522be5912ce8830dc8305a909980216ff6a231e6fac697c0246466

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Fri, 06 Sep 2019 11:03:06 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/img/youtube.png
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: whiptails
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 270
x-cache-type: main

GET
H2 200 google_play.png
shafa.c.prom.st/img/ 2 KB
3 KB 73ms
66ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/google_play.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: dd0130322e1e136a38c4850d8906e20d17f248fac627aae764470eeb900cb5a5

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Thu, 16 Jul 2020 18:32:08 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/img/google_play.png
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: whiptails
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 2475
x-cache-type: main

GET
H2 200 app_store.png
shafa.c.prom.st/img/ 2 KB
2 KB 73ms
66ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/app_store.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0bd9f8ee21eb6441ef9e429676a09b043f7783bbb8309cf29d613a926f50799f

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
x-amz-request-id: tx000000000000000cab40b-005fdc5961-19ba88b-openstack-1
x-cache-key: cdnshafa.c.prom.st/img/app_store.png
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 1945
last-modified: Fri, 18 Dec 2020 07:25:21 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: sidewinder
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 email-decode.min.js Show response
shafa.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 9ms
9ms Script
application/javascript 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shafa.ua/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
cf-request-id: 085b31ab940000178249377000000001
last-modified: Tue, 09 Feb 2021 14:27:54 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"60229bea-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=UDy2Xfe9%2BhORnF%2FDG46iEUfKkynlattq69YetlqttThoob9rzIKiZ5sYdlNISEAciViTqgsuJcK7dkI7ClhN1ZV4tnl6g1Cu4o83PpjL3os8Vd26gA%3D%3D"}],"group":"cf-nel"}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 623eebbf5f111782-FRA
expires: Sun, 21 Feb 2021 09:22:00 GMT

GET
H2 200 bare.js Show response
clerk.c.prom.st/v4.2.0/ 11 KB
4 KB 149ms
107ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://clerk.c.prom.st/v4.2.0/bare.js
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 58eaf9b7f4a48c5680cc0b167e49a799bdbb038046cd0555fa231aa42c2e8a84

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
last-modified: Wed, 15 Jul 2020 12:00:54 GMT
server: nginx
x-cache-key: cdnclerk.c.prom.st/v4.2.0/bare.js
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: lancehead
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 4096
x-cache-type: main

GET
H2 200 shared.020f11f2d37ffed387fe.js Show response
shafa.c.prom.st/build/ 1007 KB
300 KB 85ms
79ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/shared.020f11f2d37ffed387fe.js
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 3856f982b8ca140da9c0dee7bd98e770f2f2ced03094ba26fe2a9a896520467b

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx0000000000000016730bc-00602d250f-19ba88b-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/shared.020f11f2d37ffed387fe.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 306339
last-modified: Wed, 17 Feb 2021 14:10:27 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: whiptails
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 global.898ac2a9b69085b09aeb.js Show response
shafa.c.prom.st/build/ 179 KB
44 KB 89ms
83ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/global.898ac2a9b69085b09aeb.js
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: a9108c8d6a490886986591912c5c8786ce262fb70d64b3c65d56edbf83e56b74

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx000000000000001671538-00602d250f-202a85e-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/global.898ac2a9b69085b09aeb.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 44801
last-modified: Wed, 17 Feb 2021 14:10:26 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: sidewinder
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 56 KB
19 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f84cf6c71f9934a2b597a964071f5a8439ab202128da8ba5f37e69ab329de103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "788 / 70 of 1000 / last-modified: 1613689824"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19444
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H2 200 product.510708cfaa7af0bd9fec.js Show response
shafa.c.prom.st/build/ 335 KB
94 KB 84ms
79ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/product.510708cfaa7af0bd9fec.js
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 7e116855324c2abdfac0ec461ba6612aeb32758e4d9ae301abece483fde43ce8

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx0000000000000016a1a25-00602e7374-1a02d94-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/product.510708cfaa7af0bd9fec.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 95617
last-modified: Thu, 18 Feb 2021 14:00:05 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: ferdelance
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 tracking.js Show response
t.trafmag.com/ 30 B
336 B 95ms
55ms Script
text/javascript 193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to

Full URL: https://t.trafmag.com/tracking.js?c=shafaua
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 28a99f433e91a41beacca2e572aaac5a9da22b8a33bf508f3607a85af7ed8c0a

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Fri, 19 Feb 2021 09:22:00 GMT
server: nginx
p3p: CP="NON DSP COR CURa TIA"
cache-control: no-cache
content-type: text/javascript; charset=utf-8;
content-length: 30
expires: Sun, 31 Jan 2017 17:17:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
48 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

557c7eff7e290be0c9ba43c9992a9a53511608560c9e1c23efc05851e186a2a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 48512
x-xss-protection: 0
server: cafe
etag: 8824829217438060229
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 5448
date: Fri, 19 Feb 2021 07:51:12 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Fri, 19 Feb 2021 09:51:12 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
42 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PFHTCRH

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fe707e181f60f4e6bb25c21db2a9703a954859e4c4eb7ab5d0396fcbdca13437

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42541
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H/1.1 200 scripts Show response
esputnik.com/scripts/v1/public/ 34 KB
11 KB 96ms
33ms Script
application/javascript 2a05:d018:ac8:b920:6095:dc29:ee4b:3ced
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://esputnik.com/scripts/v1/public/scripts?apiKey=eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiI0NTI0ZWZhYTJkYzI2MGRmYTM4YTE1NDBlMWEyZjE0YWQ1YTIzZDFmMzU0N2Q0OTIyZWI5NGQ3ZWMwOTc1YjA4MjRlZmYwMzc0MWY5YjgyMTYxNGIzY2Y0ZDgzZWRkMTcwZWU5ZWY3YTA3MjI3Y2JjYjQzMzQ2OGQ3MjE4ZmMxNWUzYjNmYjI2M2M3NzZlNTVhMjYwYWMzNGY2ZDgxZTQ1MTU4MWU1OTE5YTFjNjI1NmYxMDRhODkwOTBhZTg1Y2IifQ.a0dndtou7H4jjB2Rg9448q9RwKQWKvXv2i4KjuJCQRZUDBcMl4gJt-n-xjqtf-3LIglvY5U-Aby2qN6lKeXcAg&domain=85CE5AE0-4164-4ECF-8BA2-4BA0B3F13300

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:ac8:b920:6095:dc29:ee4b:3ced Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

d41623300e65df391ebcef4077f75e12e81057e6e515c33c0ad51e9ef9ffd799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 09:22:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: nginx
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=300
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Fri, 19 Feb 2021 09:27:00 GMT

GET
H/1.1 200
OK sc.js Show response
script.esputnik.com/9FEF59165B1247659D2A32CCAF05E7A1/ 162 KB
55 KB 257ms
178ms Script
application/javascript 34.254.211.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.esputnik.com/9FEF59165B1247659D2A32CCAF05E7A1/sc.js

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.211.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-211-84.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

125516b5cd6f474aeb0040efd1a43b4e8e5e0e52005dd5e5518bb67fb9dea187

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 09:22:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Feb 2021 08:10:40 GMT
Server: nginx
ETag: W/"602b7e00-28832"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=3600, public, max-age=3600
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000; includeSubDomains
Expires: Fri, 19 Feb 2021 10:22:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: EzizUMCAreb/DLwDMtWfOiomCm3qQWGOEPQKqgIGwlwe9RE5ZMF+4LMqzbb0M/vfEOxBZnc/nj9iIEQsgPF1rg==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Fri, 19 Feb 2021 09:22:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sprite.defs.c0e20347.svg
shafa.ua/build/ 141 KB
51 KB 36ms
32ms Other
image/svg+xml 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.ua/build/sprite.defs.c0e20347.svg
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63c54828aef7b648ab80bcc9569204426ccc1dcbf9469ee371399219f3d13afe

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1535223
x-cache-key: cdnshafa.c.prom.st/build/sprite.defs.c0e20347.svg
x-cache-status: MISS, MISS
x-amz-storage-class: STANDARD
access-control-max-age: 86400
access-control-allow-methods: GET, OPTIONS, GET, OPTIONS
x-cache-source: local
x-amz-request-id: tx00000000000000135e4fe-006018163d-202a85e-openstack-1
cf-request-id: 085b31ab9d000017825ab69000000001
last-modified: Mon, 01 Feb 2021 14:51:36 GMT
server: cloudflare
cache-control: public, max-age=31536000, immutable
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xlMsSE23UwfD74vdPm7VcguVWcQ8ghAwMRTKzkoYGhIunEJjovSTkaYYoWsvaK5Je8mllEoPr8Dp%2BBYvtTA272i03pIoVAgFHDmzu03%2B6iiMopn8lA%3D%3D"}],"group":"cf-nel"}
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: whiptails
x-rgw-object-type: Normal
x-cache-type: main
cf-ray: 623eebbf6f231782-FRA
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 FuturaNewBook.woff
assets.shafastatic.net/static/fonts/ 48 KB
48 KB 240ms
44ms Font
application/octet-stream 185.86.57.248
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.shafastatic.net/static/fonts/FuturaNewBook.woff
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/main.8501d773.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.57.248 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: shafa.ua
Software: nginx /
Resource Hash: 9b1068c8b22a62e37b6140b6202fb60569cc45e3899b521605ac5c0a02e444cf

Request headers

Origin: https://shafa.ua
Referer: https://shafa.c.prom.st/build/main.8501d773.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Tue, 14 Apr 2020 13:42:38 GMT
server: nginx
etag: "5e95bdce-bf74"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 49012
expires: Fri, 19 Feb 2021 09:21:59 GMT

