urlscan.io logo urlscan.io
SecurityTrails logo

dengi.ua Open in urlscan Pro
193.29.200.162  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://dengi.ua/
Effective URL: https://dengi.ua/
Submission: On June 12 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 62 IPs in 13 countries across 56 domains to perform 348 HTTP transactions. The main IP is 193.29.200.162, located in Ukraine and belongs to UMHAS, UA. The main domain is dengi.ua.
TLS certificate: Issued by R3 on March 14th 2022. Valid for: 3 months.
This is the only time dengi.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 36 193.29.200.162 197203 (UMHAS)
1 2a00:1450:400... 15169 (GOOGLE)
10 2a03:90c0:41:... 199524 (GCORE)
1 91.198.36.26 43405 (DIGITAL-V...)
30 2a00:1450:400... 15169 (GOOGLE)
10 2606:4700::68... 13335 (CLOUDFLAR...)
1 2620:0:862:ed... 14907 (WIKIMEDIA)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 54.37.238.28 16276 (OVH)
9 78.159.118.240 28753 (LEASEWEB-...)
4 2a03:2880:f12... 32934 (FACEBOOK)
2 193.239.68.97 39468 (BIGMIR-IN...)
7 136.243.84.74 24940 (HETZNER-AS)
8 104.16.221.74 13335 (CLOUDFLAR...)
23 2a00:1450:400... 15169 (GOOGLE)
1 146.59.30.104 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
9 185.165.240.175 49981 (WORLDSTREAM)
28 2a03:2880:f02... 32934 (FACEBOOK)
1 2a03:2880:f05... 32934 (FACEBOOK)
1 2a03:2880:f05... 32934 (FACEBOOK)
2 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 142.250.181.226 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.18.2.81 13335 (CLOUDFLAR...)
3 185.187.81.41 43332 (IDSTRATEG...)
2 91.198.36.35 43405 (DIGITAL-V...)
3 146.0.227.109 20773 (GODADDY)
2 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 167.71.9.19 14061 (DIGITALOC...)
29 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.16.199.73 13335 (CLOUDFLAR...)
4 2a02:26f0:df:... 20940 (AKAMAI-ASN1)
10 32 142.250.186.162 15169 (GOOGLE)
8 12 2.20.157.55 16625 (AKAMAI-AS)
4 6 185.33.221.88 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
13 2a00:1450:400... 15169 (GOOGLE)
2 35.244.159.8 15169 (GOOGLE)
2 104.111.242.245 16625 (AKAMAI-AS)
6 142.250.185.194 15169 (GOOGLE)
1 2 2001:678:cb4:... 56396 (AMOBEE)
2 2 52.59.94.57 16509 (AMAZON-02)
2 2 151.101.66.49 54113 (FASTLY)
2 66.155.71.149 13768 (COGECO-PEER1)
2 2 35.190.0.66 15169 (GOOGLE)
3 35.186.253.211 15169 (GOOGLE)
4 4 13.248.245.213 16509 (AMAZON-02)
2 2 37.157.6.245 198622 (ADFORM)
1 185.86.137.122 201081 (SMARTADSE...)
4 4 3.126.56.137 16509 (AMAZON-02)
1 1 185.29.132.245 30419 (MEDIAMATH...)
1 52.223.40.198 16509 (AMAZON-02)
1 1 35.211.178.172 15169 (GOOGLE)
1 34.149.12.213 15169 (GOOGLE)
1 172.217.16.134 15169 (GOOGLE)
1 34.96.105.8 15169 (GOOGLE)
2 2 104.36.113.23 62713 (AS-PUBMATIC)
1 72.34.250.75 27630 (AS-XFERNET)
2 2 72.251.249.9 29791 (VOXEL-DOT...)
2 2 99.81.70.153 16509 (AMAZON-02)
1 2 51.38.120.206 16276 (OVH)
2 213.254.244.25 3257 (GTT-BACKB...)
348 62
36    193.29.200.162 (Ukraine)

ASN197203 (UMHAS, UA)
dengi.ua
1    2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
10    2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)
cdn.admixer.net
1    91.198.36.26 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
PTR: i1.i.ua
i.holder.com.ua
30    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
10    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2620:0:862:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)
upload.wikimedia.org
2    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    54.37.238.28 (France)

ASN16276 (OVH, FR)
PTR: ip28.ip-54-37-238.eu
gaua.hit.gemius.pl
9    78.159.118.240 (Munich, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: hosted-by.leaseweb.com
cdn.umh.ua
z.cdn.umh.ua
4    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
2    193.239.68.97 (Ukraine)

ASN39468 (BIGMIR-INTERNET-AS, UA)
PTR: c.bigmir.net
c.bigmir.net
7    136.243.84.74 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.74.84.243.136.clients.your-server.de
go.rcvlink.com
st11.rcvlink.com
8    104.16.221.74 (None, )

ASN13335 (CLOUDFLARENET, US)
jsc.idealmedia.io
c.idealmedia.io
cdn.idealmedia.io
servicer.idealmedia.io
cm.idealmedia.io
autocounter.idealmedia.io
23    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.co.uk
1    146.59.30.104 (France)

ASN16276 (OVH, FR)
PTR: ip104.ip-146-59-30.eu
ls.hit.gemius.pl
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.mox.tv
28    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
1    2a03:2880:f058:f:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)
scontent-lhr8-1.xx.fbcdn.net
1    2a03:2880:f058:10c:face:b00c:0:3 (London, United Kingdom)

ASN32934 (FACEBOOK, US)
scontent-lhr8-2.xx.fbcdn.net
6    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.co.uk
8    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
securepubads.g.doubleclick.net
2    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    104.18.2.81 (None, )

ASN13335 (CLOUDFLARENET, US)
r.i.ua
3    185.187.81.41 (Kyiv, Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)
s.zmctrack.net
loadercdn.net
2    91.198.36.35 (Ukraine)

ASN43405 (DIGITAL-VENTURES, UA)
h.holder.com.ua
3    146.0.227.109 (Ascension Island)

