westudents.com.ua Open in urlscan Pro
95.142.40.16 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://westudents.com.ua/
Submission: On September 19 via api (September 19th 2022, 12:43:26 pm UTC) from GB — Scanned from GB

Summary HTTP 99 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 24 domains to perform 99 HTTP transactions. The main IP is 95.142.40.16, located in Russian Federation and belongs to EUROBYTE Eurobyte LLC, RU. The main domain is westudents.com.ua.

This is the only time westudents.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
7	95.142.40.16 95.142.40.16	210079 (EUROBYTE ...) (EUROBYTE Eurobyte LLC)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2 4	88.212.201.198 88.212.201.198	39134 (UNITEDNET) (UNITEDNET)
12	95.163.114.204 95.163.114.204	12695 (DINET-AS) (DINET-AS)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4 8	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
1	62.109.31.26 62.109.31.26	29182 (RU-JSCIOT) (RU-JSCIOT)
1	94.250.254.126 94.250.254.126	29182 (RU-JSCIOT) (RU-JSCIOT)
1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1	217.197.112.80 217.197.112.80	20655 (E-STYLEIS...) (E-STYLEISP-AS)
15	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400a:802::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	87.240.132.78 87.240.132.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
2	217.20.147.3 217.20.147.3	47764 (VK-AS) (VK-AS)
2	104.75.88.209 104.75.88.209	16625 (AKAMAI-AS) (AKAMAI-AS)
2	94.100.180.55 94.100.180.55	47764 (VK-AS) (VK-AS)
99	30

7 95.142.40.16 (Russian Federation)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: vm366435.eurodir.ru

westudents.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 88.212.201.198 (Russian Federation) 2 redirects

ASN39134 (UNITEDNET, RU)
PTR: host198.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 95.163.114.204 (Moscow, Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.31.26 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1020.ru

postabuse.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 94.250.254.126 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1021.ru

prespan.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

cdn.smntq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.197.112.80 (Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru

af.click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400a:802::200a (Zurich, Switzerland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn3.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.132.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.20.147.3 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: ip3.147.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.75.88.209 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-209.deploy.static.akamaitechnologies.com

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.100.180.55 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 tpc.googlesyndication.com — Cisco Umbrella Rank: 142	350 KB
17	gstatic.com www.gstatic.com fonts.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn3.gstatic.com encrypted-tbn0.gstatic.com	402 KB
12	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 124010	74 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	65 KB
7	westudents.com.ua westudents.com.ua	163 KB
5	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9563	2 KB
4	yadro.ru 2 redirects counter.yadro.ru — Cisco Umbrella Rank: 9373	2 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3603	56 KB
3	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	1 KB
2	mail.ru connect.mail.ru — Cisco Umbrella Rank: 66403	1 KB
2	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2672	770 B
2	ok.ru connect.ok.ru — Cisco Umbrella Rank: 26501	4 KB
2	vk.com vk.com — Cisco Umbrella Rank: 5949	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 40	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	88 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
1	click.ru af.click.ru — Cisco Umbrella Rank: 196450	1 KB
1	smntq.com cdn.smntq.com — Cisco Umbrella Rank: 145899	489 B
1	prespan.ru prespan.ru	319 B
1	postabuse.ru postabuse.ru — Cisco Umbrella Rank: 211194	319 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 9081	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	649 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	42 KB
0	yandex.ua Failed mc.yandex.ua Failed
99	24

	Domain	Requested by
15	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com westudents.com.ua pagead2.googlesyndication.com
12	w.uptolike.com	westudents.com.ua w.uptolike.com
10	pagead2.googlesyndication.com	westudents.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	westudents.com.ua	westudents.com.ua
5	mc.yandex.com	2 redirects westudents.com.ua
4	encrypted-tbn1.gstatic.com	westudents.com.ua
4	encrypted-tbn2.gstatic.com	westudents.com.ua
4	fonts.gstatic.com	fonts.googleapis.com
4	counter.yadro.ru	2 redirects westudents.com.ua
3	mc.yandex.ru	2 redirects westudents.com.ua
2	connect.mail.ru	w.uptolike.com
2	api.pinterest.com	w.uptolike.com
2	connect.ok.ru	w.uptolike.com
2	vk.com	w.uptolike.com
2	encrypted-tbn0.gstatic.com	westudents.com.ua
2	encrypted-tbn3.gstatic.com	westudents.com.ua
2	fonts.googleapis.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	af.click.ru	w.uptolike.com
1	cdn.smntq.com	w.uptolike.com
1	prespan.ru	w.uptolike.com
1	postabuse.ru	w.uptolike.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	westudents.com.ua
0	mc.yandex.ua Failed	westudents.com.ua
99	31

This site contains links to these domains. Also see Links.

Domain
www.liveinternet.ru

Subject Issuer	Validity	Valid
westudents.com.ua R3	`2021-12-31` - `2022-03-31`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
uptolike.com R3	`2022-08-23` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
postabuse.ru R3	`2022-09-13` - `2022-12-12`	3 months	crt.sh
prespan.ru R3	`2022-09-15` - `2022-12-14`	3 months	crt.sh
smntq.com R3	`2022-09-18` - `2022-12-17`	3 months	crt.sh
*.click.ru R3	`2022-08-26` - `2022-11-24`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.ok.ru GeoTrust RSA CA 2018	`2022-02-28` - `2023-03-31`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-08`	a year	crt.sh
*.mail.ru GeoTrust RSA CA 2018	`2021-11-01` - `2022-12-02`	a year	crt.sh

This page contains 13 frames:

Primary Page: http://westudents.com.ua/
Frame ID: 4826E0527F960C96B3A59FA6C149F1D2
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html
Frame ID: FD66B34762FA0A2564DDD4E88D3C0E58
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&adk=1812271804&adf=3025194257&lmt=1663591400&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwestudents.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663591399996&bpp=15&bdt=1410&idt=275&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7892010940690&frm=20&pv=2&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=292
Frame ID: E472D7FD6D3C0E48C6B393040788DEA1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400011&bpp=4&bdt=1425&idt=283&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=28nvIQnUSR&p=http%3A//westudents.com.ua&dtd=288
Frame ID: C6F37D1518E8022C087ADF8F31353261
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293
Frame ID: F09B2BCB91ABDFCAA16E29DDAFB3A145
Requests: 16 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: 684864572AF9576F9DE339029EB54AC4
Requests: 11 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: 45A1C858CABEB7B09314D848711BA3C4
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html
Frame ID: 9188C9746E8A822D37A54E4D669EFB13
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 53F0A96E8D91A6493D957267794A75ED
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js
Frame ID: 4AF35C3C12B19E2DA621F834A1B63964
Requests: 1 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 27E01A2DDB42FD6040FD41ADBC018BDE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77D3F4302F35521C02A535E088D58009
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A1AC86E7E25DBEF18509A628D8C876C7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Бібліотека українських підручників

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

99
Requests

86 %
HTTPS

62 %
IPv6

24
Domains

31
Subdomains

30
IPs

4
Countries

1276 kB
Transfer

2489 kB
Size

23
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.532605953414985 HTTP 302
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.532605953414985 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.532605953414985