GET
H2 200 FuturaNewMedium.woff
assets.shafastatic.net/static/fonts/ 48 KB
49 KB 273ms
78ms Font
application/octet-stream 185.86.57.248
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.shafastatic.net/static/fonts/FuturaNewMedium.woff
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/main.8501d773.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.57.248 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: shafa.ua
Software: nginx /
Resource Hash: a80d0e987eb06d3454ae233e8f2fd54c0f5c0fdc70f95970a414d09f07c5d4bb

Request headers

Origin: https://shafa.ua
Referer: https://shafa.c.prom.st/build/main.8501d773.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Tue, 14 Apr 2020 13:42:38 GMT
server: nginx
etag: "5e95bdce-c100"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 49408
expires: Fri, 19 Feb 2021 09:21:59 GMT

GET
H2 200 FuturaNewDemi.woff
assets.shafastatic.net/static/fonts/ 49 KB
50 KB 273ms
78ms Font
application/octet-stream 185.86.57.248
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.shafastatic.net/static/fonts/FuturaNewDemi.woff
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/main.8501d773.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.57.248 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: shafa.ua
Software: nginx /
Resource Hash: 1f5194b359eac66eaef75c33cfd462c0c6e96df1e4d5c638d93ca38f1264eb2d

Request headers

Origin: https://shafa.ua
Referer: https://shafa.c.prom.st/build/main.8501d773.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Tue, 14 Apr 2020 13:42:38 GMT
server: nginx
etag: "5e95bdce-c540"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 50496
expires: Fri, 19 Feb 2021 09:21:59 GMT

GET
H3-Q050 200 js Show response
www.google-analytics.com/gtm/ 97 KB
37 KB 23ms
23ms Script
application/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=GTM-554H742&cid=2011239597.1613726520

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d4f4cc4430ea2b7a54348544067b0a0c48bbae6761132d8f3aab6cf540da19c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37581
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H2 200 FuturaNewLight.woff
assets.shafastatic.net/static/fonts/ 47 KB
48 KB 124ms
78ms Font
application/octet-stream 185.86.57.248
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.shafastatic.net/static/fonts/FuturaNewLight.woff
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/main.8501d773.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.57.248 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: shafa.ua
Software: nginx /
Resource Hash: 90aa8bc0cd21ffaec37906090315332a7c2f2b0aa36d4626f986e767b44d0687

Request headers

Origin: https://shafa.ua
Referer: https://shafa.c.prom.st/build/main.8501d773.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Tue, 14 Apr 2020 13:42:38 GMT
server: nginx
etag: "5e95bdce-bd28"
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 48424
expires: Fri, 19 Feb 2021 09:21:59 GMT

GET
H2 200 1725697687474407 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1725697687474407?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b6c58c89c73fcd03831e035c6b1ff8b1b60fadf9420e80a3fedf73c52edb9326

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70576
x-fb-rlafr: 0
pragma: public
x-fb-debug: 1RjPsbOI0CJjXRXJPnx94+f7g6hmDQDiEIPXqJdLZQiC2/b3MsI88h6NGl2FMcPS9VwInfjOwEjWVixX4RQUGQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Fri, 19 Feb 2021 09:22:00 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 605202789
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 iframe.html Show response
clerk.c.prom.st/v4.2.0/ Frame 6EEA 3 KB
2 KB 47ms
43ms Document
text/html 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://clerk.c.prom.st/v4.2.0/iframe.html
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 6d144edbc1b15ef769a5bee04b9856feff30eff2f1b64b523c49f1df2ffe362e

Request headers

:method: GET
:authority: clerk.c.prom.st
:scheme: https
:path: /v4.2.0/iframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Response headers

server: nginx
date: Fri, 19 Feb 2021 09:22:00 GMT
content-type: text/html
content-length: 1382
last-modified: Wed, 15 Jul 2020 12:02:47 GMT
content-encoding: gzip
cache-control: public,max-age=31536000,immutable
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
x-cache-status: HIT HIT
x-cache-key: cdnclerk.c.prom.st/v4.2.0/iframe.html
x-cache-source: local
x-servant: lancehead
x-cache-type: main

GET
H/1.1 200
OK spx.js Show response
www.dmpcloud.net/spx/shafa.ua/ 568 B
1 KB 87ms
20ms Script
application/x-javascript 13.226.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dmpcloud.net/spx/shafa.ua/spx.js?ts=1613726520421
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-106.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 871ee271dd64431287c15fe732d50fcb363ac39399efeab429247cce7161fec3

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 18 Feb 2021 20:44:05 GMT
Via: 1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
Last-Modified: Thu, 14 Dec 2017 14:12:16 GMT
Server: AmazonS3
Age: 45476
ETag: "aaa7f3047fe119faaa96d5e4c38e9f8a"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 568
X-Amz-Cf-Id: hR9tFseysTJW797oq9TMSuemMAtkGxMjlBs25oc_gvP8ykMZwG23NA==

GET
H2

200

tags Show response
ams.creativecdn.com/ Frame 6D3A
Redirect Chain

https://creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888
https://ams.creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888&tc=1

120 B
377 B

21ms
20ms

Document
text/html

185.184.8.30
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://ams.creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888&tc=1
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.30 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-30.rtbhouse.net
Software: /
Resource Hash: ef6e9ba57f2f304b97b5736ec391bfbe3325dfd51359ef3ac322f61008fec9ee

Request headers

:method: GET
:authority: ams.creativecdn.com
:scheme: https
:path: /tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888&tc=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: u=bQKcJB0AqRTEdrb8QPsd; ts=1613726520
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT Fri, 19 Feb 2021 09:22:00 GMT
content-type: text/html;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 129

Redirect headers

date: Fri, 19 Feb 2021 09:22:00 GMT
set-cookie: u=bQKcJB0AqRTEdrb8QPsd;Path=/;Domain=.creativecdn.com;Expires=Sat, 19-Feb-2022 09:22:00 GMT;Max-Age=31536000;Secure;SameSite=None ts=1613726520;Path=/;Domain=.creativecdn.com;Expires=Sat, 19-Feb-2022 09:22:00 GMT;Max-Age=31536000;Secure;SameSite=None
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://ams.creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888&tc=1
content-length: 0

GET
H2 200 pages-AddNewPaymentCardPage~pages-CheckoutPaymentPage.e3a2f7225d77d6bb7fc4.js
shafa.c.prom.st/build/ 0
9 KB 45ms
45ms Other
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/pages-AddNewPaymentCardPage~pages-CheckoutPaymentPage.e3a2f7225d77d6bb7fc4.js
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx0000000000000016730d5-00602d2515-19ba88b-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/pages-AddNewPaymentCardPage~pages-CheckoutPaymentPage.e3a2f7225d77d6bb7fc4.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 8896
last-modified: Wed, 17 Feb 2021 14:10:26 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: ferdelance
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 pages-AddNewPaymentCardPage.706012e779d6b60e6610.js
shafa.c.prom.st/build/ 0
12 KB 46ms
45ms Other
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/pages-AddNewPaymentCardPage.706012e779d6b60e6610.js
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx0000000000000016763fd-00602d2515-1a02d94-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/pages-AddNewPaymentCardPage.706012e779d6b60e6610.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 11635
last-modified: Wed, 17 Feb 2021 14:10:26 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: lancehead
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 41.360b5041d1a0f9c43ec5.css
shafa.c.prom.st/build/ 6 KB
2 KB 47ms
45ms Stylesheet
text/css 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/41.360b5041d1a0f9c43ec5.css
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: dd236db7288b34ebfdfdbe25b1ed0e39c75542692c05b1e6db44fb79817f0c01

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx000000000000001392726-0060194a17-202a855-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/41.360b5041d1a0f9c43ec5.css
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 1874
last-modified: Tue, 02 Feb 2021 12:45:47 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
x-servant: habu
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 pages-ProductDetailsPage.0a676a993303af6dc043.js Show response
shafa.c.prom.st/build/ 26 KB
10 KB 47ms
46ms Script
application/javascript 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.c.prom.st/build/pages-ProductDetailsPage.0a676a993303af6dc043.js
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 8bf88351473ec8b954bbf077b0e954b8657a949b0676daa88f1281c6f7f157ae

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-amz-request-id: tx0000000000000016763fe-00602d2515-1a02d94-openstack-1
x-cache-key: cdnshafa.c.prom.st/build/pages-ProductDetailsPage.0a676a993303af6dc043.js
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 9939
last-modified: Wed, 17 Feb 2021 14:10:26 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: whiptails
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 preloader.gif
shafa.c.prom.st/build/shafa/js/components/RouterPreloader/images/ 6 KB
6 KB 46ms
45ms Image
image/gif 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/build/shafa/js/components/RouterPreloader/images/preloader.gif
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2d687da9dc9b171956c3cc2ffd9e42c84e27a925a650dda8d71a02fc3df2b304

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Mon, 02 Sep 2019 12:25:19 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/build/shafa/js/components/RouterPreloader/images/preloader.gif
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
x-servant: lancehead
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 5967
x-cache-type: main

POST
H2 200 / Show response
shafa-sentry.evo.run/api/2/store/ 41 B
525 B 301ms
121ms Fetch
application/json 193.34.168.232
EVO

General

Check archive.org

Show headers Download Go to

Full URL

https://shafa-sentry.evo.run/api/2/store/?sentry_key=ec199dfdd3564418a066cb484e9d2ff5&sentry_version=7