ASN20773 (GODADDY, DE)
inv-nets.admixer.net
2    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    167.71.9.19 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
bgstats.mox.tv
29    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
5    2607:f8b0:4002:c2c::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
redirector.gvt1.com
1    2a00:1450:4009:10::7 (London, United Kingdom)

ASN15169 (GOOGLE, US)
r2---sn-aigl6ner.gvt1.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.16.199.73 (None, )

ASN13335 (CLOUDFLARENET, US)
s-img.idealmedia.io
4    2a02:26f0:df:3ac::4469 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
32    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
12    2.20.157.55 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-55.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
6    185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
lh3.googleusercontent.com
13    2a00:1450:4001:80e::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com
sync.teads.tv
6    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
googleads4.g.doubleclick.net
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    52.59.94.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-94-57.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    35.190.0.66 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com
ads.travelaudience.com
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
4    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    37.157.6.245 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    185.86.137.122 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.211.178.172 (North Charleston, United States)

ASN15169 (GOOGLE, US)
PTR: 172.178.211.35.bc.googleusercontent.com
x.bidswitch.net
1    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
1    172.217.16.134 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f134.1e100.net
ad.doubleclick.net
1    34.96.105.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
2    104.36.113.23 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    72.34.250.75 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
2    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    99.81.70.153 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-70-153.eu-west-1.compute.amazonaws.com
match.360yield.com
2    51.38.120.206 (France)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
2    213.254.244.25 (Surbiton, United Kingdom)