Request Chain 32

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 43

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 64

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9766.sHqRBai3LVXV4oz57MHazTsSYV_D6ea8uD2tcK1t0gJB2siYa0vgFY1Z7xFy4R56.tD-GZFmbD8jQNNGI5pjS5zC6bH8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9766.rdaaHysqhB36NcCZ5Jw_uQsRaivVT43A8p5ZY-My2OMFEIiNxhOBfjLmHH_LW-05S0-yKVU90uZUuhoeq0t-mg%2C%2C.XnAGeFV9r0F7rwGwWAl_1St3Pc0%2C

Request Chain 86

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A1553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A299428979221%3Ahid%3A888712490%3Az%3A0%3Ai%3A20220919124321%3Aet%3A1663591402%3Ac%3A1%3Arn%3A93190518%3Arqn%3A1%3Au%3A1663591402936432397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1663591398127%3Anp%3AV2luMzI%3D%3Ads%3A272%2C90%2C93%2C90%2C0%2C0%2C%2C1019%2C5%2C%2C%2C%2C1565%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663591402%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)rqnl(1)ti(2) HTTP 302
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A1553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A299428979221%3Ahid%3A888712490%3Az%3A0%3Ai%3A20220919124321%3Aet%3A1663591402%3Ac%3A1%3Arn%3A93190518%3Arqn%3A1%3Au%3A1663591402936432397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1663591398127%3Anp%3AV2luMzI%3D%3Ads%3A272%2C90%2C93%2C90%2C0%2C0%2C%2C1019%2C5%2C%2C%2C%2C1565%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663591402%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

99 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
westudents.com.ua/ 28 KB
28 KB 455ms
93ms Document
text/html 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 / PHP/7.2.29
Resource Hash: 5461cd3752d76af082daaec1ae4b0605d92fa4da2e816924524906e4606771ef

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 19 Sep 2022 12:43:18 GMT
Server: nginx/1.16.1
Transfer-Encoding: chunked
X-Powered-By: PHP/7.2.29

GET
H/1.1 200
OK style6.css
westudents.com.ua/css/ 24 KB
24 KB 884ms
180ms Stylesheet
text/css 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/css/style6.css?ver=1.6.6

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

27357951e2762a8adf71c13ae7e0e03b5ecee8e87017238183e7cfffdb428f88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:19 GMT
Last-Modified: Fri, 08 May 2020 13:11:27 GMT
Server: nginx/1.16.1
ETag: "5eb55a7f-5f2d"
Strict-Transport-Security: max-age=31536000;
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24365

GET
H/1.1 200
OK bootstrap.min.css
westudents.com.ua/css/ 8 KB
8 KB 174ms
90ms Stylesheet
text/css 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL: http://westudents.com.ua/css/bootstrap.min.css?ver=1.2
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 /
Resource Hash: f49bd72e6bae4d1803162659b45335d1f58883eb2bd4a10d808447ee1c66ac35

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:18 GMT
Last-Modified: Fri, 08 May 2020 13:11:27 GMT
Server: nginx/1.16.1
ETag: "5eb55a7f-1f34"
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7988

GET
H/1.1 200
OK jquery-1.8.3.min.js Show response
westudents.com.ua/js/ 91 KB
92 KB 884ms
180ms Script
application/javascript 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/js/jquery-1.8.3.min.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:19 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-16dc4"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 93636

GET
H/1.1 200
OK main.js Show response
westudents.com.ua/js/ 3 KB
3 KB 794ms
90ms Script
application/javascript 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to

Full URL

https://westudents.com.ua/js/main.js?ver=1.1.1

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

4b6755fa117ce7885e5ef0c47fd833e6d6e9383bc173087ccaf7f80ae8053ceb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:19 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-cc5"
Strict-Transport-Security: max-age=31536000;
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3269

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
42 KB 192ms
75ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-109056477-1

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9a054b2f5e18f2bafa0e975804ca0eba5ff1ad001b4234b73853e2b3544fb580

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42345
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Sep 2022 12:43:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 237ms
121ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

711b8679e3d4e38b84ed034a784d5992a02b3866fc699f61809285027c267985

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52034
x-xss-protection: 0
server: cafe
etag: 18246794150287200299
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 12:43:19 GMT

GET
H/1.1 200
OK ukr.png
westudents.com.ua/images/ 1 KB
1 KB 93ms
91ms Image
image/png 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://westudents.com.ua/images/ukr.png
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS: vm366435.eurodir.ru
Software: nginx/1.16.1 /
Resource Hash: 54ef03d404ec29d9c8c4766a73f27e6dd748c23defc52450ae3672a71b8d439e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:19 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-454"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1108

GET
H/1.1 200
OK logo
counter.yadro.ru/ 112 B
336 B 204ms
91ms Image
image/gif 88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://counter.yadro.ru/logo?45.1
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS: host198.rax.ru
Software: 0W/0.8c /
Resource Hash: bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:19 GMT
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: 0W/0.8c
Connection: Close
Content-Type: image/gif
Content-Length: 112
Expires: Mon, 18 Sep 2023 21:00:00 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

http://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438...
https://counter.yadro.ru/hit?r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u043...
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0...

43 B
528 B

92ms
92ms

Image
image/gif

88.212.201.198
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.532605953414985

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

HTTP/1.1

Server

88.212.201.198 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host198.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 12:43:20 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 18 Sep 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 12:43:20 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttp%3A//westudents.com.ua/;h%u0411%u0456%u0431%u043B%u0456%u043E%u0442%u0435%u043A%u0430%20%u0443%u043A%u0440%u0430%u0457%u043D%u0441%u044C%u043A%u0438%u0445%20%u043F%u0456%u0434%u0440%u0443%u0447%u043D%u0438%u043A%u0456%u0432;0.532605953414985
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Sat, 18 Sep 2021 21:00:00 GMT

GET
H/1.1 200
OK logo.jpg
westudents.com.ua/images/ 7 KB
7 KB 91ms
90ms Image
image/jpeg 95.142.40.16
EUROBYTE Eurobyte...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://westudents.com.ua/images/logo.jpg

Requested by

Host: westudents.com.ua
URL: https://westudents.com.ua/css/style6.css?ver=1.6.6

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

95.142.40.16 , Russian Federation, ASN210079 (EUROBYTE Eurobyte LLC, RU),

Reverse DNS

vm366435.eurodir.ru

Software

nginx/1.16.1 /

Resource Hash

0bb9a543d6729f51a883b23be6010e8211cebc56db711baa2b52de74107c8651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://westudents.com.ua/css/style6.css?ver=1.6.6
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:19 GMT
Last-Modified: Fri, 08 May 2020 13:12:11 GMT
Server: nginx/1.16.1
ETag: "5eb55aab-1ac2"
Strict-Transport-Security: max-age=31536000;
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6850

GET
H/1.1 200
OK uptolike.js Show response
w.uptolike.com/widgets/v1/ 21 KB
9 KB 193ms
94ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://w.uptolike.com/widgets/v1/uptolike.js
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:19 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Mon, 19 Sep 2022 13:13:19 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0000f2da5b41f0afdea3eb387de6032482859d0c2f2d54aa2ab57e104329dcf0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 169ms
54ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-109056477-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6079
date: Mon, 19 Sep 2022 11:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 19 Sep 2022 13:02:00 GMT

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
843 B 346ms
159ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1663591399874539
Requested by: Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d83f634702dfd798757c049b83f85a210eafcd40c91a7daaa00f6d637abd9c50