Requested by

Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

193.34.168.232 , Ukraine, ASN43896 (EVO, UA),

Reverse DNS

Software

nginx /

Resource Hash

6fe6abf5c841c887ab5def60846c0be800a6a1166220e6f98ad375cddb4addd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Referer: https://shafa.ua/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
x-content-type-options: nosniff
x-envoy-upstream-service-time: 30
content-length: 41
x-xss-protection: 1; mode=block
last-modified: Fri, 19 Feb 2021 09:22:00 GMT
server: nginx
x-frame-options: deny
vary: Accept-Language, Cookie
access-control-allow-methods: GET, POST, HEAD, OPTIONS
content-language: en
access-control-allow-origin: https://shafa.ua
access-control-expose-headers: X-Sentry-Error, Retry-After
cache-control: max-age=0
content-type: application/json
access-control-allow-headers: X-Sentry-Auth, X-Requested-With, Origin, Accept, Content-Type, Authentication
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H2 200 umbrella.svg
shafa.c.prom.st/build/shafa/js/components/SafePurchaseLink/icons/ 680 B
931 B 46ms
45ms Image
image/svg+xml 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/build/shafa/js/components/SafePurchaseLink/icons/umbrella.svg
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: dfa960be98359c35c99fd9a85634af5e3b888f3f80ad5287035367303049e68f

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
last-modified: Mon, 12 Aug 2019 13:16:29 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/build/shafa/js/components/SafePurchaseLink/icons/umbrella.svg
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: himehabu
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 450
x-cache-type: main

GET
H2 200 pubads_impl_2021021101.js Show response
securepubads.g.doubleclick.net/gpt/ 289 KB
102 KB 79ms
29ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021021101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

sffe /

Resource Hash

a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 11 Feb 2021 09:38:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103545
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H3-Q050 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/ 227 KB
85 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4989628462824154&plah=shafa.ua&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 87061
x-xss-protection: 0
server: cafe
etag: 9039926254773515089
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/ Frame 134F 10 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210211/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210211/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 19 Feb 2021 06:34:06 GMT
expires: Fri, 05 Mar 2021 06:34:06 GMT
content-type: text/html; charset=UTF-8
etag: 6440208225989294717
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4777
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 10074
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 138 KB
52 KB 26ms
26ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VJYG1MWHR2&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFHTCRH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

823364e8036b8e763f5bb2ced22dab1bc68ba517a55da566b40b9f6b11171d2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53712
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 31 KB
13 KB 82ms
32ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFHTCRH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12360
x-xss-protection: 0
server: cafe
etag: 195370021859676167
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H2

200

colbert.js Show response
colbert-static.c.prom.st/static/
Redirect Chain

https://colbert.evo.company/static/colbert.js
https://colbert-static.c.prom.st/static/colbert.js

210 KB
65 KB

223ms
78ms

Script
application/javascript

193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to

Full URL: https://colbert-static.c.prom.st/static/colbert.js
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 2cb3adf2527682b91637256388fe28b741d0931dc6f6bd9c50006c2af911ac76

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
last-modified: Wed, 27 Jan 2021 18:36:41 GMT
server: nginx
x-cache-key: cdncolbert-static.c.prom.st/static/colbert.js
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
x-servant: himehabu
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 65640
x-cache-type: main

Redirect headers

date: Fri, 19 Feb 2021 09:22:00 GMT
server: nginx
location: https://colbert-static.c.prom.st/static/colbert.js
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=604800
content-length: 162
expires: Fri, 26 Feb 2021 09:22:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 19ms
19ms Script
application/javascript 2a00:1450:4001:803::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-827914930

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PFHTCRH

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e01a0d99418931a94f66e9325eb1ceb3575968432bed7992e5e2c08d02683753

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39250
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Feb 2021 09:22:00 GMT

POST
H2 200 graphiql-batch Show response
shafa.ua/api/v3/ 653 B
875 B 216ms
216ms Fetch
application/json 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://shafa.ua/api/v3/graphiql-batch

Requested by

Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b09685a405704195c61a56251da90751b5fdd799f02ccc8f4169fdc810020a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

content-type: application/json
accept: */*
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
x-app-version: v21.7.9
batch: true
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-app-platform: web

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
content-type: application/json
access-control-max-age: 86400
x-envoy-upstream-service-time: 24
access-control-allow-methods: GET, OPTIONS
cf-request-id: 085b31adb70000178269be9000000001
x-served-by: shafa-prod--web-58958b58-gkl6v
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Cookie, Accept-Language
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Ne3nsTkq6qzd75FIw4L5xP9NGkdHE5aItOxo%2Fq5vw4cKK%2Bp3I5BbdYJwz8amd1J3Wuy0YE4AuchSQXGaBeB3gkhOytfSTI1PKL3XJa%2Fad%2F6tGnpNA%3D%3D"}],"group":"cf-nel"}
content-language: ru
cf-ray: 623eebc2baa21782-FRA

POST
H2 200 / Show response
shafa.ua/api/v4/graphiql/ 224 B
570 B 183ms
183ms Fetch
application/json 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.ua/api/v4/graphiql/
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6817faf04dd7cb5659a7256c0fe8ebe927bccd2b5a9291dce4c1cafd2249fe8c

Request headers

accept: */*
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
x-app-version: v21.7.9
content-type: application/json
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-app-platform: web

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-envoy-upstream-service-time: 31
access-control-allow-methods: GET, OPTIONS
cf-request-id: 085b31adb70000178290b78000000001
server: cloudflare
etag: W/"e0-tR995dIMhkzMoyRlDNu7kyPZ8vA"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fd1rqnQNjBheq9e5xMf2JqFJj0MdY9DC4u8nZ8MO4HXp9SSGVRkRojcbQHEGajWPVHaiXMbnFm4ZIbZDmhXDYfdd1RWg5xqVSbKvfm7XPk9gc36i0w%3D%3D"}],"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 623eebc2baa31782-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1725697687474407&ev=PageView&dl=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&rl=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&if=false&ts=1613726520855&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613726520854.1188107529&it=1613726520417&coo=false&rqm=GET

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Feb 2021 09:22:00 GMT

GET
H/1.1 200
OK framework.js Show response
www.dmpcloud.net/spx/ 3 KB
3 KB 21ms
21ms Script
application/x-javascript 13.226.159.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dmpcloud.net/spx/framework.js
Requested by: Host: www.dmpcloud.net
URL: https://www.dmpcloud.net/spx/shafa.ua/spx.js?ts=1613726520421
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.106 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-106.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5fad6026d24fb8b14e140c65e8d3934b81eb6f2c030d2e88cba03dea61cb05e7

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 19 Feb 2021 03:15:05 GMT
Via: 1.1 987c00b911316df568db602f83876a8e.cloudfront.net (CloudFront)
Last-Modified: Thu, 17 Nov 2016 21:15:31 GMT
Server: AmazonS3
Age: 22016
ETag: "6f6a2e2e3eb477f635a29d6977f054a7"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: DUS51-C1
Accept-Ranges: bytes
Content-Length: 3020
X-Amz-Cf-Id: lAs8dpS1DC3naW4sgtxeS6JFp0usQSv-Laot0cXspLqMM-zXjT745Q==

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
42 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1031270742&t=pageview&_s=1&dl=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&dr=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%7C%20SHAFA.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KGBAAAADQAAAAC~&jid=1184366629&gjid=678433773&cid=2011239597.1613726520&tid=UA-45115692-1&_gid=1642390678.1613726520&_r=1&_slc=1&z=1687497272

Requested by

Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shafa.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1031270742&t=pageview&_s=1&dl=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&dr=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%7C%20SHAFA.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAEADQAAAAC~&jid=1389977940&gjid=867307386&cid=2011239597.1613726520&tid=UA-45115692-3&_gid=1642390678.1613726520&_r=1&gtm=2wg2a1PFHTCRH&z=1403172979

Requested by

Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shafa.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1031270742&t=event&_s=2&dl=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&dr=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%7C%20SHAFA.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Product&ea=product_view&el=None&ev=1&_u=KGBAAAADQAAAAC~&jid=&gjid=&cid=2011239597.1613726520&tid=UA-45115692-1&_gid=1642390678.1613726520&z=1653307015

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 07:26:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6916
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bag.png
shafa.c.prom.st/build/shafa/js/components/BuyButtonInProduct/images/ 436 B
896 B 46ms
45ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/build/shafa/js/components/BuyButtonInProduct/images/bag.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 6668f0f7a97ab8cdb20376740a7865fc40a1a6a9029e88ce2338fcf78e49fc24

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
last-modified: Fri, 02 Oct 2020 10:45:13 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/build/shafa/js/components/BuyButtonInProduct/images/bag.png
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: whiptails
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 436
x-cache-type: main

GET
H2 200 um
sync.teads.tv/ Frame 6D3A 23 B
172 B 110ms
64ms Image
image/gif 95.100.64.146
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=167&uid=bQKcJB0AqRTEdrb8QPsd
Requested by: Host: ams.creativecdn.com
URL: https://ams.creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888&tc=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.64.146 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-100-64-146.deploy.static.akamaitechnologies.com
Software: akka-http/10.1.9 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://ams.creativecdn.com/tags?id=pr_Ucd0Z4LT2bTI0vpzr3aE_offer_41168888&tc=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:00 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 19 Feb 2021 09:22:00 GMT
server: akka-http/10.1.9
content-length: 23
content-type: image/gif

POST
H2 204 result Show response
shafa.ua/cdn-cgi/bm/cv/ 0
615 B 9ms
9ms XHR
text/plain 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.ua/cdn-cgi/bm/cv/result?req_id=623eebbacac11782
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RwFSRNbPnIyQPIVp5K1dr49upZxt%2FuZQXuhc8icPBODs2YEleBDK%2BRwypimJSnFfySWnV183bngzZJr5tr3fsWLyQND2ezQJOmQVFhjq%2BOvpiAfedg%3D%3D"}],"group":"cf-nel"}
cf-ray: 623eebc3bba51782-FRA
cf-request-id: 085b31ae4f000017825f123000000001

POST
H2 200 / Show response
shafa.ua/api/v4/graphiql/ 1 KB
782 B 109ms
108ms Fetch
application/json 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shafa.ua/api/v4/graphiql/
Requested by: Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/shared.020f11f2d37ffed387fe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 7d091206b720695d2414126a96a867443ef09ba0029b52e61286b8debcd45218