ASN3257 (GTT-BACKBONE GTT, US)
tps.doubleverify.com
tpsc-frc.doubleverify.com
Apex Domain
Subdomains		 Transfer
68 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 48
stats.g.doubleclick.net — Cisco Umbrella Rank: 104
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 206
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 280
ad.doubleclick.net — Cisco Umbrella Rank: 185
375 KB
64 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110
tpc.googlesyndication.com — Cisco Umbrella Rank: 146
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
815 KB
36 dengi.ua
dengi.ua
720 KB
30 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 584
scontent-lhr8-1.xx.fbcdn.net — Cisco Umbrella Rank: 9283
scontent-lhr8-2.xx.fbcdn.net — Cisco Umbrella Rank: 10042
613 KB
13 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 262
529 KB
13 admixer.net
cdn.admixer.net — Cisco Umbrella Rank: 47872
inv-nets.admixer.net — Cisco Umbrella Rank: 2400
198 KB
12 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 564
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 539
10 KB
10 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42334
bgstats.mox.tv — Cisco Umbrella Rank: 54177
96 KB
10 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
86 KB
9 gstatic.com
www.gstatic.com
csi.gstatic.com
fonts.gstatic.com
96 KB
9 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 172
312 KB
9 idealmedia.io
jsc.idealmedia.io — Cisco Umbrella Rank: 115253
c.idealmedia.io — Cisco Umbrella Rank: 101929
cdn.idealmedia.io — Cisco Umbrella Rank: 166527
servicer.idealmedia.io — Cisco Umbrella Rank: 114123
s-img.idealmedia.io — Cisco Umbrella Rank: 105111
cm.idealmedia.io — Cisco Umbrella Rank: 17650
autocounter.idealmedia.io — Cisco Umbrella Rank: 123086
87 KB
9 umh.ua
cdn.umh.ua — Cisco Umbrella Rank: 284882
z.cdn.umh.ua — Cisco Umbrella Rank: 308202
10 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 4
adservice.google.com — Cisco Umbrella Rank: 82
1 KB
7 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 401
rtb0.doubleverify.com — Cisco Umbrella Rank: 606
tps.doubleverify.com — Cisco Umbrella Rank: 428
tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 10333
123 KB
7 rcvlink.com
go.rcvlink.com — Cisco Umbrella Rank: 58420
st11.rcvlink.com — Cisco Umbrella Rank: 84724
36 KB
6 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 231
6 KB
5 openx.net
us-u.openx.net — Cisco Umbrella Rank: 364
rtb.openx.net — Cisco Umbrella Rank: 1523
916 B
5 gemius.pl
gaua.hit.gemius.pl — Cisco Umbrella Rank: 54470
ls.hit.gemius.pl — Cisco Umbrella Rank: 12379
18 KB
4 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 290
1 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 387
2 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
32 KB
3 google.co.uk
www.google.co.uk — Cisco Umbrella Rank: 2980
adservice.google.co.uk — Cisco Umbrella Rank: 4822
1 KB
3 holder.com.ua
i.holder.com.ua — Cisco Umbrella Rank: 327377
h.holder.com.ua — Cisco Umbrella Rank: 297505
4 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 748
489 B
2 360yield.com
match.360yield.com — Cisco Umbrella Rank: 3930
790 B
2 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 638
1 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 602
1 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 572
1 KB
2 travelaudience.com
ads.travelaudience.com — Cisco Umbrella Rank: 13612
929 B
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 620
382 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 625
891 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 875
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 768
r.turn.com — Cisco Umbrella Rank: 2753
869 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 949
344 B
2 gvt1.com
redirector.gvt1.com — Cisco Umbrella Rank: 1514
r2---sn-aigl6ner.gvt1.com — Cisco Umbrella Rank: 686330
896 KB
2 unpkg.com
unpkg.com — Cisco Umbrella Rank: 910
43 KB
2 zmctrack.net
s.zmctrack.net — Cisco Umbrella Rank: 148809
24 KB
2 bigmir.net
c.bigmir.net — Cisco Umbrella Rank: 138549
837 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 47
20 KB
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 987
411 B
1 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2554
173 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 286
604 B
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 361
265 B
1 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 423
863 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1198
75 B
1 googleusercontent.com
lh3.googleusercontent.com — Cisco Umbrella Rank: 106
72 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 55
1 KB
1 loadercdn.net
loadercdn.net — Cisco Umbrella Rank: 487281
169 B
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 447
373 B
1 i.ua
r.i.ua — Cisco Umbrella Rank: 165631
506 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 816
638 B
1 wikimedia.org
upload.wikimedia.org — Cisco Umbrella Rank: 2433
1 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 80
39 KB
0 netmng.com Failed
google2waycm.netmng.com Failed
0 outstream.today Failed
ad.outstream.today Failed
348 56
Domain Requested by
36 dengi.ua 1 redirects dengi.ua
cdnjs.cloudflare.com
32 cm.g.doubleclick.net 10 redirects googleads.g.doubleclick.net
dengi.ua
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
30 pagead2.googlesyndication.com dengi.ua
pagead2.googlesyndication.com
z.cdn.umh.ua
googleads.g.doubleclick.net
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
ad.doubleclick.net
29 tpc.googlesyndication.com googleads.g.doubleclick.net
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
tpc.googlesyndication.com
28 static.xx.fbcdn.net www.facebook.com
static.xx.fbcdn.net
21 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
dengi.ua
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
13 s0.2mdn.net 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
dengi.ua
s0.2mdn.net
10 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
10 cdnjs.cloudflare.com dengi.ua
10 cdn.admixer.net dengi.ua
cdn.admixer.net
9 www.googletagservices.com ad.mox.tv
googleads.g.doubleclick.net
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
cdn.doubleverify.com
www.googletagservices.com
9 ad.mox.tv z.cdn.umh.ua
ad.mox.tv
dengi.ua
8 z.cdn.umh.ua cdn.umh.ua
7 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
dengi.ua
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
dengi.ua
ad.doubleclick.net
6 ib.adnxs.com 4 redirects googleads.g.doubleclick.net
6 www.google.com 2 redirects dengi.ua
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
6 go.rcvlink.com z.cdn.umh.ua
go.rcvlink.com
dengi.ua
5 csi.gstatic.com www.gstatic.com
5 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 ups.analytics.yahoo.com 4 redirects
4 eb2.3lift.com 4 redirects
4 cdn.doubleverify.com 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
cdn.doubleverify.com
dengi.ua
4 www.facebook.com dengi.ua
static.xx.fbcdn.net
4 gaua.hit.gemius.pl 1 redirects dengi.ua
gaua.hit.gemius.pl
3 rtb.openx.net 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
3 www.gstatic.com googleads.g.doubleclick.net
3 inv-nets.admixer.net cdn.admixer.net
ad.mox.tv
dengi.ua
2 onetag-sys.com 1 redirects 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
2 match.360yield.com 2 redirects
2 ap.lijit.com 2 redirects
2 image6.pubmatic.com 2 redirects
2 ssum-sec.casalemedia.com 2 redirects
2 c1.adform.net 2 redirects
2 ads.travelaudience.com 2 redirects
2 pixel-sync.sitescout.com 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
2 sync-tm.everesttech.net 2 redirects
2 pm.w55c.net 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 cm.idealmedia.io jsc.idealmedia.io
2 unpkg.com ad.mox.tv
2 h.holder.com.ua i.holder.com.ua
2 s.zmctrack.net dengi.ua
2 adservice.google.com pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 adservice.google.co.uk pagead2.googlesyndication.com
securepubads.g.doubleclick.net
2 jsc.idealmedia.io z.cdn.umh.ua
jsc.idealmedia.io
2 c.bigmir.net dengi.ua
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
1 tpsc-frc.doubleverify.com cdn.doubleverify.com
1 tps.doubleverify.com cdn.doubleverify.com
1 sync.go.sonobi.com 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
1 tr.blismedia.com 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
1 ad.doubleclick.net www.googletagservices.com
1 rtb0.doubleverify.com cdn.doubleverify.com
1 x.bidswitch.net 1 redirects
1 match.adsrvr.org 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
1 sync.mathtag.com 1 redirects
1 ssbsync.smartadserver.com 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
1 r.turn.com dengi.ua
1 ad.turn.com 1 redirects
1 lh3.googleusercontent.com 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
1 autocounter.idealmedia.io dengi.ua
1 s-img.idealmedia.io dengi.ua
1 fonts.gstatic.com fonts.googleapis.com
1 r2---sn-aigl6ner.gvt1.com googleads.g.doubleclick.net
1 redirector.gvt1.com 1 redirects
1 servicer.idealmedia.io jsc.idealmedia.io
1 cdn.idealmedia.io dengi.ua
1 c.idealmedia.io jsc.idealmedia.io
1 fonts.googleapis.com googleads.g.doubleclick.net
1 loadercdn.net dengi.ua
1 st11.rcvlink.com dengi.ua
1 bgstats.mox.tv dengi.ua
1 pixel.quantserve.com dengi.ua
1 r.i.ua dengi.ua
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.google.co.uk dengi.ua
1 scontent-lhr8-2.xx.fbcdn.net www.facebook.com
1 scontent-lhr8-1.xx.fbcdn.net www.facebook.com
1 stats.g.doubleclick.net www.google-analytics.com
1 ls.hit.gemius.pl gaua.hit.gemius.pl
1 cdn.umh.ua dengi.ua
1 upload.wikimedia.org dengi.ua
1 i.holder.com.ua dengi.ua
1 www.googletagmanager.com dengi.ua
0 google2waycm.netmng.com Failed 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
0 ad.outstream.today Failed dengi.ua
348 88

This site contains links to these domains. Also see Links.