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 12:43:20 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 15 Sep 2022 15:59:22 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
206 B 61ms
61ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=115482740&t=pageview&_s=1&dl=http%3A%2F%2Fwestudents.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=733493925&gjid=243874888&cid=1129496704.1663591400&tid=UA-109056477-1&_gid=2143003110.1663591400&_r=1&gtm=2ou9e0&z=1021828244

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://westudents.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 12:43:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://westudents.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/ 348 KB
123 KB 113ms
112ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7312982849013924&plah=westudents.com.ua&bust=31069575

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

969810dfedeb167fa0a5c5efc3a6db672c944c0ca73004fa7157e9d34fded9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125742
x-xss-protection: 0
server: cafe
etag: 5782733904947778674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Sep 2022 12:43:20 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/ Frame FD66 10 KB
5 KB 169ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220914/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65102
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 18 Sep 2022 18:38:18 GMT
etag: 9671129459699598864
expires: Sun, 02 Oct 2022 18:38:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widgetsModule.js Show response
w.uptolike.com/widgets/v1/ 172 KB
42 KB 191ms
191ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:20 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Mon, 19 Sep 2022 13:13:20 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 221 B
649 B 179ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=westudents.com.ua&callback=_gfp_s_&client=ca-pub-7312982849013924

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7312982849013924&plah=westudents.com.ua&bust=31069575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2657f701ba5f27ec5ef915063ed61c021e107e35e4801b232e018979088f014

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 203ms
63ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=westudents.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 12:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 179ms
63ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=westudents.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 12:43:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 87ms
87ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fwestudents.com.ua%2F&tn=DIV&cls=menu-container&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 12:43:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E472 0
19 B 268ms
157ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&adk=1812271804&adf=3025194257&lmt=1663591400&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fwestudents.com.ua%2F&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&dt=1663591399996&bpp=15&bdt=1410&idt=275&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7892010940690&frm=20&pv=2&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=292

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 12:43:20 GMT
expires: Mon, 19 Sep 2022 12:43:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C6F3 92 KB
29 KB 636ms
537ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400011&bpp=4&bdt=1425&idt=283&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=28nvIQnUSR&p=http%3A//westudents.com.ua&dtd=288

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

743e80cf5ec1f9a72fa8890a6c6aa6c5c3d57e99ff6355227229415c618fc4e0

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXm5vPwoPoCFbpEFQgdGcEPBw&gqi=6GMoY6H2GsnEtwfT56P4Cw&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 29903
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLXm5vPwoPoCFbpEFQgdGcEPBw&gqi=6GMoY6H2GsnEtwfT56P4Cw&layout=/sadbundle/%24csp%253Der3%24/1838989884782542848/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 12:43:20 GMT
expires: Mon, 19 Sep 2022 12:43:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F09B 87 KB
31 KB 874ms
786ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4bcbec012bc46e40438ea9853d88df8e3095cb8f42a64b4cba4158f78d5bae6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 31836
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 12:43:21 GMT
expires: Mon, 19 Sep 2022 12:43:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK share-counter.html Show response
w.uptolike.com/widgets/v1/ Frame 6848 17 KB
5 KB 92ms
92ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 19 Sep 2022 12:43:20 GMT
Expires: Mon, 19 Sep 2022 13:13:20 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame 45A1 1023 B
914 B 181ms
92ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 19 Sep 2022 12:43:20 GMT
Expires: Mon, 19 Sep 2022 13:13:20 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK top-bottom.png
w.uptolike.com/static/buttons/gradients/40/ 168 B
503 B 264ms
91ms Image
image/png 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/static/buttons/gradients/40/top-bottom.png
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 42e9385cea8164b34b0617860d86b6ba3844e4a92484d8d24142522d6df6a959

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:20 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-a8"
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 168
Expires: Thu, 17 Nov 2022 07:50:42 GMT

GET
H/1.1 200
OK icomoon.woff
w.uptolike.com/static/buttons/fonts/ 9 KB
9 KB 297ms
99ms Font
application/font-woff 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Referer: http://westudents.com.ua/
Origin: http://westudents.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:20 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-23b8"
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9144
Expires: Thu, 17 Nov 2022 07:57:02 GMT

GET
H/1.1 200
OK widgets-batch.js Show response
w.uptolike.com/widgets/v1/ Frame 6848 418 B
664 B 175ms
95ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTM1MDk4MSUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHAlM0ElMkYlMkZ3ZXN0dWRlbnRzLmNvbS51YSUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1663591400650896
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b9c9916cc5c1c90e6d370d2c0d0fe161a5222d076c07d5e637fdefd34769b68f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 12:43:20 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 15 Sep 2022 15:59:22 GMT

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/ Frame 45A1 0
154 B 97ms
94ms Image
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/imp?pid=1350981&url=http%3A%2F%2Fwestudents.com.ua%2F&vp=5125a677-baf2-4073-9b28-3534be49968a&ttl=JUQwJTkxJUQxJTk2JUQwJUIxJUQwJUJCJUQxJTk2JUQwJUJFJUQxJTgyJUQwJUI1JUQwJUJBJUQwJUIwJTIwJUQxJTgzJUQwJUJBJUQxJTgwJUQwJUIwJUQxJTk3JUQwJUJEJUQxJTgxJUQxJThDJUQwJUJBJUQwJUI4JUQxJTg1JTIwJUQwJUJGJUQxJTk2JUQwJUI0JUQxJTgwJUQxJTgzJUQxJTg3JUQwJUJEJUQwJUI4JUQwJUJBJUQxJTk2JUQwJUIy&rnd=0.4436119814883066
Requested by: Host: westudents.com.ua
URL: http://westudents.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 19 Sep 2022 12:43:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 94ms
94ms Script
application/javascript 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.46880586114415856
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: b9f24a63dadc9feb4aac20af566de912f12df1df7199cc39b2c7c7f51dcd716a

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 19 Sep 2022 12:43:20 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript;charset=utf-8
Expires: Thu, 15 Sep 2022 15:59:22 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

158 KB
56 KB

392ms
194ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:21 GMT
content-encoding: br
last-modified: Fri, 16 Sep 2022 05:57:38 GMT
etag: "6323e622-de2c"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 56876
expires: Mon, 19 Sep 2022 13:43:21 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK / Show response
postabuse.ru/yaml/ 0
319 B 297ms
101ms Script
application/javascript 62.109.31.26
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://postabuse.ru/yaml/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.46880586114415856

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.109.31.26 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1020.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:21 GMT
Last-Modified: Monday, 19-Sep-2022 12:43:21 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK / Show response
prespan.ru/sou/ 0
319 B 386ms
127ms Script
application/javascript 94.250.254.126
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://prespan.ru/sou/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.46880586114415856

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.250.254.126 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1021.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:21 GMT
Last-Modified: Monday, 19-Sep-2022 12:43:21 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 smart.js Show response
cdn.smntq.com/c83ul/ 6 B
489 B 282ms
80ms Script
text/javascript 95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smntq.com/c83ul/smart.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.46880586114415856
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:21 GMT
mode: no-cors
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
content-encoding: gzip
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK collect_stat.js Show response
af.click.ru/ 913 B
1 KB 344ms
90ms Script
application/javascript 217.197.112.80
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.click.ru/collect_stat.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.46880586114415856
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.112.80 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: seopult.ru
Software: nginx /
Resource Hash: a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:21 GMT
Last-Modified: Fri, 22 Jul 2022 11:33:41 GMT
Server: nginx
ETag: "62da8b15-391"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 9188 105 KB
27 KB 197ms
68ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400011&bpp=4&bdt=1425&idt=283&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=28nvIQnUSR&p=http%3A//westudents.com.ua&dtd=288