Request headers

accept: */*
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
x-app-version: v21.7.9
content-type: application/json
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-app-platform: web

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
x-envoy-upstream-service-time: 56
access-control-allow-methods: GET, OPTIONS
cf-request-id: 085b31ae62000017829d26d000000001
server: cloudflare
etag: W/"434-KyeTnigaXhKh1vXrC6TM/TkpYC4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 86400
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P6qnuSI%2BUaWpe1c9N2LP8KOatj7zgpSWcp9Txaf7VFEKtxMEutzRiDkoanBk7m9Q1oT2u7um%2F2c3D2AImP4%2FGLpFLmSjrtu8QRk2y0Xwqw7p1icoQQ%3D%3D"}],"group":"cf-nel"}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cf-ray: 623eebc3cbc91782-FRA

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 198 B
404 B 56ms
54ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=shafa.ua&callback=_gfp_s_&client=ca-pub-4989628462824154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210211/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4989628462824154&plah=shafa.ua&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s45-in-f2.1e100.net

Software

cafe /

Resource Hash

e53270772ec20a5c44e65de91aa504f69bba162ccd7bcaac907b5496a1b72c83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 188
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
803 B 39ms
17ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=shafa.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
803 B 36ms
15ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=shafa.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 09:22:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 769E 92 KB
33 KB 716ms
716ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f4e527e020d1c5884456d5007d5343f88125067a7b362df9ea6b5c86f0ad19da

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPS_sODP9e4CFYrs7QodAacLUA&gqi=OIMvYNCSO9iEtwespabAAQ&layout=/sadbundle/%24csp%253Der3%24/15765081467157609459/asus-ROX-strix-300x600.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPS_sODP9e4CFYrs7QodAacLUA&gqi=OIMvYNCSO9iEtwespabAAQ&layout=/sadbundle/%24csp%253Der3%24/15765081467157609459/asus-ROX-strix-300x600.html
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 09:22:01 GMT
server: cafe
content-length: 32508
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 09:37:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 09:22:01 GMT
cache-control: private

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 61ms
47ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565174175677"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28346
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:01 GMT

POST
H3-Q050 204 collect
www.google-analytics.com/g/ 0
23 B 13ms
12ms Other
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-VJYG1MWHR2&gtm=2oe2a1&_p=1031270742&sr=1600x1200&ul=en-us&cid=2011239597.1613726520&_s=1&dl=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&dr=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&dt=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%7C%20SHAFA.ua&sid=1613726520&sct=1&seg=0&en=page_view&_fv=1&_ss=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VJYG1MWHR2&l=dataLayer&cx=c
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shafa.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
83 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-45115692-1&cid=2011239597.1613726520&jid=1184366629&gjid=678433773&_gid=1642390678.1613726520&_u=KGBAAAACQAAAAC~&z=240865729

Requested by

Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 09:22:00 GMT
content-type: text/plain
access-control-allow-origin: https://shafa.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c02::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-45115692-3&cid=2011239597.1613726520&jid=1389977940&gjid=867307386&_gid=1642390678.1613726520&_u=aGDAAEADQAAAAC~&z=204807688

Requested by

Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c02::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 19 Feb 2021 09:22:00 GMT
content-type: text/plain
access-control-allow-origin: https://shafa.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 834A 94 KB
25 KB 460ms
460ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d6c33d1bbff3e7e2d0768620e28a4311d9d386e65713895b033ed0767ecd1af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 19 Feb 2021 09:22:01 GMT
server: cafe
content-length: 25582
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 09:37:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 09:22:01 GMT
cache-control: private

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827914930/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827914930/?random=1613726521003&cv=9&fst=1613726521003&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b95a6b973a80bebd1f473678879f80b6f37496d1bc05a363db25aff2c0b0d90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1153
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827914930/ 3 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827914930/?random=1613726521005&cv=9&fst=1613726521005&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2a1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53174ba786e6fb318bb2cc3f14b9507443f298be1ed2efbf3be42f997607e86f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1127
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B65 0
73 B 28ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&adk=1812271804&adf=3025194257&lmt=1613726521&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ea=0&flash=0&pra=7&wgl=1&dt=1613726520727&bpp=1&bdt=786&idt=281&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C840x280&nras=1&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=287

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&adk=1812271804&adf=3025194257&lmt=1613726521&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ea=0&flash=0&pra=7&wgl=1&dt=1613726520727&bpp=1&bdt=786&idt=281&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600%2C840x280&nras=1&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=31&ifi=3&uci=a!3&fsb=1&dtd=287
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 19 Feb 2021 09:22:01 GMT
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 19-Feb-2021 09:37:01 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 09:22:01 GMT
cache-control: private

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-45115692-1&cid=2011239597.1613726520&jid=1184366629&_u=KGBAAAACQAAAAC~&z=1980162975

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-45115692-1&cid=2011239597.1613726520&jid=1184366629&_u=KGBAAAACQAAAAC~&z=1980162975

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-45115692-3&cid=2011239597.1613726520&jid=1389977940&_u=aGDAAEADQAAAAC~&z=1268523240

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
23ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-45115692-3&cid=2011239597.1613726520&jid=1389977940&_u=aGDAAEADQAAAAC~&z=1268523240

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 card-protection.svg
shafa.c.prom.st/build/shafa/js/components/ProductSecurePayment/images/ 1 KB
1 KB 46ms
45ms Image
image/svg+xml 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/build/shafa/js/components/ProductSecurePayment/images/card-protection.svg
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 0ecb437fc78e24eb2d8ad222a81f2bf165b52f97faeef96ed0bda8116d5f73a5

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:16:51 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/build/shafa/js/components/ProductSecurePayment/images/card-protection.svg
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: habu
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 720
x-cache-type: main

GET
H2 200 ic-ask.svg
shafa.c.prom.st/build/shafa/js/components/ProductSecurePayment/images/ 1 KB
1 KB 46ms
46ms Image
image/svg+xml 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/build/shafa/js/components/ProductSecurePayment/images/ic-ask.svg
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1c2294fcf367de6f37dc1174c05e8d56e6dd4b10c63e051188d0f9c94d883cb3

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
last-modified: Tue, 23 Jun 2020 11:15:51 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/build/shafa/js/components/ProductSecurePayment/images/ic-ask.svg
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: himehabu
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 619
x-cache-type: main

GET
H2 200 840x180-2_fHy7lcZ.png
uploads.shafastatic.net/uploads/2021/Feb/ 81 KB
81 KB 62ms
55ms Image
image/png 193.34.169.4
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads.shafastatic.net/uploads/2021/Feb/840x180-2_fHy7lcZ.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.4 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS: images.shafastatic.net
Software: nginx /
Resource Hash: 64d72ec545f3804fac9006a09a806870fd065168178dc0fb3140fda68ca818e1

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
last-modified: Fri, 19 Feb 2021 07:42:42 GMT
server: nginx
x-cache-status: HIT
content-type: image/png
x-cache-source: local
x-servant: habu
cache-control: max-age=31536000
content-length: 82808
expires: Sat, 19 Feb 2022 09:22:01 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/827914930/ 42 B
66 B 22ms
21ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827914930/?random=1613726521003&cv=9&fst=1613725200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&async=1&fmt=3&is_vtc=1&random=2130542267&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/827914930/ 42 B
135 B 20ms
18ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827914930/?random=1613726521003&cv=9&fst=1613725200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&async=1&fmt=3&is_vtc=1&random=2130542267&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/827914930/ 42 B
119 B 21ms
20ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827914930/?random=1613726521005&cv=9&fst=1613725200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2a1&sendb=1&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&async=1&fmt=3&is_vtc=1&random=2411121624&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/827914930/ 42 B
66 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827914930/?random=1613726521005&cv=9&fst=1613725200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg2a1&sendb=1&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&async=1&fmt=3&is_vtc=1&random=2411121624&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ic_novaposhta.png
shafa.c.prom.st/img/settings/ 2 KB
2 KB 47ms
46ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/settings/ic_novaposhta.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 9014e4995d406e6b293ede7ba6c4d63710bc37bba26d03cf332a8783e5130415

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
x-amz-request-id: tx000000000000000d7103b-005fe24003-202a855-openstack-1
x-cache-key: cdnshafa.c.prom.st/img/settings/ic_novaposhta.png
x-cache-status: HIT, HIT
x-amz-storage-class: STANDARD
x-cache-source: local
content-length: 1876
last-modified: Fri, 18 Dec 2020 07:25:21 GMT
server: nginx
cache-control: public,max-age=31536000,immutable
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: himehabu
x-rgw-object-type: Normal
x-cache-type: main
accept-ranges: bytes
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key

GET
H2 200 ic_justin.png
shafa.c.prom.st/img/settings/ 2 KB
2 KB 48ms
46ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/settings/ic_justin.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 39b2efd8506b3f8b1f7afcf8396bf3f597c0db385b19090dc6f51e3b7bcfd903

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
last-modified: Mon, 23 Dec 2019 12:38:04 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/img/settings/ic_justin.png
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: himehabu
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 1807
x-cache-type: main

GET
H2 200 cardProtection.png
shafa.c.prom.st/img/settings/ 2 KB
2 KB 46ms
45ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/settings/cardProtection.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 741bffe147810abf1839e199cbaf34a5ee9bb80dd5de25d64846cf903e343fbd

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
last-modified: Tue, 12 May 2020 16:21:48 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/img/settings/cardProtection.png
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: sidewinder
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 1547
x-cache-type: main