Domain
mediadim.com.ua
subscribe.dengi.ua
Subject Issuer Validity Valid
dengi.ua
R3		 2022-03-14 -
2022-06-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.admixer.net
Sectigo RSA Domain Validation Secure Server CA		 2021-06-08 -
2022-06-21		 a year crt.sh
holder.com.ua
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.wikipedia.org
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-10-19 -
2022-11-17		 a year crt.sh
*.hit.gemius.pl
Sectigo ECC Domain Validation Secure Server CA		 2021-09-08 -
2022-09-25		 a year crt.sh
cdn.umh.ua
R3		 2022-06-09 -
2022-09-07		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-03-21 -
2022-06-19		 3 months crt.sh
c.bigmir.net
R3		 2022-06-08 -
2022-09-06		 3 months crt.sh
*.rcvlink.com
Thawte RSA CA 2018		 2021-10-01 -
2022-10-01		 a year crt.sh
ad.mox.tv
R3		 2022-05-30 -
2022-08-28		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.co.uk
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.co.uk
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
i.ua
R3		 2022-04-07 -
2022-07-06		 3 months crt.sh
s.zmctrack.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-25		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
bgstats.mox.tv
R3		 2022-05-29 -
2022-08-27		 3 months crt.sh
loadercdn.net
R3		 2022-05-02 -
2022-07-31		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.doubleverify.com
DigiCert SHA2 Secure Server CA		 2021-12-23 -
2022-12-23		 a year crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-04-21 -
2022-07-20		 3 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh

This page contains 36 frames:

Primary Page: https://dengi.ua/
Frame ID: FC4AA2820A05AAABE64D543C6F6287F2
Requests: 124 HTTP requests in this frame

Frame: https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FDengiUA%252F%26tabs%3Dtimeline%26width%3D320%26height%3D600%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D212599602674838
Frame ID: DEF748C72ADFE67E2BC4EA30DE3B820F
Requests: 36 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/main.js
Frame ID: 7947C22C3C2188B28488A4C79E57A4BE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Frame ID: BAC79ED6260D972FF3C287CB8DB7ACFB
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: E463FDE0CAC9A77C7BB58EB9F5030F99
Requests: 1 HTTP requests in this frame

Frame: https://ls.hit.gemius.pl/lsget.html
Frame ID: 8B0A4D3C347BA3F4471ECF32F0135684
Requests: 1 HTTP requests in this frame

Frame: https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Frame ID: 6A646D0B278CB54F30252A7D5C064F20
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1655008346&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdengi.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346555&bpp=3&bdt=484&idt=264&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=828244554574&frm=20&pv=2&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=280
Frame ID: 78940B4FCBF3A58C3EAEA301DAC9BAE4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Frame ID: BD05EA570EDB209548FA7D9151FCADEC
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Frame ID: 169B80E54F9B67D497556EF625FD7F59
Requests: 27 HTTP requests in this frame

Frame: https://go.rcvlink.com/static/iframe.htm
Frame ID: 6C1D0005A8618313411693787297C4EB
Requests: 5 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 41A54584D6F1CC1BB71F943E08E7027D
Requests: 1 HTTP requests in this frame

Frame: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A7A0450F61D5190FA05E3A658F839329
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 12E46C5BBA25FD598D4F40E074EE27DA
Requests: 2 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: B6713984E6B043461D36D5ADBF09860B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Frame ID: F8FC6F88F52E3A582B6F4BDA6B5B7363
Requests: 1 HTTP requests in this frame

Frame: https://cm.idealmedia.io/i-noref.js?cbuster=1655008347672357808512
Frame ID: 814545BF7A74E8EF27696B5B73797FCC
Requests: 1 HTTP requests in this frame

Frame: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4475EFA052EA0E650CAD8E8EACE4279E
Requests: 13 HTTP requests in this frame

Frame: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4C87F679C9370F0DA5C994BB74CBD7E3
Requests: 15 HTTP requests in this frame

Frame: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CBEB1187463B2F487D7E91918CFB10F3
Requests: 22 HTTP requests in this frame

Frame: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAD961CC37B64AE42D0B9843C57080B9
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Frame ID: 5EDA78DA6ADD02D53C0A735711F81669
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ4J3YrgIY8f-svgEwAQ&v=APEucNWzUWffu6CrsZmSYAACXJ9UTpR-i_izedos5tV4yKDONsc4_RFIYUe3VFF7escRVWXhM7eTwMJkdPkUq4bBc-7embHtENCGGIEprwPC7iJNBRujPbARNlRKxvPDASxJ1M50IAqVZU8lGEsVanYypRQwpp9rDceoAKXWaOxlGKZoNlNOgMU
Frame ID: 71F5A41C0CF20C14B08B2AABFBE2311A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGoO2lATAB&v=APEucNXRh6v74lozJ8hDX8J1QYhbrnL3MZcbV7fDjLllvYF9urUnMNDKA75aaTeBCbatu2CpmJL9yJ6MAo7b2BvwTTiyY0VMKmI3umaqcCv_l3li8vk4JlAS2lK1m0HYXZsHeU4AGhIa61y_FGjz53Rnn-uqMA0B0FqVNZVjiun8igTYT1Lcss499tqMdpYkNUL3-c7Yjwyi
Frame ID: 94DF44DBAF85D5200AAFE17D5AAEDDEA
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1Ahi-8Nu2ATAB&v=APEucNXTnD6XGKGE1jlumrjzsNacjAryCpiUKtOsK41Dx177tB8_Kt2P9I76527CzxSsuo-7V-z6kifVETKYy0yE9ILZr8CDdNVCH3CYwSqbvyMgw5tnEFvR9hwnnDktOAw91Yjaflxx7iH0cun2q_NFanBhdL1cr440AcnLjPMH4ugSRvfDGl8
Frame ID: CE656D452BAE9602FD9126E6E786ADCF
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: CADA147E458E3409C9A0E8B696B64F5C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 5F0026593570A6AC420FA9CF943C4DF8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3DE0DE7D045508A5426AF540D6A59F4D
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA85EBC4BE78C63F995CA4F60B999DC3
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EE7EECCB6F3BE645FDB4114AA933775
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: EE668FFE934EF63D7199DE58E535F622
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D14DAF7C1E046CE763B523503FDDD8EB
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
Frame ID: BFCF8431AF240B5319DE5909213FDEDE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D9F51392BB6A3AC1DA5F76BDF5D901CF
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2815.js
Frame ID: E616B2F810923792176C6C6C5FA0AF91
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F016E09AB6ED62FF4DAE7F1CBFDCD741
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Деньги: Курсы обмена наличных валют, депозит, вклад, кредит | dengi.ua