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 302609
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 26541
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Fri, 16 Sep 2022 00:39:52 GMT
expires: Sat, 16 Sep 2023 00:39:52 GMT
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C6F3 0
0 101ms
101ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CG0BO6GMoY7XSG7qJ1fAPmYK_OPOpzKtszMbcg4gQsuqTtO8wEAEg7J2FHmCVovGBkAegAebt-MIByAEJqQJV-sdHU72wPqgDAaoE5AFP0OCMVKgumwSH9UT8BRID9Obrh442tRaZ6ak7NEw_LOqpFNdX0Qr8rUx65YcdR9F6exlMgP8YhXen_ayCIPIIHNWf8NNxav4eUPHCss5nrKcvlVLX8H1JZ2isxswZQq1StMn3nXyoEFEkYVaboY2-XOLrd05mC3LGeOLHdRIGBopsxSHNB_dbnhpLnb7SqnfOs4jf9Ev22YKPR77Z4UBdfyBifY20v-GAGPVEU32eNcgOD75dnEyP0tYue4a946KrHRX6QdrQXYkShECZ_-thdETO0grevmBWXHeE93T6YLlh0TvABN3azaP0A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAZrgAeDrabeAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAfIHBBCu-RXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi03MzEyOTgyODQ5MDEzOTI0GAA&sigh=SE0LpxWaa0o&uach_m=[UACH]&template_id=531

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400011&bpp=4&bdt=1425&idt=283&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=28nvIQnUSR&p=http%3A//westudents.com.ua&dtd=288
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 12:43:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Sep 2022 12:43:21 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 53F0 143 B
163 B 54ms
53ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=3970222355&adf=2642302692&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400011&bpp=4&bdt=1425&idt=283&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=230&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=28nvIQnUSR&p=http%3A//westudents.com.ua&dtd=288
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 239
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 19 Sep 2022 12:39:22 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C6F3 3 KB
1 KB 188ms
65ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 263
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 12:38:58 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame C6F3 17 KB
8 KB 180ms
58ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 12:27:41 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C6F3 141 KB
44 KB 193ms
72ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 12:43:21 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 53F0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
18 B

76ms
74ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 12:43:21 GMT
expires: Mon, 19 Sep 2022 12:43:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 12:43:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C6F3 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 17a2107b51c16d5b870718f3fc2c669338ac29cd879b5745c7b61f824297a175

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 9188 4 KB
737 B 227ms
82ms Stylesheet
text/css 2a00:1450:400a:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 12:43:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 12:43:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 12:43:21 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame F09B 6 KB
1 KB 205ms
80ms Stylesheet
text/css 2a00:1450:400a:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400a:802::200a Zurich, Switzerland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 11:37:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 19 Sep 2022 12:43:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Sep 2022 12:43:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F09B 2 KB
902 B 260ms
148ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 261
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 12:39:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F09B 0
0 100ms
99ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiVfb6GMoY8mQHdSxYqqNgrgI_4CQumyJ-aKa5w_y7NLgsgEQASDsnYUeYJWi8YGQB6ABgeyykQLIAQmpAskDswp7ubA-qAMByAPLBKoE0AFP0CPKK6g53RYrMPUVaaslngVSf46plkk2dT8fEx0CW5_SytOd5lQ5dCh9q2oMKSU03JoihXeoU-LwVWaq9Jp-_69N3i3CBETsMpfGr95DKPGJhNEVl6onLywKImb8jOmKV0ScnDFZ_BQPWdRaFFPmUaDdX6uhnK_EtVU0dEB_6oWEF4Un9hYgh3yplSTtUVko0MPul5mIE28khkYXfobuGQhzQagq8UTgY3xsmdyrNEXQVmiCsSnKSlOs6W-O68C3zytDC_Y8vQvn7zQWF60swASJ4Obx8AOgBi6AB-eTze4BqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQktcB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwG4E-QD2BMDiBQC0BUBgBcBshccChoIABIUcHViLTczMTI5ODI4NDkwMTM5MjQYAA&sigh=XLKTIA3w4qc&uach_m=[UACH]&template_id=484

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 19 Sep 2022 12:43:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9188 16 KB
6 KB 185ms
77ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 20 Sep 2022 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9188 26 KB
10 KB 162ms
55ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 09:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11221
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 20 Sep 2022 09:36:20 GMT

GET
H3 200 2076313506083323656
tpc.googlesyndication.com/simgad/17245604291713186044/ Frame F09B 44 KB
44 KB 192ms
85ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17245604291713186044/2076313506083323656

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedaf0078d97b6be98d0f8a04e953d84ed4a99666ca53e2a35a22a9645df4235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 08:10:02 GMT
x-content-type-options: nosniff
age: 275599
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45218
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 14:10:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 08:10:02 GMT

GET
DATA 200
OK truncated
/ Frame F09B 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/ Frame F09B 23 KB
9 KB 126ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:34:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 531
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 12:34:30 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F09B 3 KB
1 KB 219ms
147ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:26:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1024
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 12:26:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/ Frame F09B 17 KB
7 KB 209ms
138ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220914/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:27:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 940
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 03 Oct 2022 12:27:41 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F09B 141 KB
44 KB 180ms
70ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44609
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663155654979086"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 12:43:21 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame F09B 33 KB
14 KB 184ms
53ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 09:51:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 14 Dec 2022 09:51:18 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ Frame 9188 30 KB
31 KB 172ms
54ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600|Poppins:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 03:24:20 GMT
x-content-type-options: nosniff
age: 379141
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30928
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 03:24:20 GMT

GET
DATA 200
OK truncated
/ Frame F09B 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b718def294b19c3712080e4e3c6dca296e2dc55063cad6206cd0148ddfdaed91

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F09B 15 KB
15 KB 170ms
151ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 13:27:29 GMT
x-content-type-options: nosniff
age: 256552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 16 Sep 2023 13:27:29 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F09B 15 KB
16 KB 150ms
134ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:44:52 GMT
x-content-type-options: nosniff
age: 590309
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:44:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F09B 15 KB
15 KB 125ms
115ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 16:39:45 GMT
x-content-type-options: nosniff
age: 590616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Sep 2023 16:39:45 GMT

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AF3 36 KB
16 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7312982849013924&output=html&h=600&slotname=3173679860&adk=1667669443&adf=2574087009&pi=t.ma~as.3173679860&w=300&fwrn=4&fwrnh=100&lmt=1663591400&rafmt=1&psa=0&format=300x600&url=http%3A%2F%2Fwestudents.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&dt=1663591400015&bpp=1&bdt=1428&idt=288&shv=r20220914&mjsv=m202209120101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x600&nras=1&correlator=7892010940690&frm=20&pv=1&ga_vid=1129496704.1663591400&ga_sid=1663591400&ga_hid=115482740&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1108&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761793%2C42531705%2C31069575&oid=2&pvsid=196085274417520&tmod=357834438&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&fsb=1&xpc=jTi3XZgtkC&p=http%3A//westudents.com.ua&dtd=293