GET
H2 200 ic-ask.svg
shafa.c.prom.st/build/shafa/js/components/PaymentMethodItem/images/ 1 KB
1 KB 46ms
45ms Image
image/svg+xml 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/build/shafa/js/components/PaymentMethodItem/images/ic-ask.svg
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: 1c2294fcf367de6f37dc1174c05e8d56e6dd4b10c63e051188d0f9c94d883cb3

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
last-modified: Fri, 20 Nov 2020 11:43:05 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/build/shafa/js/components/PaymentMethodItem/images/ic-ask.svg
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
x-servant: habu
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 619
x-cache-type: main

GET
H2 200 sellerCard.png
shafa.c.prom.st/img/settings/ 739 B
1 KB 48ms
47ms Image
image/png 193.34.169.9
EVO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://shafa.c.prom.st/img/settings/sellerCard.png
Requested by: Host: shafa.ua
URL: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.34.169.9 , Ukraine, ASN43896 (EVO, UA),
Reverse DNS
Software: nginx /
Resource Hash: cf9e5607bec2c33f2cfd9c5c64ac89e424d41fe469bd3d7a69ad027c2467e3ee

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
last-modified: Tue, 12 May 2020 16:21:48 GMT
server: nginx
x-cache-key: cdnshafa.c.prom.st/img/settings/sellerCard.png
x-cache-status: HIT, HIT
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
x-servant: himehabu
cache-control: public,max-age=31536000,immutable
x-cache-source: local
access-control-allow-headers: X-CSRFToken, X-PromUserID, Content-Type, X-Requested-With, X-Image-Hashes, X-LANGUAGE, X-Test-Mode, X-Cache-Status, X-Cache-Key
content-length: 739
x-cache-type: main

POST
H2 200 /
www.facebook.com/tr/ 0
102 B 7ms
6ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary2JBbuQ3ActnIc9ss

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 19 Feb 2021 09:22:01 GMT
content-type: text/plain
access-control-allow-origin: https://shafa.ua
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 834A 2 KB
634 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 19 Feb 2021 09:15:09 GMT
server: ESF
date: Fri, 19 Feb 2021 09:22:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Feb 2021 09:22:01 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 834A 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:45:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 08:45:33 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 834A 18 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:45:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2169
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 08:45:52 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 834A 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:45:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2167
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 08:45:54 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 834A 107 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565156040306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:01 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 834A 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:46:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 08:46:21 GMT

GET
H2 200 fa9f376fb382443f5f015f3a0c3dfed2.js Show response
www.gstatic.com/mysidia/ Frame 834A 25 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa9f376fb382443f5f015f3a0c3dfed2.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b49b02fc1286f940cce0e398d850753f00338dbb321a51e2aadf996223c9c7e9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 17 Feb 2021 17:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 10 Feb 2021 19:48:57 GMT
server: sffe
age: 143788
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10802
x-xss-protection: 0
expires: Tue, 18 May 2021 17:25:33 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 834A 14 KB
15 KB 30ms
7ms Image
image/jpeg 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQizgeIBXTe6olhRO__16NnIomyuBSIfErhzRWg-xUTYMaH5WE&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40a907b0f406309e501088b0998d039cde9fcce37bfb8ff881491118d2a72187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 05:01:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Dec 2020 14:06:21 GMT
server: sffe
age: 102011
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14716
x-xss-protection: 0
expires: Fri, 18 Feb 2022 05:01:50 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 834A 29 KB
30 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcTqNuQhbMUdULTm5arMW0QHCIl_cpY9ObwpcTzHDBpcaMKCud8tXBh2YH0etQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfcca5a56e42f4236924dc5802884144ce133da8c1b0e7a4312a2f20e5972686

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 16 Feb 2021 14:08:13 GMT
x-content-type-options: nosniff
last-modified: Wed, 30 Sep 2020 13:07:48 GMT
server: sffe
age: 242028
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30168
x-xss-protection: 0
expires: Wed, 16 Feb 2022 14:08:13 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 834A 29 KB
29 KB 28ms
6ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQ4idw0ZETiL5eJ00cTgwPB28tk4-EN2dZcd5RJw6FluzMu-Vxq0NDdPjtUew&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2b22ed261a1accb91912af837297b968899b20ad791ea602bcdd189f6f563d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 02:30:43 GMT
x-content-type-options: nosniff
last-modified: Fri, 11 Sep 2020 13:04:41 GMT
server: sffe
age: 24678
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29609
x-xss-protection: 0
expires: Sat, 19 Feb 2022 02:30:43 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 834A 13 KB
13 KB 34ms
13ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQg4QGPMbS1szdNthnRuw2-v0Hy_kVIsb34dn5IEHFlf3LokCGo9fLokeIF_Q&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f9c801c8a529ea7e02b4d08d4875a758fcb3d03c40e9c5e87db973e9a1628ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 09:18:04 GMT
x-content-type-options: nosniff
last-modified: Mon, 02 Nov 2020 14:06:05 GMT
server: sffe
age: 86637
content-type: image/jpeg
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13608
x-xss-protection: 0
expires: Fri, 18 Feb 2022 09:18:04 GMT

GET
H3-Q050

200

6390794388280864672
tpc.googlesyndication.com/simgad/ Frame 834A
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDrw7O6IhCwCRisAjII9947V29w5qI
https://tpc.googlesyndication.com/simgad/6390794388280864672

33 KB
33 KB

6ms
6ms

Image
image/png

2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6390794388280864672

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

15a61e52f7d97cf3cbbf8d52207f7eea402f643db44b38e02110f894f0a65492

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 05:29:21 GMT
x-content-type-options: nosniff
age: 13960
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33901
x-xss-protection: 0
last-modified: Wed, 15 Jan 2020 07:54:28 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Feb 2022 05:29:21 GMT

Redirect headers

timing-allow-origin: *
date: Thu, 18 Feb 2021 13:34:13 GMT
x-content-type-options: nosniff
server: cafe
age: 71268
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/6390794388280864672
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 20 Mar 2021 13:34:13 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 834A 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CPIdXOYMvYI_mAcXw-gaHj4L4Bf_dpINh1a_i8-8MxM7yhMMbEAEgt5-haGCVAqABuf--7APIAQmpAuug10puSbQ-qAMByANKqgTXAU_QWxYB4UA7_JLcIoLT3_Ay-rT3qhwgzl469h0BQ7XaqW7sfmRDFdJ9Bksc2IV4rpKCpsussbYRK_gFmMfMBqOlueTM9xy7iZI_roEy85pzoczTw_96L_W5JJnek-2hUkjzzyQ2DtYOWwUvrlJa0miTlmk6wHa_m6k3hQQILNK5KWhUhXxwCHcfx8UFiyc8KupcRSfkDP1OeeNEQLPxZIKHnsIJaDNuaXLdrX-egLnfU9_4OE1qS04wRXZBd7kutotgpc9UTkTt0_1IAILAk6GZmPQC5_M9wATcy57R_gKSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH-rKHFqgH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ-KsE0ggJCIDhgBAQARgfgAoByAsB2BMLshcaChgIABIUcHViLTQ5ODk2Mjg0NjI4MjQxNTQ&sigh=4GCkzG0Cn3M&template_id=494&tpd=AGWhJmu2A-b0g2JodjlK4kDIv5Ktpv5ZChIfPC7UroJyi9MI6g

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Feb 2021 09:22:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:01 GMT

GET
DATA 200
OK truncated
/ Frame 834A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3dcbf595f48209df723f9e35cddd183c95b60236c6cb33c09bfc94b31634af1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v14/ Frame 834A 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v14/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oT3ZQZQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2deb82c585f891ba79a0cc6e27caf804cd5308c9fc91f5487549d64f3bb84b89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:10:52 GMT
x-content-type-options: nosniff
last-modified: Wed, 04 Dec 2019 18:44:36 GMT
server: sffe
age: 669
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14516
x-xss-protection: 0
expires: Sat, 19 Feb 2022 09:10:52 GMT

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame 45C2 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=280&slotname=5726995289&adk=3043604742&adf=1642182097&pi=t.ma~as.5726995289&w=840&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=840x280&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&dt=1613726520724&bpp=3&bdt=783&idt=270&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=300x600&correlator=5559559795516&frm=20&pv=1&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=210&ady=2752&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mjmlYCsnyv&p=https%3A//shafa.ua&dtd=273
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 02:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 25553
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Sat, 19 Feb 2022 02:16:08 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/ Frame 769E 18 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2839
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7377
x-xss-protection: 0
server: cafe
etag: 10747045913157086108
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 08:34:42 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 769E 3 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:31:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3039
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 08:31:22 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 769E 107 KB
33 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1613565156040306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33368
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:01 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/ Frame 769E 14 KB
6 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210211/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 08:34:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 15217341015479086142
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 Mar 2021 08:34:41 GMT

GET
H3-Q050 200 asus-ROX-strix-300x600.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/ Frame 4D45 287 KB
136 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0e159e154ac5aa9f578edb4139dfde72b275c65d00d4565d67be86d38e875af