Page URL History Show full URLs

  1. http://dengi.ua/ HTTP 301
    https://dengi.ua/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • hit\.gemius\.pl/xgemius\.js
  • hit\.gemius\.pl
  • xgemius\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

348
Requests

89 %
HTTPS

41 %
IPv6

56
Domains

88
Subdomains

62
IPs

13
Countries

5258 kB
Transfer

11359 kB
Size

82
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://dengi.ua/ HTTP 301
    https://dengi.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 103
  • https://gaua.hit.gemius.pl/_1655008346881/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=8Fnbr0UUvtEKI1Hurj9qHjMs4xwWNiKH6I6JjTIo32b.L75v0jqnPEftU8YoztSBtahvIZ.9b.ZtiIIxolzTWx5SlhKC/lFP7W_A5KPaUJ/&ltime=241&fpdata=fl4l_XPAYNuNu9sqQvCG8YipSYWjAV2i08AR4aJf5mb.t7&fpcap= HTTP 301
  • https://gaua.hit.gemius.pl/__/_1655008346881/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=8Fnbr0UUvtEKI1Hurj9qHjMs4xwWNiKH6I6JjTIo32b.L75v0jqnPEftU8YoztSBtahvIZ.9b.ZtiIIxolzTWx5SlhKC/lFP7W_A5KPaUJ/&ltime=241&fpdata=fl4l_XPAYNuNu9sqQvCG8YipSYWjAV2i08AR4aJf5mb.t7&fpcap=
Request Chain 121
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f13a082a-a43e-43a5-98a6-55ed0aa2404e&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f13a082a-a43e-43a5-98a6-55ed0aa2404e&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1 HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=dafbd3a2-4f3b-52a3-99ba-b5f4fb1fd9af&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
  • https://ad.mox.tv/delivery/sync?userid=42a92204-a714-4ba1-b0d5-b915bd5a9f04 HTTP 302
  • https://ad.mediawayss.com/delivery/sync?userid=42a92204-a714-4ba1-b0d5-b915bd5a9f04&inner_redirect=1&inner_uuid=f13a082a-a43e-43a5-98a6-55ed0aa2404e&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkLmFkb3B4Lm5ldCxhZC5pbnZhbWlhLmNvbSxhZC52aWR2ZXJ0by5pbyxhZC52aWR2ZXIudG8= HTTP 302
  • https://ad.outstream.today/delivery/sync?userid=42a92204-a714-4ba1-b0d5-b915bd5a9f04&inner_redirect=1&inner_uuid=f13a082a-a43e-43a5-98a6-55ed0aa2404e&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw==
Request Chain 188
  • https://redirector.gvt1.com/videoplayback?id=9057359b6adb307b&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1655015547&sparams=ip,ipbits,expire,id,itag,source,requiressl&signature=49BB54DDC94A34DBCF7146EF7AFBF2A2E2052D9E.8BEA09A278C83C0F954E8AD34C24B759D11DDF16&key=ck2 HTTP 302
  • https://r2---sn-aigl6ner.gvt1.com/videoplayback?id=9057359b6adb307b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1655015547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=17E8AE0D4EA412922724AAB1B935AB0349EC3AE4.54E36582AEA16EF5F16930007CC711551626CF50&key=cms1&cms_redirect=yes&mh=UO&mip=2a02:8c8:c10:30::15&mm=28&mn=sn-aigl6ner&ms=nvh&mt=1655007114&mv=u&mvi=2&pl=32
Request Chain 190
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1&C=1
Request Chain 245
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqVsXLXGl7RaT5zf3ClU1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPct4itdH0mgT9guIe24pNM&google_cver=1
Request Chain 247
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4MTY4NDE3MjQzNjE0Mjg5Mw%3D%3D
Request Chain 248
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1&C=1
Request Chain 249
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqVsXLXGl7RaT5zf3ClU1QAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
Request Chain 250
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPct4itdH0mgT9guIe24pNM&google_cver=1
Request Chain 251
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4MTY4NDE3MjQzNjE0Mjg5Mw%3D%3D
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKyGAjO-AeCvtTKVpO2H8g0&google_cver=1
Request Chain 258
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEGFz6ftOTg_o5kjUi8hS1iA&google_cver=1
Request Chain 285
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMEfH1Y7faKWvh5Uuihiu60&google_cver=1&google_push=ARnp8GCK3ntf4hM1lOop-vCGXSP9l4v879jjI1XO70SEjtovidQd74OqwGwotagmNqRSWidwsxLPnVnAyWAKiN1J8NEKkSAjmi1m HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzgxNDQyMzczOTI1MDAxMDI2OQ==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMEfH1Y7faKWvh5Uuihiu60&google_cver=1
Request Chain 286