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:22:38 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9766.sHqRBai3LVXV4oz57MHazTsSYV_D6ea8uD2tcK1t0gJB2siYa0vgFY1Z7xFy4R56.tD-GZFmbD8jQNNGI5pjS5zC6bH8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9766.rdaaHysqhB36NcCZ5Jw_uQsRaivVT43A8p5ZY-My2OMFEIiNxhOBfjLmHH_LW-05S0-yKVU90uZUuhoeq0t-mg%2C%2C.XnAGeFV9r0F7rwGwWAl_1St3Pc0%2C

75 B
75 B

102ms
101ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9766.rdaaHysqhB36NcCZ5Jw_uQsRaivVT43A8p5ZY-My2OMFEIiNxhOBfjLmHH_LW-05S0-yKVU90uZUuhoeq0t-mg%2C%2C.XnAGeFV9r0F7rwGwWAl_1St3Pc0%2C

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:21 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9766.rdaaHysqhB36NcCZ5Jw_uQsRaivVT43A8p5ZY-My2OMFEIiNxhOBfjLmHH_LW-05S0-yKVU90uZUuhoeq0t-mg%2C%2C.XnAGeFV9r0F7rwGwWAl_1St3Pc0%2C
date: Mon, 19 Sep 2022 12:43:21 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sync_cookie_image_check
mc.yandex.ua/ 0
0

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 103ms
102ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:21 GMT
last-modified: Fri, 16 Sep 2022 05:57:38 GMT
etag: "6323e622-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 19 Sep 2022 13:43:21 GMT

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 9188 3 KB
3 KB 57ms
56ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 304183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Fri, 16 Sep 2022 00:13:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 00:13:38 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9188 29 KB
29 KB 217ms
79ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXnCspi3z9iAW04cvTMANYAbPzTViJcGajzf7O-EK4rjQbYVPG&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:16:16 GMT
x-content-type-options: nosniff
age: 448025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29774
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 08:16:16 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9188 17 KB
18 KB 193ms
55ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR7hctHJW_oOq_3GEqM-uC2Od0-ouJGatxs_4ZpoixZOZtwsk&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 06:24:48 GMT
x-content-type-options: nosniff
age: 368313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17473
x-xss-protection: 0
last-modified: Thu, 19 May 2022 22:32:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 15 Sep 2023 06:24:48 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9188 9 KB
10 KB 193ms
55ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSSZor2T1yryzWJq8CXVOR9DRkAaa3mfq42FZMb0WZsNFPojzwf_43GQ-HlFA&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:44:36 GMT
x-content-type-options: nosniff
age: 532725
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9726
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 22:26:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 13 Sep 2023 08:44:36 GMT

GET
H2 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9188 10 KB
11 KB 192ms
56ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:30:25 GMT
x-content-type-options: nosniff
age: 447176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 08:30:25 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9188 34 KB
34 KB 215ms
79ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR2ywFcDgruNaOiiEMN65dOmo0duZrf-3t2Nkxb142lUJ6yBzN3HurYYr60Uw&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea6d1d75101922eefaf1178a8076ce9dea8e89d1ff2d0bd788e4190512e48a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 06:39:51 GMT
x-content-type-options: nosniff
age: 281010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34470
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 22:36:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 16 Sep 2023 06:39:51 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9188 55 KB
55 KB 190ms
54ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQUzQ4lnLQyHPdZpA8BHv7T1LOkbNL2SqgnnpI8fvWEBOl9miDu&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866a0115ef55a30b1537266767dc26e175b839ea5d4052ef0c45222ad73f96c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:18:04 GMT
x-content-type-options: nosniff
age: 473117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56063
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 01:18:04 GMT

GET
DATA 200
OK truncated
/ Frame 9188 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 Logo-Transparent-Small.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/ Frame 9188 3 KB
3 KB 54ms
53ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1838989884782542848/Logo-Transparent-Small.png

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 304183
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3327
x-xss-protection: 0
last-modified: Thu, 03 Mar 2022 09:38:55 GMT
server: sffe
date: Fri, 16 Sep 2022 00:13:38 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 00:13:38 GMT

GET
H2 200 share.php Show response
vk.com/ Frame 6848 22 B
568 B 286ms
96ms Script
text/html 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_1663591401830188

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112211

Resource Hash

fd85cbb53220f64d9ed87abf4752bfa0a8b3fb7e8167fce81afe0d792286e079

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:22 GMT
content-encoding: gzip
x-frontend: front225207
server: kittenx
x-powered-by: KPHP/7.4.112211
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 42

GET
H2 200 share.php Show response
vk.com/ Frame 6848 21 B
567 B 288ms
98ms Script
text/html 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1663591401830207

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112211

Resource Hash

c81398918e0bafaceb0a1258dffe47660ae7d56c672b0d188e54ab620f9dccd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:22 GMT
content-encoding: gzip
x-frontend: front225207
server: kittenx
x-powered-by: KPHP/7.4.112211
strict-transport-security: max-age=15768000
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 41

GET
H2 200 dk Show response
connect.ok.ru/ Frame 6848 25 B
2 KB 383ms
90ms Script
application/javascript 217.20.147.3
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fwestudents.com.ua&callback=callback__utl_cb_share_1663591401830591

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:22 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dk Show response
connect.ok.ru/ Frame 6848 25 B
2 KB 418ms
125ms Script
application/javascript 217.20.147.3
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1663591401831661

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.147.3 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

ip3.147.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:22 GMT
content-encoding: br
vary: Accept-Encoding
rendered-blocks: WidgetExtLike
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame 6848 86 B
380 B 312ms
141ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_1663591401831452

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

54947745f71ee9fd2fc66bb4d5da2a65c1725ca96648badc29a5c6970a87d90e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:22 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8e6656b8.1663591402.91dbb162
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-pinterest-rid: 6471905635501400
content-length: 86
expires: Mon, 19 Sep 2022 12:58:22 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame 6848 96 B
390 B 322ms
151ms Script
application/javascript 104.75.88.209
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1663591401831994

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.75.88.209 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-75-88-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

acbad24defcfe44976b2f8266f88f48a9d60a7813dc1a6f761a7d1dd0fc44312

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:22 GMT
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.8e6656b8.1663591402.91dbb168
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
x-pinterest-rid: 1189837983398922
content-length: 96
expires: Mon, 19 Sep 2022 12:58:22 GMT

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame 6848 83 B
670 B 534ms
90ms Script
text/javascript 94.100.180.55
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit278&url_list=http%3A%2F%2Fwestudents.com.ua%2F&callback=callback__utl_cb_share_166359140183230

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.55 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

72bfcaac6382548e7bd98296e9d140a52231e5a1d41a23a1afcfc8a177dd3d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 83
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame 6848 93 B
680 B 538ms
92ms Script
text/javascript 94.100.180.55
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit388&url_list=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1663591401832595

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.55 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

006e684c652c1a46e45818c075cb3bc8221c5cff4bb0b0f303d5c970c36c4406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 19 Sep 2022 12:43:22 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 93
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame 27E0 14 KB
4 KB 94ms
94ms Document
text/html 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 19 Sep 2022 12:43:21 GMT
Expires: Mon, 19 Sep 2022 13:13:21 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9188 17 KB
17 KB 165ms
54ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTR7hctHJW_oOq_3GEqM-uC2Od0-ouJGatxs_4ZpoixZOZtwsk&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 06:24:48 GMT
x-content-type-options: nosniff
age: 368314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17473
x-xss-protection: 0
last-modified: Thu, 19 May 2022 22:32:14 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 15 Sep 2023 06:24:48 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/23414332/
Redirect Chain

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A1553%3Afu%3A0%3Aen%3Autf-8...
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A1553%3Afu%3A0%3Aen%3Autf...