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 18 Feb 2021 00:04:30 GMT
expires: Fri, 18 Feb 2022 00:04:30 GMT
last-modified: Fri, 12 Feb 2021 20:33:29 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 138108
age: 119851
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 769E 0
0 46ms
43ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CE1O-OIMvYPTDO4rZtweBzq6ABbrvvbhhlaC7o6ANv-iivcABEAEgt5-haGCVAsgBCagDAcgDSKoE4AFP0JcOpenLjJKfIAzybavGaJLfi2dmO8q2SPe0GULtUwF1AJY7vOnGJ3b5oXldYD9Jr0AqSGm4HUuGlq890TALgHztpbOdx8yDAOgHfFVkxTkZFMpynHkrwezPtrFPSO4pWRMpVi4fBwA-voK86MHOJBU8AMAfoqb5OANFdVWYXTkhIsGXh7M4mbpZV_jCOYLo2ewSnTkO5AmPg60wT9O-2U1dXHhfe-ShUEaqIUhweffKXAAc93UYyvvuedkc-w2aSPWZ3mN_abkv_je_I7zWW9DoVdBGbuy-UjRZFaVKR8AE6v-wprsDoAYugAfVz5c0qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJaiDtIICQiA4YAQEAEYH4AKAcgLAdgTA7IXGgoYCAASFHB1Yi00OTg5NjI4NDYyODI0MTU0&sigh=9VIRAd6m90Y&template_id=419&tpd=AGWhJmuayHRL4JHXNaa7tGbI9QFVz04AHk3dIdz3TIIRp16bXQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Feb 2021 09:22:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:01 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2E0 143 B
220 B 8ms
6ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUliCLV9zArPIR6BqsBY6K6qT2plmWJGbdRHeSyRrExmh6In7I1zssjVksXe; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 19 Feb 2021 08:41:25 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2436
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 4D45 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 16:32:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60566
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Feb 2021 16:32:35 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4D45 22 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/15765081467157609459/asus-ROX-strix-300x600.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 18 Feb 2021 17:30:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57065
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 19 Feb 2021 17:30:56 GMT

GET
DATA 200
OK truncated
/ Frame 769E 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5071661be2f3cfdd2e89b89ba149f4f8e53999ccf74216f60f52976c87b9d2bb

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4D45 420 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c730730af3c44486a74a573051b98ad7312072e8c928fda8529035316f429c9

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4D45 418 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e1ebede58a6b9cc0f2dda3a7d9b1231db89d7dfc16d6176bb6ee5abb079b5819

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4D45 101 KB
0 Image
image/jpeg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca12c2db7d5857968705cd850c4bde49e47eee5580f636c79bb7ffdf1bb104b5

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/jpeg

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/827914930/ 3 KB
1 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/827914930/?random=1613726521846&cv=9&fst=1613726521846&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&ig=1&data=event%3Dpage_view%3Bdynx_itemid%3D41168888%3Bdynx_pagetype%3Dofferdetail%3Bdynx_totalvalue%3D460%3Becomm_prodid%3D41168888%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D460&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

958819d54b5fe244b158ef3c321057c4eb3c5d1c5642969d4e14f1bf43de9545

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1217
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
124 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1725697687474407&ev=ViewContent&dl=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&rl=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&if=false&ts=1613726521849&cd[content_name]=%D0%9A%D0%B5%D0%B4%D1%8B%20van%26%2339%3Bs&cd[content_category]=%D0%9C%D1%83%D0%B6%D1%87%D0%B8%D0%BD%D0%B0%D0%BC%20%3E%20%D0%9E%D0%B1%D1%83%D0%B2%D1%8C%20%3E%20%D0%9A%D0%B5%D0%B4%D1%8B&cd[content_ids]=%5B%2241168888%22%5D&cd[content_type]=product&cd[value]=460&cd[currency]=UAH&sw=1600&sh=1200&v=2.9.33&r=stable&ec=2&o=30&fbp=fb.1.1613726520854.1188107529&it=1613726520417&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 19 Feb 2021 09:22:01 GMT

POST
H2 204 pageviews
tracker.shafa.ua/endpoint/ 0
345 B 182ms
173ms Other
text/plain 2606:4700:20::681a:e31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tracker.shafa.ua/endpoint/pageviews
Requested by: Host: clerk.c.prom.st
URL: https://clerk.c.prom.st/v4.2.0/bare.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:e31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 19 Feb 2021 09:22:02 GMT
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 2592000
access-control-allow-methods: POST, GET
access-control-allow-origin: *
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R0GoEtPwanMQaG3094luQZ%2Bnm0CLiodhMIF5pPpoxErQcvvJzYSuuu9t0XWoVZTOBkc3j%2BmzeU7qrOjMtPMzA6y5VBwghnY1Cv37BxnV4z0%2F8T%2B6HjUarHvvIHjb"}],"group":"cf-nel"}
cf-ray: 623eebc9a9511782-FRA
access-control-allow-headers: X-CSRFToken, X-PromUserID
cf-request-id: 085b31b205000017823d2ad000000001

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210211&st=env

Requested by

Host: shafa.c.prom.st
URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

95718c1ebc2362612af5e586d7592e27f5d9766cd3fe1f0d13084a20a11c630b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6421
x-xss-protection: 0

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C2E0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
133 B

41ms
40ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUliCLV9zArPIR6BqsBY6K6qT2plmWJGbdRHeSyRrExmh6In7I1zssjVksXe
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 19 Feb 2021 09:22:01 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Fri, 19-Feb-2021 10:22:01 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires: Fri, 19 Feb 2021 09:22:01 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 19 Feb 2021 09:22:01 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D45 14 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 02:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 25553
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Sat, 19 Feb 2022 02:16:08 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=1031270742&t=timing&_s=3&dl=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&dr=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&ul=en-us&de=UTF-8&dt=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0%D0%B8%D0%BD%D0%B5%20%7C%20SHAFA.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=2388&pdt=7&dns=7&rrt=0&srt=457&tcp=15&dit=965&clt=1205&_gst=733&_gbt=866&_cst=734&_cbt=1051&_u=aGDAAEADQAAAAC~&jid=&gjid=&cid=2011239597.1613726520&tid=UA-45115692-1&_gid=1642390678.1613726520&z=1457981487

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 07:26:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 6917
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 09:22:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Fri, 19 Feb 2021 09:22:01 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame DC94 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Fri, 19 Feb 2021 08:10:39 GMT
expires: Sat, 19 Feb 2022 08:10:39 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 4282
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js Show response
pagead2.googlesyndication.com/bg/ Frame DC94 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KMBS0uYb27SoXpRfeqhVXCVI9MZcOZ5lTWsq5C5IQSA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 19 Feb 2021 02:16:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Feb 2021 09:15:00 GMT
server: sffe
age: 25553
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6236
x-xss-protection: 0
expires: Sat, 19 Feb 2022 02:16:08 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/827914930/ 42 B
66 B 23ms
22ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/827914930/?random=1613726521846&cv=9&fst=1613725200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dpage_view%3Bdynx_itemid%3D41168888%3Bdynx_pagetype%3Dofferdetail%3Bdynx_totalvalue%3D460%3Becomm_prodid%3D41168888%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D460&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&async=1&fmt=3&is_vtc=1&random=424718269&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/827914930/ 42 B
66 B 20ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/827914930/?random=1613726521846&cv=9&fst=1613725200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa2a1&sendb=1&data=event%3Dpage_view%3Bdynx_itemid%3D41168888%3Bdynx_pagetype%3Dofferdetail%3Bdynx_totalvalue%3D460%3Becomm_prodid%3D41168888%3Becomm_pagetype%3Dproduct%3Becomm_totalvalue%3D460&frm=0&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&tiba=%D0%9A%D0%B5%D0%B4%D1%8B%20van%27s%3A%20%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C%20%D0%BF%D0%BE%20%D0%B4%D0%BE%D1%81%D1%82%D1%83%D0%BF%D0%BD%D0%BE%D0%B9%20%D1%86%D0%B5%D0%BD%D0%B5%20%D0%B2%20%D0%9A%D0%B8%D0%B5%D0%B2%D0%B5%20%D0%B8%20%D0%A3%D0%BA%D1%80%D0%B0&async=1&fmt=3&is_vtc=1&random=424718269&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:01 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
145 B 41ms
40ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210211&jk=1938622486271387&bg=!OTqlOnnNAAXRs2QT0TsAKQB2-DxaYE5vtaSV01kVS2IwQgwhEvxZEzYbsoAxatCUkjzx7JieuUr5AgAAAFVSAAAADmgBBwoBCVhFzexIFrb5qU7XG22uGWvPhLY2hhfzztL2nB1D6nph4u3nNptmAZxEoI-uSucA5_QjwMz65KbmwsZ7RH65eaduCkve2Ubah5ifFtak9_cJlqiI6G77DtlQ5-uV7ZUdJV7NZUlFduq8xYaR2ywIo6HcFBAyfxILFbqMW_Nek7OB8-xlUrR147LPaiNBqZL5o6j8yYnILMpj5AJPMPLK4zDfku2JRI7GIk0MdjuBlyL4wKpCzNkuzMo_e08noCmN0Yj1Ph8wY3uQHh63PSIrSXVI5nNoWpG9Cp4KyK_a4AiniC-bFbKM4J0p6zTB-1EdkPuWDxkqOoPD7PFeDdiusapc5b8jtR55C4WZAcuaKxzwhBuLIwaLLy-wXGq-SmB54T06nRPRLE5780-sCt7LmUgYZzgRe5r_MEfuhQDgVCqgUATPjo6rxB1AMO0rKXjtNoFhrBn2pYI3f07qXJ4w7uBmfjNmgo4MDlj0qsVb6oGkDbW7CE7btTLY9RvIAiFEIQdT9dv6SNekqF1cmdjvChW3tS17kne8csKmI823ETozosN0tXE60MEreAkKd27VAIb06c_CSajPRtoPBoIMSknPeLm984iipvjO4_6qcFYkjt3oVrXCsyj47mlHrUwa4SbfYG3xclObzBg-ReDXktNFzaSfvfg591GRUPjUn4igr8FDhIdB4wXBdyugQvEJi5CGgvb7y7s6tpuTc6o8duPwwuq5vqhgQfxX0T9Fqbb9kkp_o3FgZCchk9hxtXhsooHSpsH8JFg0a5xmWwlAGn5hoXf0ll2z9F1E3LBsq1QS9cQHcmlCmJCsHe9ckfjKDzgXQsIEt3M0qKlLEyTHY-aEZq5CPhBi0z-bXWJOBDXe5pIl5a1Z1T1y6nUwgtWhdpZFjMO1ATsT9Qj1QAv-icuqCTdqNCu3hwM4ReVcQ5klsT4yGnWjhcQPmPfeg4oXBvM54YWSPE0