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGCPFWzck3USd2P9qDx7DJ8&google_cver=1&google_push=ARnp8GC4XDxUo6zm2I-1siRGWoH_AJTcLuXHP80IB2IKtw8mHSiDtD_afkjD5oubXcQdvsTjm2nIjR_e6cwt2w4WWk0yDHfTsrsr HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGCPFWzck3USd2P9qDx7DJ8&google_cver=1&google_push=ARnp8GC4XDxUo6zm2I-1siRGWoH_AJTcLuXHP80IB2IKtw8mHSiDtD_afkjD5oubXcQdvsTjm2nIjR_e6cwt2w4WWk0yDHfTsrsr HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WlBOdzFFeWMxTzBmaDI1&google_gid=CAESEGCPFWzck3USd2P9qDx7DJ8&google_cver=1&google_push=ARnp8GC4XDxUo6zm2I-1siRGWoH_AJTcLuXHP80IB2IKtw8mHSiDtD_afkjD5oubXcQdvsTjm2nIjR_e6cwt2w4WWk0yDHfTsrsr
Request Chain 287
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_cver=1&google_push=ARnp8GDeUekDtg14NHxEHWEzZTU5mymgOpV7dtSR8lDdf9muXbhPT6tRYgS7E5HPvmvbW8DyUn570BtGfMN4B7_bP0E_YHqR-kGs HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_push=ARnp8GDeUekDtg14NHxEHWEzZTU5mymgOpV7dtSR8lDdf9muXbhPT6tRYgS7E5HPvmvbW8DyUn570BtGfMN4B7_bP0E_YHqR-kGs
Request Chain 289
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA3Msybsv2VXgn4MUEHwr44&google_cver=1&google_push=ARnp8GBOjPtXv-k9WDDWwFH-m_sHhlls311axYgQNzi2yUho3M6WHqC19sgBaBuJ-3utkoPbEd8X_9BY1Wz_TRNXD97rEfxUa9A0 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CqWMhyjIQtGxyT7XkdIUXw2&google_push=ARnp8GBOjPtXv-k9WDDWwFH-m_sHhlls311axYgQNzi2yUho3M6WHqC19sgBaBuJ-3utkoPbEd8X_9BY1Wz_TRNXD97rEfxUa9A0
Request Chain 291
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGtYxKMJko2rXcP5umY-p7A&google_cver=1&google_push=ARnp8GAY_HJh107L7StaAAYL42mA6uNGX663Hw1O5XU5hd3D9NQoQL6AbcDO1ZyOBDM80WR0Gxux4yKuqaFOFRzQIqMCEoBRRD-K HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GAY_HJh107L7StaAAYL42mA6uNGX663Hw1O5XU5hd3D9NQoQL6AbcDO1ZyOBDM80WR0Gxux4yKuqaFOFRzQIqMCEoBRRD-K&google_gid=CAESEGtYxKMJko2rXcP5umY-p7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY1MTIxMTE3ODU3MzI2Njc5NDg1OA%3D%3D&google_push=ARnp8GAY_HJh107L7StaAAYL42mA6uNGX663Hw1O5XU5hd3D9NQoQL6AbcDO1ZyOBDM80WR0Gxux4yKuqaFOFRzQIqMCEoBRRD-K
Request Chain 293
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 295
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_cver=1&google_push=ARnp8GAzFruLYzNib4eHIhK-GYmasnjibmYTRHRkT0KikTcl4fE0tXCAffyYDOiYeHRsvhZWvjxk9bHe4MGwWe13G0s9iYTyKba-YQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_push=ARnp8GAzFruLYzNib4eHIhK-GYmasnjibmYTRHRkT0KikTcl4fE0tXCAffyYDOiYeHRsvhZWvjxk9bHe4MGwWe13G0s9iYTyKba-YQ
Request Chain 297
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF7WoeUnqCMeKJXOn7M13Zw&google_cver=1&google_push=ARnp8GCBGTog7YSj4tEQ9KlKCKaVc_CXaS2W384dhjjDwfqBA6HlLKfu6EG4C6Chywzlk0D4M2VgSDvfuOHyr_nGvLoi5nDRCvBu HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF7WoeUnqCMeKJXOn7M13Zw&google_cver=1&google_push=ARnp8GCBGTog7YSj4tEQ9KlKCKaVc_CXaS2W384dhjjDwfqBA6HlLKfu6EG4C6Chywzlk0D4M2VgSDvfuOHyr_nGvLoi5nDRCvBu HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM2MjI4Njk2MzIxODI0ODE5OA&google_push=ARnp8GCBGTog7YSj4tEQ9KlKCKaVc_CXaS2W384dhjjDwfqBA6HlLKfu6EG4C6Chywzlk0D4M2VgSDvfuOHyr_nGvLoi5nDRCvBu
Request Chain 298
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGtYxKMJko2rXcP5umY-p7A&google_cver=1&google_push=ARnp8GDfqCCeqht0VkLwaVDGiCHH8eWxjvw_Gxazl6xQ9KMadcJxvhugdT_YkcnXAsrSA90IMw5Jvvqg0ecMVeKGE3wxA8GXYGbnig HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GDfqCCeqht0VkLwaVDGiCHH8eWxjvw_Gxazl6xQ9KMadcJxvhugdT_YkcnXAsrSA90IMw5Jvvqg0ecMVeKGE3wxA8GXYGbnig&google_gid=CAESEGtYxKMJko2rXcP5umY-p7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY1MTIxMTE3ODU3MzI2Njc5NDg1OA%3D%3D&google_push=ARnp8GDfqCCeqht0VkLwaVDGiCHH8eWxjvw_Gxazl6xQ9KMadcJxvhugdT_YkcnXAsrSA90IMw5Jvvqg0ecMVeKGE3wxA8GXYGbnig
Request Chain 300
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECm2An-f74SsEdz5lxhCzBc&google_cver=1&google_push=ARnp8GBvwx0lLoc22gqE__JNtD8yXojkENe4GX7OIZxL8s5vhHfzqnX3PJivOhrgMGQhYYLu7kv6mRGfwYCHQLKQFe7c379K3Z0vgro HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECm2An-f74SsEdz5lxhCzBc&google_cver=1&google_push=ARnp8GBvwx0lLoc22gqE__JNtD8yXojkENe4GX7OIZxL8s5vhHfzqnX3PJivOhrgMGQhYYLu7kv6mRGfwYCHQLKQFe7c379K3Z0vgro&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KbDRDdzlKRTJ1R1VkQmp4c2Q2M3dlV1FRYlg3dDlhUH5B&google_push=ARnp8GBvwx0lLoc22gqE__JNtD8yXojkENe4GX7OIZxL8s5vhHfzqnX3PJivOhrgMGQhYYLu7kv6mRGfwYCHQLKQFe7c379K3Z0vgro
Request Chain 302
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDsF9Q_6aK7Xw6MVAEfIvEs&google_cver=1&google_push=ARnp8GAm7YVH2ymZ4T884oX3R3JpSpB8lV54yVw80xia4lKFK0L-w1IJAmk0wpNfIchJbvQ6U4QumdDPAVlBO0fKyV4As0TWZd2GJA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GAm7YVH2ymZ4T884oX3R3JpSpB8lV54yVw80xia4lKFK0L-w1IJAmk0wpNfIchJbvQ6U4QumdDPAVlBO0fKyV4As0TWZd2GJA
Request Chain 304