427 B
581 B

99ms
99ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A1553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A299428979221%3Ahid%3A888712490%3Az%3A0%3Ai%3A20220919124321%3Aet%3A1663591402%3Ac%3A1%3Arn%3A93190518%3Arqn%3A1%3Au%3A1663591402936432397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1663591398127%3Anp%3AV2luMzI%3D%3Ads%3A272%2C90%2C93%2C90%2C0%2C0%2C%2C1019%2C5%2C%2C%2C%2C1565%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663591402%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

02d50fa09e6786bd0677bd7619d475148d30f2d13f8a4c6998baa5a020b0492c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 12:43:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 19-Sep-2022 12:43:22 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://westudents.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Mon, 19-Sep-2022 12:43:22 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Sep 2022 12:43:21 GMT
last-modified: Mon, 19-Sep-2022 12:43:21 GMT
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fwestudents.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2ocpriggyfyr9aewcgvlq0%3Afp%3A1553%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A882%3Acn%3A1%3Adp%3A0%3Als%3A299428979221%3Ahid%3A888712490%3Az%3A0%3Ai%3A20220919124321%3Aet%3A1663591402%3Ac%3A1%3Arn%3A93190518%3Arqn%3A1%3Au%3A1663591402936432397%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1663591398127%3Anp%3AV2luMzI%3D%3Ads%3A272%2C90%2C93%2C90%2C0%2C0%2C%2C1019%2C5%2C%2C%2C%2C1565%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1663591402%3At%3A%D0%91%D1%96%D0%B1%D0%BB%D1%96%D0%BE%D1%82%D0%B5%D0%BA%D0%B0%20%D1%83%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D1%81%D1%8C%D0%BA%D0%B8%D1%85%20%D0%BF%D1%96%D0%B4%D1%80%D1%83%D1%87%D0%BD%D0%B8%D0%BA%D1%96%D0%B2&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29rqnl%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://westudents.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 19-Sep-2022 12:43:21 GMT

GET
H3 200 shopping
encrypted-tbn3.gstatic.com/ Frame 9188 10 KB
10 KB 165ms
55ms Image
image/jpeg 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn3.gstatic.com/shopping?q=tbn:ANd9GcQVnSJMD5cnkJHzC9-kto5bW_iagE0oHrxmKCiICAkVcPaBnzo&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:30:25 GMT
x-content-type-options: nosniff
age: 447177
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10244
x-xss-protection: 0
last-modified: Tue, 03 May 2022 22:35:28 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 08:30:25 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9188 9 KB
10 KB 165ms
55ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSSZor2T1yryzWJq8CXVOR9DRkAaa3mfq42FZMb0WZsNFPojzwf_43GQ-HlFA&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 13 Sep 2022 08:44:36 GMT
x-content-type-options: nosniff
age: 532726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9726
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 22:26:40 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 13 Sep 2023 08:44:36 GMT

GET
H3 200 shopping
encrypted-tbn2.gstatic.com/ Frame 9188 29 KB
29 KB 119ms
59ms Image
image/jpeg 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcTXnCspi3z9iAW04cvTMANYAbPzTViJcGajzf7O-EK4rjQbYVPG&usqp=CAI

Requested by

Host: westudents.com.ua
URL: http://westudents.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:16:16 GMT
x-content-type-options: nosniff
age: 448026
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29774
x-xss-protection: 0
last-modified: Fri, 20 May 2022 00:08:51 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 08:16:16 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 211ms
101ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220914&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28aef709e642ec1120ce3a5499abc1cf925d55c377e6008953ae7b1c4622288c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 19 Sep 2022 12:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11301
x-xss-protection: 0

GET
H3 200 shopping
encrypted-tbn0.gstatic.com/ Frame 9188 55 KB
55 KB 164ms
55ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQUzQ4lnLQyHPdZpA8BHv7T1LOkbNL2SqgnnpI8fvWEBOl9miDu&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

866a0115ef55a30b1537266767dc26e175b839ea5d4052ef0c45222ad73f96c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 01:18:04 GMT
x-content-type-options: nosniff
age: 473118
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56063
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 22:27:29 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Thu, 14 Sep 2023 01:18:04 GMT

GET
H3 200 shopping
encrypted-tbn1.gstatic.com/ Frame 9188 34 KB
34 KB 95ms
58ms Image
image/jpeg 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcR2ywFcDgruNaOiiEMN65dOmo0duZrf-3t2Nkxb142lUJ6yBzN3HurYYr60Uw&usqp=CAI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea6d1d75101922eefaf1178a8076ce9dea8e89d1ff2d0bd788e4190512e48a59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 06:39:51 GMT
x-content-type-options: nosniff
age: 281011
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34470
x-xss-protection: 0
last-modified: Thu, 07 Jul 2022 22:36:48 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Sat, 16 Sep 2023 06:39:51 GMT