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://shafa.ua/men/obuv/kedy/41168888-kedy-vans
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 769E 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfWJGOIMvYPTDO4rZtweBzq6ABbrvvbhhlaC7o6ANv-iivcABEAEgt5-haGCVAsgBCagDAaoE4AFP0JcOpenLjJKfIAzybavGaJLfi2dmO8q2SPe0GULtUwF1AJY7vOnGJ3b5oXldYD9Jr0AqSGm4HUuGlq890TALgHztpbOdx8yDAOgHfFVkxTkZFMpynHkrwezPtrFPSO4pWRMpVi4fBwA-voK86MHOJBU8AMAfoqb5OANFdVWYXTkhIsGXh7M4mbpZV_jCOYLo2ewSnTkO5AmPg60wT9O-2U1dXHhfe-ShUEaqIUhweffKXAAc93UYyvvuedkc-w2aSPWZ3mN_abkv_je_I7zWW9DoVdBGbuy-UjRZFaVKR8AE6v-wprsDoAYugAfVz5c0qAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcA8gcEEJaiDtIICQiA4YAQEAEYH4AKAcgLAdgTA7IXGgoYCAASFHB1Yi00OTg5NjI4NDYyODI0MTU0&sigh=PSH9QL2Q914&vt=1&template_id=419

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 19 Feb 2021 09:22:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 769E 42 B
155 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuYTYZhizn7ESmXyrWtqcm57_qL_D3sedyM_suVnf4EcLIFhOO8D5pJ4_nFaxbwqsrelSjCb8YZ8IIuTr6Q28_FZEmNx1NYT8KxRc1mpt_Gzbnc&sai=AMfl-YQJFlTVo4piO7sLjruw9Z_Iz33fa6Vjm85eKV5kYqNUF41biYCaeOMnXyXqqVWHAXWkpUl8nZ6wzz5y&sig=Cg0ArKJSzFQKJvUso0l3EAE&id=osdim&mcvt=1000&p=565,1090,1165,1390&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210217&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3284122535&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1613726520957&dlt=773&rpt=103&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?guci=1.2.0.0.2.2.0.0&client=ca-pub-4989628462824154&output=html&h=600&slotname=6356885363&adk=3284122535&adf=21437692&pi=t.ma~as.6356885363&w=300&fwrn=4&fwrnh=100&lmt=1613726520&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fshafa.ua%2Fmen%2Fobuv%2Fkedy%2F41168888-kedy-vans&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1613726520707&bpp=17&bdt=765&idt=227&shv=r20210211&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=5559559795516&frm=20&pv=2&ga_vid=2011239597.1613726520&ga_sid=1613726521&ga_hid=1031270742&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1090&ady=565&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066431%2C21068769%2C21068893&oid=3&pvsid=1938622486271387&ref=http%3A%2F%2Fwww.likegirls18.com%2FqYQcxGLD&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8320&bc=31&ifi=1&uci=a!1&fsb=1&xpc=GFbljAN0OW&p=https%3A//shafa.ua&dtd=245
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Feb 2021 09:22:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

107 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.creativecdn.com/	1970-01-20 01:01:02	Name: ts Value: 1613726520
.creativecdn.com/	1970-01-20 01:01:02	Name: u Value: bQKcJB0AqRTEdrb8QPsd
.shafa.ua/	1970-01-20 01:37:02	Name: __gads Value: ID=af1c4228541a4836-226dc82486ba0095:T=1613726520:RT=1613726520:S=ALNI_MZt7TEYZevmZQa-Tu2UfEZN8AIEaw
.shafa.ua/	1970-01-19 16:15:26	Name: _gat_UA-45115692-3 Value: 1
.shafa.ua/	1970-01-20 09:46:38	Name: _ga_VJYG1MWHR2 Value: GS1.1.1613726520.1.0.1613726520.0
.shafa.ua/	1970-01-19 16:15:28	Name: __cf_bm Value: 00af8b8f778a9ff80d9523b3f88ff89b41c6755c-1613726520-1800-AeyWmyl2ACx/5TgPeesLS2NJE462rJaRucVi2OVdDIwfbYJf2slCZ+u8yVrwC2L2qzw/s3MB1zUNsn9cMrD9M3gYgVPakzJoaBv8PLsi1Oi48DSI61kqVUHHRxKu0BD+nyOAlC/t54CSny2KsIEoViY=
.shafa.ua/	1970-01-19 16:15:26	Name: _gat Value: 1
.shafa.ua/	1970-01-20 01:01:02	Name: sc Value: 05C1C944-D06A-BE64-063F-24BE103FD493
shafa.ua/	1969-12-31 23:59:59	Name: v_cnt Value: 1
.shafa.ua/	1970-01-20 09:46:38	Name: _ga Value: GA1.1.2011239597.1613726520
.shafa.ua/	1970-01-19 18:25:02	Name: _fbp Value: fb.1.1613726520854.1188107529
.shafa.ua/	1970-01-19 16:58:38	Name: __cfduid Value: d318d8b63170151eeeb9ce87c2584b9a21613726519
.shafa.ua/	1970-01-19 16:16:52	Name: _gid Value: GA1.2.1642390678.1613726520
.doubleclick.net/	1970-01-20 01:37:02	Name: IDE Value: AHWqTUliCLV9zArPIR6BqsBY6K6qT2plmWJGbdRHeSyRrExmh6In7I1zssjVksXe
shafa.ua/	1970-01-20 00:59:36	Name: csrftoken Value: OhFkIEcb4fGT3GVEFSafFKcWDGUKYGf2QsKBwLjCRaiFgNVw5P7ONMOecdxDtF2S