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA3Msybsv2VXgn4MUEHwr44&google_cver=1&google_push=ARnp8GADeqZ4SSJ8_dsvPb0Swt2N75erYQ-cs0DYvzxIsJ910Y8c0mrXyavR9MCXybYmpQi9RPHr2MhxcbUaIYxVWorbHAZ2s4kisg HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eHm_0_8lTWeVVcRDJ6_9gw2&google_push=ARnp8GADeqZ4SSJ8_dsvPb0Swt2N75erYQ-cs0DYvzxIsJ910Y8c0mrXyavR9MCXybYmpQi9RPHr2MhxcbUaIYxVWorbHAZ2s4kisg
Request Chain 305
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFjnPlJ8t7kM2RV_YtVqvMQ&google_cver=1&google_push=ARnp8GBsqAzR906N5K1OGlvVdjligRFBG7YK5I__Vlq5pySXdcsXIEGxuYhgZyrWPl-R8G6t-ux8ZImJd8GggvUNjYaUp5a3aZPk HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GBsqAzR906N5K1OGlvVdjligRFBG7YK5I__Vlq5pySXdcsXIEGxuYhgZyrWPl-R8G6t-ux8ZImJd8GggvUNjYaUp5a3aZPk&google_hm=QqkiBKcUS6Gw1bkVvVqfBA==
Request Chain 307
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAi15LYLnnx4Fu2ckfI7tmo&google_cver=1&google_push=ARnp8GCVbKv62-mVUb8IDZk9krD3XGbhQu2Ehqy9EaslsqAuFzckNlHfFdTaRi7SjxL5-OZ-nWjIVVtudNovQQEqo24R_qVeDV34 HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAi15LYLnnx4Fu2ckfI7tmo&google_push=ARnp8GCVbKv62-mVUb8IDZk9krD3XGbhQu2Ehqy9EaslsqAuFzckNlHfFdTaRi7SjxL5-OZ-nWjIVVtudNovQQEqo24R_qVeDV34&s=184023&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqVsXI01Y2O0CroaZEGelwAAAq0AAAIB&google_push=ARnp8GCVbKv62-mVUb8IDZk9krD3XGbhQu2Ehqy9EaslsqAuFzckNlHfFdTaRi7SjxL5-OZ-nWjIVVtudNovQQEqo24R_qVeDV34&google_cver=1&google_gid=CAESEAi15LYLnnx4Fu2ckfI7tmo
Request Chain 308
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECm2An-f74SsEdz5lxhCzBc&google_cver=1&google_push=ARnp8GCxgYdeFiQSOpJ9rvRKMRA617FvokjsGb_O_BhNs5APYlZLObYIK1KVzM0FYb3FtfT8xbotGVoG38qtEQ6YPiqakRQ5pq1gR34 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECm2An-f74SsEdz5lxhCzBc&google_cver=1&google_push=ARnp8GCxgYdeFiQSOpJ9rvRKMRA617FvokjsGb_O_BhNs5APYlZLObYIK1KVzM0FYb3FtfT8xbotGVoG38qtEQ6YPiqakRQ5pq1gR34&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KbDRDdzlKRTJ1R1VkQmp4c2Q2M3dlV1FRYlg3dDlhUH5B&google_push=ARnp8GCxgYdeFiQSOpJ9rvRKMRA617FvokjsGb_O_BhNs5APYlZLObYIK1KVzM0FYb3FtfT8xbotGVoG38qtEQ6YPiqakRQ5pq1gR34
Request Chain 345
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJPEAM6XUNtOUQqQ4IEbNUM&google_cver=1&google_push=ARnp8GBEilLSNqwnkF1YYNuF01y7Rx2Qmb83jwEPCUB0WTWDaL4f3DaJ0Wk-vbo_3BYmw1byNsBYVTd_lHQKV65HdEfQFrv-Fa2uPA HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEJPEAM6XUNtOUQqQ4IEbNUM&google_cver=1&google_push=ARnp8GBEilLSNqwnkF1YYNuF01y7Rx2Qmb83jwEPCUB0WTWDaL4f3DaJ0Wk-vbo_3BYmw1byNsBYVTd_lHQKV65HdEfQFrv-Fa2uPA&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d6uF59_3TbOnlh3biELiPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBEilLSNqwnkF1YYNuF01y7Rx2Qmb83jwEPCUB0WTWDaL4f3DaJ0Wk-vbo_3BYmw1byNsBYVTd_lHQKV65HdEfQFrv-Fa2uPA
Request Chain 347
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEONg7uX6J0myASMOHzzOoDY&google_cver=1&google_push=ARnp8GAnF__XlKGf4BgemlN2ERu_TlgkTIlBiHqzYeTXrOwuJx0s9CZy32Xa6a7HH7DOlpKZqdtvnRdrTz4tlYVXq5swJwNgFNvKqg HTTP 307
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEONg7uX6J0myASMOHzzOoDY&google_cver=1&google_push=ARnp8GAnF__XlKGf4BgemlN2ERu_TlgkTIlBiHqzYeTXrOwuJx0s9CZy32Xa6a7HH7DOlpKZqdtvnRdrTz4tlYVXq5swJwNgFNvKqg&sovrn_retry=true HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GAnF__XlKGf4BgemlN2ERu_TlgkTIlBiHqzYeTXrOwuJx0s9CZy32Xa6a7HH7DOlpKZqdtvnRdrTz4tlYVXq5swJwNgFNvKqg&google_hm=Ey-wrGZHSv4MOw5AR7yCtSUB
Request Chain 348
  • https://match.360yield.com/match/ebda?google_gid=CAESEM-XOlWWLxVTUVoYVoxrjcw&google_cver=1&google_push=ARnp8GAlhaHJ8BifbqFNCGEZig73AMq9LOqe-4Nj_A7SxEDfL8pCgQdRhzoWCCB3V0r4l9jUCRBc4kqAE4eCV9rbSAJpY0wiiyf-hQ HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM-XOlWWLxVTUVoYVoxrjcw&google_cver=1&google_push=ARnp8GAlhaHJ8BifbqFNCGEZig73AMq9LOqe-4Nj_A7SxEDfL8pCgQdRhzoWCCB3V0r4l9jUCRBc4kqAE4eCV9rbSAJpY0wiiyf-hQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=G9fL7hMRRPSW6MhJ9c4Qxg&google_push=ARnp8GAlhaHJ8BifbqFNCGEZig73AMq9LOqe-4Nj_A7SxEDfL8pCgQdRhzoWCCB3V0r4l9jUCRBc4kqAE4eCV9rbSAJpY0wiiyf-hQ
Request Chain 349
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGHj0AoWjI8wBmvQxQUVnHE&google_cver=1&google_push=ARnp8GAPhq_8X7jANN_YXgf8J_F6aMprglrwwG06xTksW7-iNv23T3sDW44V_U9SCwM47uxfB66bzZNxxIOkAtf0QCwWiXmNvscab_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GAPhq_8X7jANN_YXgf8J_F6aMprglrwwG06xTksW7-iNv23T3sDW44V_U9SCwM47uxfB66bzZNxxIOkAtf0QCwWiXmNvscab_E HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5