GET
H/1.1 204
No Content upd Show response
w.uptolike.com/widgets/v1/ Frame 6848 0
154 B 94ms
94ms Script
text/plain 95.163.114.204
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/upd?id=vk&pid=1350981&url=http%3A%2F%2Fwestudents.com.ua%2F%3F_utl_t%3Dvk&c=17&callback=callback__utl_cb_share_1663591402121675
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.204 Moscow, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 19 Sep 2022 12:43:22 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Sep 2022 12:43:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77D3 13 KB
5 KB 54ms
53ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1598
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 12:16:44 GMT
expires: Tue, 19 Sep 2023 12:16:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame A1AC 783 B
536 B 174ms
62ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4fb8291eb7b74cc02e076a003d0992cac9c8f6b6ded2bcaa2dce3505b485feb3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-To7WJH4-UnmWKzqqYev3kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://westudents.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-To7WJH4-UnmWKzqqYev3kA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 12:43:22 GMT
expires: Mon, 19 Sep 2022 12:43:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C6F3 42 B
64 B 91ms
90ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvSMvVduRzWAtEWlFwPefUetqzc1hoPy3jTPtu7Shf_zYg3CG-gO5KMLm1YU0xjsNQSkZe7I3RRL0zFycauIJchvHvcwH4xfEzgEXRllIZlUlLGf9S9g4Z3RKl_7Prq2FkSYGNXuA&sai=AMfl-YQw4sIJqz7WsB_TY9-5SzxQob3mrRw0LYhqeL8iN_Jh-TlpQO-XZtEThVk0QEI-BOLz5WXIKCAdvtmm&sig=Cg0ArKJSzAV1eKhc8HgZEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=3970222355&rs=2&la=0&cr=0&vs=4&r=v&rst=1663591400300&rpt=976&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 12:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js Show response
pagead2.googlesyndication.com/bg/ Frame 77D3 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6BYXhZMCT46-9MEs0mF7PtO-2LtaEInKrtcRBPC9dKM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 10:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8444
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15952
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 10:22:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame A1AC 0
0 88ms
87ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220914&jk=196085274417520&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 77D3 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?blEaTQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 12:43:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F09B 42 B
64 B 91ms
91ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssfj_oc_GJe9W0ueUT7GrbaQzSBEuwvuhTE7LhEJ2xo1LbekmUwCj_snuGk6QG5oyHepwPSdPkG7HaGS19vP_vPG6Xkq092YNvQMVl91XZBNOjPd1r3A0VQPa9of5nPfeCjvFkOsFxrUEBg2oashSi7bRQvB0qOW8Ya29kX1Y3F5pUNwvZX6owmzo6GhL05-FAQj3ADUJeGh8ygnK0LpKOJlmQwCEq814gt0rB0Xa9Vz4IAnZdKZDexX6mslHKYo1MnE0hZ44qvKH3CZkS-2-nnm4_unOt7CkmuAIw5Jskcmw80PP8nWjVsZmMniqzFJaxhFgDyfnzKlYM9P4JHmjKxK_aS37j_JpXOsU_qIyZ28u7gtgQgkJzxaUPEXilMoRKiWWvs-O9TE9drzzG0zx3ESMxbYxnYcQ-39gogAIgDkt6CkgYHyo3xxOs1xslji2czeM76kWchfqhoKdbJXR2rh22_FDG1UN44c79YYanSDJUXRw-M5m3OItrpSqyDArVEj6MuF9PZwoYTGu2uFguR7O8fPGIvmouE_K4rAtr2RYDNeJY-YTS2os98cGWOd2hvq6_CA8SCFzN4bYFy9ZoYZ80ridAFopMY7kf2Fp-YuX0FSSC0qEXbBBHZdSrWKt9Qwmo0IF8GwAVkt1DosiKyEB_GFDTaSM3KwheWQ9pMXQCqgFbHQ4NyiDqxVnDRyRie7-sfmB1fmTgxzrRWKp4ZpmH4XVrFS2DeTLJxrvSUPhJOG-XbDiEd22nXPfY4Uh5V2trRXuo1N6HPhg1RcZVB5RB0Btn_tkT-xlg6lvJVvNwgFyb8p0mEt-HqYB4qsbDzjwBxQBESje5QpcgnOZuufgtET0lyVC40JEpZ1pdUwsBcCrTE49eXrAh_XtGZwTkJJHtCdehTXOiCIac64Qv3zCGGycKMuplLyLM6PGS5S6W3BELCdK9J-Jbn0aPovo-OpEBz&sai=AMfl-YQQRAPQ8Pq8Q4AUD24bFKQuCxSCJsBeSyApRfO82aAfaI4c0k9J1UhJRjUtZowzZEOexHgUG-CIQuvPDhWdyp2p5gc_i3ct-Q&sig=Cg0ArKJSzLzIoeG1iX7vEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220914&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1667669443&rs=2&la=0&cr=0&vs=4&r=v&rst=1663591400312&rpt=1216&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Sep 2022 12:43:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 90ms
90ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220914&jk=196085274417520&bg=!c3ClcDTNAAZqQh0mSkI7ACkAdvg8WgxxPa0Mq99Oet843fNb0MjYzFnIGEBTK7V8bzPL0gzCirIkhwIAAABdUgAAAANoAQeZAqnehYz1qHphFfHbz1P4iDK-qj-vk0-tt9OwrUWaVBir8qvhtqmt9Yph4b24Bb5UhMvEXxXi1nDEBv7j1E10qdmDww1vcUD_px-6kXsa_hCw-Yr9hnc6xRYrPIRGdtODoAizoyfyDOvZslv6AgRe_cdZ3PHGjL_uCDzXx1Soc7hK7HfD-_ICn2LEb2YKHRRA9n2F61Ib3R-A6kqCqxk0zJMaPP6-RfX__cQGAck8XMVRZh1YfcmqJWY-Oxi-CPGa_R0sN4wVkwkmTuZpPklnRN02-NrUUaWejvEQCb-ZdocS9ogFKyI-H_-gmpyVpYPP4bV_imWbgBYrt4sGLgACXGVmxTpSXULQ_5KPI1mjJjGlXWlFJQNCixMFHFp8jePnTdrSaPhoCUKCJ-DmhE66cRw7oRZyNmr4iLZwycPci5ZQTD0Yndiw1Vo2haCbA_XkClR78NneMehFZVAAQtiDGkzvpeX2tAKYaQCabvXyTy4yUrkYA4kDvgBOYN4bpAog2qdxHX-7o5FzIyXJkweWfUKnlfWdTT0_mC4BC9P6mPMAGPLtqVdSrQy1uC1kbmXof7wWQ2XHMcUclIIuRroy4fJ-X127VWWJdM013Hihhb1DwQAEFvitnQ6ynf-KxdqV_IFzAdmX1_FXCr31aPrlHINsp2AqRorrMqdevFz6fcFGq_a8oKvLphBsIfg6NElu9Z4J70PgXjuZeC9BmUZejwD90qBQ2hhNuA887Lle13A4xQLqmqtNsi9ZLXVQWPA_CN_FCbEXOdyq5aHs41ADWdUlTHeNBq-xvyJFkPY3IQM0eLGnC737lMnyoopfQRM2VkDPCPT5v_bpsGRprI6mSMkXiF8AS1cWp_xb-jm-IL1IuWTxeERSzzicvzy0s1rkM35anrmo8jvs0Vg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://westudents.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mc.yandex.ua
URL: https://mc.yandex.ua/sync_cookie_image_check

Verdicts & Comments Add Verdict or Comment

81 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.westudents.com.ua/	1970-01-20 15:42:31	Name: _ga Value: GA1.3.1129496704.1663591400
.westudents.com.ua/	1970-01-20 06:07:57	Name: _gid Value: GA1.3.2143003110.1663591400
.westudents.com.ua/	1970-01-20 06:06:31	Name: _gat_gtag_UA_109056477_1 Value: 1
.yadro.ru/	1970-01-20 14:51:10	Name: FTID Value: 1ZA6Fe3EBu8P1ZA6Fe0017LH
.w.uptolike.com/	1970-01-20 15:42:31	Name: utl_id2 Value: 28845410439
.w.uptolike.com/	1970-01-20 15:42:31	Name: utl_dat Value: "COeFma61MBAAIOfW47a1MCjn1uO2tTAwAJdnNa1rBTBVIApySXJX4Wg="
.yadro.ru/	1970-01-20 14:51:10	Name: VID Value: 0Yp5xt3plAeP1ZA6Fe001QkZ
.westudents.com.ua/	1970-01-20 15:28:07	Name: __gads Value: ID=0808a2b50df20d02-22435c5727ce00bf:T=1663591400:RT=1663591400:S=ALNI_MaISASIZS7Zkg9XK6KrzK4Hp9vBmg
.doubleclick.net/	1970-01-20 15:28:07	Name: IDE Value: AHWqTUkQOlPlSb8oV8WB2nFY4J9riLGPEUhD_0k1BaopWH0-U6lffoXW5KnvkNYGfyY
.cdn.smntq.com/	1970-01-20 15:42:31	Name: smart Value: e215ae52fa8440b8816307d4db05c433
.doubleclick.net/	1970-01-20 06:06:35	Name: DSID Value: NO_DATA
.westudents.com.ua/	1970-01-20 14:52:07	Name: _ym_uid Value: 1663591402936432397
.westudents.com.ua/	1970-01-20 14:52:07	Name: _ym_d Value: 1663591402
.westudents.com.ua/	1970-01-20 06:07:43	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 06:06:32	Name: sync_cookie_csrf Value: 3653129152fake
.mc.yandex.ru/	1970-01-20 06:06:32	Name: sync_cookie_csrf Value: 2192794473fake
.yandex.com/	1970-01-20 14:52:07	Name: yandexuid Value: 2622900961663591401
.yandex.com/	1970-01-20 14:52:07	Name: yuidss Value: 2622900961663591401
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2343413791663591401
.yandex.com/	1970-01-20 15:42:31	Name: i Value: NSI/TafnIAjD1JnnA8jX3dzIRpsGCOoLburTwj19nWIzN03zTiZdlu8K51OW76pXwmfkNlDOSGHNYKgpjwznAI8qh0g=
.yandex.com/	1970-01-20 14:52:07	Name: ymex Value: 1695127401.yrts.1663591401#1695127401.yrtsi.1663591401
.vk.com/	1970-01-20 14:54:33	Name: remixlang Value: 3
.vk.com/	1970-01-20 14:52:07	Name: remixstlid Value: 9053019078657531802_AGnTM8cvDIeQz0LBUDQkVG0ggD0qEdMTXIVHRSBzdvL