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://shafa.c.prom.st/build/shared.020f11f2d37ffed387fe.js(Line 70) Message: Warning: fragment with name errorsData already exists. graphql-tag enforces all fragment names across your application to be unique; read more about this in the docs: http://dev.apollodata.com/core/fragments.html#unique-names
console-api	warning	URL: https://shafa.c.prom.st/build/shared.020f11f2d37ffed387fe.js(Line 70) Message: Warning: fragment with name productCardFeedData already exists. graphql-tag enforces all fragment names across your application to be unique; read more about this in the docs: http://dev.apollodata.com/core/fragments.html#unique-names
console-api	warning	URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js(Line 31) Message: Warning: fragment with name errorsData already exists. graphql-tag enforces all fragment names across your application to be unique; read more about this in the docs: http://dev.apollodata.com/core/fragments.html#unique-names
console-api	warning	URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js(Line 31) Message: Warning: fragment with name productCardFeedData already exists. graphql-tag enforces all fragment names across your application to be unique; read more about this in the docs: http://dev.apollodata.com/core/fragments.html#unique-names
console-api	warning	URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js(Line 31) Message: @babel/polyfill is loaded more than once on this page. This is probably not desirable/intended and may have consequences if different versions of the polyfills are applied sequentially. If you do need to load the polyfill more than once, use @babel/polyfill/noConflict instead to bypass the warning.
console-api	warning	URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js(Line 31) Message: Warning: fragment with name errorsData already exists. graphql-tag enforces all fragment names across your application to be unique; read more about this in the docs: http://dev.apollodata.com/core/fragments.html#unique-names
console-api	warning	URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js(Line 31) Message: Warning: fragment with name productCardFeedData already exists. graphql-tag enforces all fragment names across your application to be unique; read more about this in the docs: http://dev.apollodata.com/core/fragments.html#unique-names
console-api	error	URL: https://clerk.c.prom.st/v4.2.0/iframe.html(Line 6) Message: E005
console-api	warning	URL: https://shafa.c.prom.st/build/spa_entry.46dda66670b8fd25c454.js(Line 31) Message: TypeError: Cannot read property 'getItem' of null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
ams.creativecdn.com
assets.shafastatic.net
avatars.shafastatic.net
clerk.c.prom.st
colbert-static.c.prom.st
colbert.evo.company
connect.facebook.net
creativecdn.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn3.gstatic.com
esputnik.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
image-thumbs.shafastatic.net
pagead2.googlesyndication.com
partner.googleadservices.com
script.esputnik.com
securepubads.g.doubleclick.net
shafa-sentry.evo.run
shafa.c.prom.st
shafa.ua
stats.g.doubleclick.net
sync.teads.tv
t.trafmag.com
tpc.googlesyndication.com
tracker.shafa.ua
uploads.shafastatic.net
www.dmpcloud.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.likegirls18.com
13.226.159.106
142.250.185.162
172.217.23.98
185.179.190.151
185.184.8.30
185.86.57.248
193.200.65.5
193.34.168.232
193.34.169.36
193.34.169.4
193.34.169.9
2606:4700:20::681a:e31
2a00:1450:4001:800::200e
2a00:1450:4001:802::2003
2a00:1450:4001:803::2008
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:829::2001
2a00:1450:4001:829::2003
2a00:1450:4001:829::2004
2a00:1450:4001:829::200a
2a00:1450:4001:82b::200e
2a00:1450:400c:c02::9d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a05:d018:ac8:b920:6095:dc29:ee4b:3ced
34.254.211.84
95.100.64.146
02cd60655fcce9585457a7cd041767aba7c4aeef590805801be7090b5fe3fd5e
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06f0b87df6a5129c3c362fb28694ab39fdd36d133cdc084d67abda4bc19bb2a7
0bd9f8ee21eb6441ef9e429676a09b043f7783bbb8309cf29d613a926f50799f
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0ecb437fc78e24eb2d8ad222a81f2bf165b52f97faeef96ed0bda8116d5f73a5
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1143bb5ae891056f59482184346b0fe47d8e95c9e0f159f023bf0f95ec45222d
11e4390972243444bef13a861d73eed252a6d4c9cc43e98a7e4e19bceb46bee8
125516b5cd6f474aeb0040efd1a43b4e8e5e0e52005dd5e5518bb67fb9dea187
15a61e52f7d97cf3cbbf8d52207f7eea402f643db44b38e02110f894f0a65492
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1c2294fcf367de6f37dc1174c05e8d56e6dd4b10c63e051188d0f9c94d883cb3
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1f5194b359eac66eaef75c33cfd462c0c6e96df1e4d5c638d93ca38f1264eb2d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
28a99f433e91a41beacca2e572aaac5a9da22b8a33bf508f3607a85af7ed8c0a
28c052d2e61bdbb4a85e945f7aa8555c2548f4c65c399e654d6b2ae42e484120
2a1b2ebe6a2b314929967bdf1ba8c694fb45bf76a5b847e57fb847b3cdd9338a
2b95a6b973a80bebd1f473678879f80b6f37496d1bc05a363db25aff2c0b0d90
2cb3adf2527682b91637256388fe28b741d0931dc6f6bd9c50006c2af911ac76
2d687da9dc9b171956c3cc2ffd9e42c84e27a925a650dda8d71a02fc3df2b304
2deb82c585f891ba79a0cc6e27caf804cd5308c9fc91f5487549d64f3bb84b89
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3856f982b8ca140da9c0dee7bd98e770f2f2ced03094ba26fe2a9a896520467b
39b2efd8506b3f8b1f7afcf8396bf3f597c0db385b19090dc6f51e3b7bcfd903
3dcbf595f48209df723f9e35cddd183c95b60236c6cb33c09bfc94b31634af1d
3dff6250e724a628c8eab5c94770e4b3d47371254b8d5ad99bbc87ebb0e249a1
40a907b0f406309e501088b0998d039cde9fcce37bfb8ff881491118d2a72187
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c730730af3c44486a74a573051b98ad7312072e8c928fda8529035316f429c9
4db6732268b3d9330df1068351b18e2fd1c1c6da87b5953259b022a19ddfe7a5
5071661be2f3cfdd2e89b89ba149f4f8e53999ccf74216f60f52976c87b9d2bb
53174ba786e6fb318bb2cc3f14b9507443f298be1ed2efbf3be42f997607e86f
557c7eff7e290be0c9ba43c9992a9a53511608560c9e1c23efc05851e186a2a7
58eaf9b7f4a48c5680cc0b167e49a799bdbb038046cd0555fa231aa42c2e8a84
59059aa5d490f9d3951128d4ca6d8f6c33080495c74a2e8e93a85333cb6d451e
5fad6026d24fb8b14e140c65e8d3934b81eb6f2c030d2e88cba03dea61cb05e7
5fee2a3e4db0a9b907550346569920e7ea79a4b855260d5c9d063aebd408ce52
63c54828aef7b648ab80bcc9569204426ccc1dcbf9469ee371399219f3d13afe
64d72ec545f3804fac9006a09a806870fd065168178dc0fb3140fda68ca818e1
6668f0f7a97ab8cdb20376740a7865fc40a1a6a9029e88ce2338fcf78e49fc24
6817faf04dd7cb5659a7256c0fe8ebe927bccd2b5a9291dce4c1cafd2249fe8c
68bc7402165e2a9909475c5f88763b82639415093ec634c1c94d27210d371c26
6d144edbc1b15ef769a5bee04b9856feff30eff2f1b64b523c49f1df2ffe362e
6f9c801c8a529ea7e02b4d08d4875a758fcb3d03c40e9c5e87db973e9a1628ae
6fe6abf5c841c887ab5def60846c0be800a6a1166220e6f98ad375cddb4addd3
718d8e9bf93740a3a90b67e53219319342074524b2dede8ba219eea4c41ea0c4
741bffe147810abf1839e199cbaf34a5ee9bb80dd5de25d64846cf903e343fbd
77b09685a405704195c61a56251da90751b5fdd799f02ccc8f4169fdc810020a
7d091206b720695d2414126a96a867443ef09ba0029b52e61286b8debcd45218
7e116855324c2abdfac0ec461ba6612aeb32758e4d9ae301abece483fde43ce8
7e85fd91dce1869a84364e0dc1144cab1f4c0430e528be8f7f6c3036d4210d80
823364e8036b8e763f5bb2ced22dab1bc68ba517a55da566b40b9f6b11171d2d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cf2b7e5e68d46dd9247757385c4df7c6519daaa67cbd21217a92bdccb4a50c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
871ee271dd64431287c15fe732d50fcb363ac39399efeab429247cce7161fec3
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
88ff3cf185129db3988cf97e0f5aca6de4e7c29767a07420241ab2c614d0a0b9
8bf88351473ec8b954bbf077b0e954b8657a949b0676daa88f1281c6f7f157ae
9014e4995d406e6b293ede7ba6c4d63710bc37bba26d03cf332a8783e5130415
90aa8bc0cd21ffaec37906090315332a7c2f2b0aa36d4626f986e767b44d0687
95718c1ebc2362612af5e586d7592e27f5d9766cd3fe1f0d13084a20a11c630b
958819d54b5fe244b158ef3c321057c4eb3c5d1c5642969d4e14f1bf43de9545
9759b270eda04746ca0fcf6485e9fe4d357ae9c0e5bb8bdd3313a695f97d53cb
9b1068c8b22a62e37b6140b6202fb60569cc45e3899b521605ac5c0a02e444cf
9d6c33d1bbff3e7e2d0768620e28a4311d9d386e65713895b033ed0767ecd1af
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f77d907e18d2c0778fa295b6793ada1bd5fe5c80ec73e7d3f3909234799e988
a533e6ac10f159c258a7737b2a63378e910622fcc61e6c90be14d6d95328fb64
a65312d3977e859602758969f81711e8a401791c027b75de1d63c85b854cc2bc
a80d0e987eb06d3454ae233e8f2fd54c0f5c0fdc70f95970a414d09f07c5d4bb
a848fe56b8851b2d5ef5abd34c804c955e5150b5702a283523034101ed3a5ec6
a9108c8d6a490886986591912c5c8786ce262fb70d64b3c65d56edbf83e56b74
ad24b005bd60eca026ff96ba2939219a78a7affd12394fd51db48d1f9d5bd83c
ae35469a2de645d561d555105d21f075e0469c83a7bd02ebc9547d4d5b616f73
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b49b02fc1286f940cce0e398d850753f00338dbb321a51e2aadf996223c9c7e9
b6c58c89c73fcd03831e035c6b1ff8b1b60fadf9420e80a3fedf73c52edb9326
bbfb90901956b14a22275ff771b7c2d13f1696d61d20fc6e4e0b1d3f2a516046
c2b22ed261a1accb91912af837297b968899b20ad791ea602bcdd189f6f563d7
ca12c2db7d5857968705cd850c4bde49e47eee5580f636c79bb7ffdf1bb104b5
cf9e5607bec2c33f2cfd9c5c64ac89e424d41fe469bd3d7a69ad027c2467e3ee
cfcca5a56e42f4236924dc5802884144ce133da8c1b0e7a4312a2f20e5972686
d18817bc0bc085c068b259c6396ee71532fa5e9cf91ef4c2797c21450cd143fc
d41623300e65df391ebcef4077f75e12e81057e6e515c33c0ad51e9ef9ffd799
d4f4cc4430ea2b7a54348544067b0a0c48bbae6761132d8f3aab6cf540da19c7
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
d9f3255049031af0942d337a07176487ac7d6d6cdf98fc48757331912a781287
dd0130322e1e136a38c4850d8906e20d17f248fac627aae764470eeb900cb5a5
dd236db7288b34ebfdfdbe25b1ed0e39c75542692c05b1e6db44fb79817f0c01
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfa960be98359c35c99fd9a85634af5e3b888f3f80ad5287035367303049e68f
e01a0d99418931a94f66e9325eb1ceb3575968432bed7992e5e2c08d02683753
e0e159e154ac5aa9f578edb4139dfde72b275c65d00d4565d67be86d38e875af
e1ebede58a6b9cc0f2dda3a7d9b1231db89d7dfc16d6176bb6ee5abb079b5819
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e53270772ec20a5c44e65de91aa504f69bba162ccd7bcaac907b5496a1b72c83
e795fa520a522be5912ce8830dc8305a909980216ff6a231e6fac697c0246466
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6e9ba57f2f304b97b5736ec391bfbe3325dfd51359ef3ac322f61008fec9ee
efb57cb766c178136be7af3f1c80219885ae34548155c47845e87a0cb08bd5e1
f4e527e020d1c5884456d5007d5343f88125067a7b362df9ea6b5c86f0ad19da
f84cf6c71f9934a2b597a964071f5a8439ab202128da8ba5f37e69ab329de103
fe5c83fdd68ae9c0e01bc6b971e98dc8194bf8c45976eb5223941870204246e4
fe707e181f60f4e6bb25c21db2a9703a954859e4c4eb7ab5d0396fcbdca13437

shafa.ua Open in urlscan Pro 2606:4700:20::681a:e31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

137 Requests

99 %HTTPS

63 %IPv6

23 Domains

41 Subdomains

35 IPs

7 Countries

2249 kBTransfer

6210 kBSize

15 Cookies

18 Outgoing links

Page URL History

Redirected requests

137 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

shafa.ua Open in urlscan Pro
2606:4700:20::681a:e31 Public Scan

Screenshot
Live screenshot

Full Image

137
Requests

99 %
HTTPS

63 %
IPv6

23
Domains

41
Subdomains

35
IPs

7
Countries

2249 kB
Transfer

6210 kB
Size

15
Cookies

137 HTTP transactions
6 data transactions