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.ua/sync_cookie_image_check Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9766.rdaaHysqhB36NcCZ5Jw_uQsRaivVT43A8p5ZY-My2OMFEIiNxhOBfjLmHH_LW-05S0-yKVU90uZUuhoeq0t-mg%2C%2C.XnAGeFV9r0F7rwGwWAl_1St3Pc0%2C Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
af.click.ru
api.pinterest.com
cdn.smntq.com
connect.mail.ru
connect.ok.ru
counter.yadro.ru
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
encrypted-tbn3.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.com
mc.yandex.ru
mc.yandex.ua
pagead2.googlesyndication.com
partner.googleadservices.com
postabuse.ru
prespan.ru
tpc.googlesyndication.com
vk.com
w.uptolike.com
westudents.com.ua
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
mc.yandex.ua
104.75.88.209
217.197.112.80
217.20.147.3
2a00:1450:4001:800::200e
2a00:1450:4001:806::2008
2a00:1450:4001:809::200e
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200e
2a00:1450:400a:802::200a
2a02:6b8::1:119
62.109.31.26
87.240.132.78
88.212.201.198
94.100.180.55
94.250.254.126
95.142.40.16
95.163.114.204
95.217.109.66
0000f2da5b41f0afdea3eb387de6032482859d0c2f2d54aa2ab57e104329dcf0
006e684c652c1a46e45818c075cb3bc8221c5cff4bb0b0f303d5c970c36c4406
027a59371d5c0f42561e42ec25a54917efa5df94a52c805aacb2e05a90926010
02d50fa09e6786bd0677bd7619d475148d30f2d13f8a4c6998baa5a020b0492c
0bb9a543d6729f51a883b23be6010e8211cebc56db711baa2b52de74107c8651
17a2107b51c16d5b870718f3fc2c669338ac29cd879b5745c7b61f824297a175
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
27357951e2762a8adf71c13ae7e0e03b5ecee8e87017238183e7cfffdb428f88
28aef709e642ec1120ce3a5499abc1cf925d55c377e6008953ae7b1c4622288c
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
42e9385cea8164b34b0617860d86b6ba3844e4a92484d8d24142522d6df6a959
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4b6755fa117ce7885e5ef0c47fd833e6d6e9383bc173087ccaf7f80ae8053ceb
4bcbec012bc46e40438ea9853d88df8e3095cb8f42a64b4cba4158f78d5bae6c
4fb8291eb7b74cc02e076a003d0992cac9c8f6b6ded2bcaa2dce3505b485feb3
522ab2e374ffaa11a71bdaa3d97f1d6484213ef7716cc7d7d1464c799fa38bf9
5461cd3752d76af082daaec1ae4b0605d92fa4da2e816924524906e4606771ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54947745f71ee9fd2fc66bb4d5da2a65c1725ca96648badc29a5c6970a87d90e
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
54ef03d404ec29d9c8c4766a73f27e6dd748c23defc52450ae3672a71b8d439e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61c6caebd23921741fb5ffe6603f16634fca9840c2bf56ac8201e9264d6daccf
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4
624d8f6e11b854e5a5261fe0397a27d044501253aa15d62327d408182ff9f09f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
711b8679e3d4e38b84ed034a784d5992a02b3866fc699f61809285027c267985
72bfcaac6382548e7bd98296e9d140a52231e5a1d41a23a1afcfc8a177dd3d91
743e80cf5ec1f9a72fa8890a6c6aa6c5c3d57e99ff6355227229415c618fc4e0
76ebd2a7078570fa9f6a50855b4ade57c6b558cca7c95801b2b247406b274975
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
866a0115ef55a30b1537266767dc26e175b839ea5d4052ef0c45222ad73f96c8
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8842d55c7ed6bddca9f29e54a22750272dadb786cb8f6bc7b1e3e337510b2621
8a8c742162d4336f7579cc2113eeb132065b6875c822c0f6190c8fde9d04adfb
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
969810dfedeb167fa0a5c5efc3a6db672c944c0ca73004fa7157e9d34fded9fd
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a054b2f5e18f2bafa0e975804ca0eba5ff1ad001b4234b73853e2b3544fb580
9c9b6560a37526d33547098a4ed2ecf360eb9275c2db77a98c30fb7f8016f478
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
acbad24defcfe44976b2f8266f88f48a9d60a7813dc1a6f761a7d1dd0fc44312
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b718def294b19c3712080e4e3c6dca296e2dc55063cad6206cd0148ddfdaed91
b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e
b9c9916cc5c1c90e6d370d2c0d0fe161a5222d076c07d5e637fdefd34769b68f
b9f24a63dadc9feb4aac20af566de912f12df1df7199cc39b2c7c7f51dcd716a
bb51b9caddb8a0e55d70c819b8a8903fbf2f94b7ad453653ec6aa0e823524276
bebac62c953edf0d0ce8dced28607c288ca4e8edc7e52b2703bb45f8014bca3b
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
c81398918e0bafaceb0a1258dffe47660ae7d56c672b0d188e54ab620f9dccd0
cedaf0078d97b6be98d0f8a04e953d84ed4a99666ca53e2a35a22a9645df4235
d83f634702dfd798757c049b83f85a210eafcd40c91a7daaa00f6d637abd9c50
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2657f701ba5f27ec5ef915063ed61c021e107e35e4801b232e018979088f014
e327c4cf3b80e5e5bdea164926c57b871c1b240212065782d28cb22dd60fa51b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e816178593024f8ebef4c12cd2617b3ed3bed8bb5a1089caaed71104f0bd74a3
ea6d1d75101922eefaf1178a8076ce9dea8e89d1ff2d0bd788e4190512e48a59
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f49bd72e6bae4d1803162659b45335d1f58883eb2bd4a10d808447ee1c66ac35
f56bb7d57f95112338405d6b896e13b625841f4820c946feda73beee41abbbf4
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fd85cbb53220f64d9ed87abf4752bfa0a8b3fb7e8167fce81afe0d792286e079

westudents.com.ua Open in urlscan Pro 95.142.40.16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

86 %HTTPS

62 %IPv6

24 Domains

31 Subdomains

30 IPs

4 Countries

1276 kBTransfer

2489 kBSize

23 Cookies

1 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

westudents.com.ua Open in urlscan Pro
95.142.40.16 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

86 %
HTTPS

62 %
IPv6

24
Domains

31
Subdomains

30
IPs

4
Countries

1276 kB
Transfer

2489 kB
Size

23
Cookies

99 HTTP transactions
5 data transactions