348 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
dengi.ua/
Redirect Chain
  • http://dengi.ua/
  • https://dengi.ua/
99 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1a24f9f143d2c56917f3cec2bc1d6dc5e901f4a14dc0325253a262c9cbb16821

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
public, max-age=300
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 04:35:53 GMT
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Sun, 12 Jun 2022 04:35:53 GMT
Location
https://dengi.ua/
Server
nginx
js
www.googletagmanager.com/gtag/ 		101 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-11903997-1
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c2e61c2eb88cf5835fc891abe01edba9e030cd46881ebda43a7a141ed989d1f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39783
x-xss-protection
0
last-modified
Sun, 12 Jun 2022 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 12 Jun 2022 04:32:26 GMT
loader2.js
cdn.admixer.net/scripts3/ 		176 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/loader2.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:23:59 GMT
server
nginx
etag
W/"6282425f-2c101"
x-cached-since
2022-06-12T04:25:37+00:00
content-type
application/javascript
cache-control
max-age=600
cache
HIT
expires
Mon, 16 May 2022 12:35:26 GMT
holder.js
i.holder.com.ua/t/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i.holder.com.ua/t/holder.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.26 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
i1.i.ua
Software
nginx /
Resource Hash
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 04:32:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2017 14:14:15 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
Expires
Mon, 12 Jun 2023 04:32:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4061dec87adea054ba444c2f712a9ecae9bec9fc597aa7b1e2b17c6b906ec59d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56452
x-xss-protection
0
server
cafe
etag
15790373921663178327
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:32:26 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/ 		152 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/css/bootstrap.min.css
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
892636
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17210
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-2606e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0P8QPeFzf7iWaUB8fbkwohtC9vWDcauhu9EOotGIqhHtQdNfGqZ%2B%2BXGKTGwAC5aTE0LY09yagvgh9QS9aseIFqEg7xA75D%2BXCMq6G7JfkmGVBP%2B59tS2J8b%2BJ1bHCBc0vqlgdmUpnIh0UCehP8yxnbhY"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd36c350716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
owl.carousel.min.css
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/assets/owl.carousel.min.css
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7427285
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
845
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-d17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T34Qo%2BNuCr6aJtCnNon1xFogWfc7hWm1IOcw%2FOX2qR9b4WtvFI7%2BcC%2F3T2x58k54C4BTV32CFg9bUtcJEA%2B9k6jF9e2MhYpKilhOUkdo0ZeuJ0d2c3%2F9nm%2BP9xTeruDGBb4O8zLXDY40l%2FPvbSKqaWAK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd36c370716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
sprite.min.css
dengi.ua/css/ 		275 B
418 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/css/sprite.min.css
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
e58c753d0a3db639d4a0ba7f7f354994cc17633fe0d8f5da3220ca95d952309d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:53 GMT
content-encoding
gzip
last-modified
Wed, 30 Sep 2020 08:02:35 GMT
server
nginx
etag
W/"5f743b9b-113"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.min.css
dengi.ua/css/ 		41 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/css/styles.min.css?10
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
acf0a7f4b2e838f23bb55dd85a45a62a30800810da73c2c8383d3380de227e2e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:53 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 09:42:31 GMT
server
nginx
etag
W/"60b8a407-a252"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
toastr.min.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		6 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.css
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
7462930
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2517
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1936"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjifHrJ8YOMoQLQ07eMaK4pfA%2BEmDIyUsOyI1an5iQzOMEKqPlc0x4xMTudHzHr3y54ZZxhEXE%2FdTyk1eWfq5z1CTFwCgxIVqrpBRgk5ETO05TDBonQREXyaDQAWzz3tpvdl5TNKRN035Iouk%2F%2Fcp7A0"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd36c380716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
common.css
dengi.ua/click/css/ 		571 B
437 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/css/common.css?1
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:53 GMT
content-encoding
gzip
last-modified
Mon, 16 Mar 2020 13:55:41 GMT
server
nginx
etag
W/"5e6f855d-23b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-credentials
true
access-control-allow-headers
*
notice.css
dengi.ua/click/common/CookiesNotice/ 		945 B
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/common/CookiesNotice/notice.css?3
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:53 GMT
content-encoding
gzip
last-modified
Wed, 15 Apr 2020 07:30:42 GMT
server
nginx
etag
W/"5e96b822-3b1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
access-control-allow-credentials
true
access-control-allow-headers
*
custom.css
dengi.ua/a-custom/ 		1 KB
675 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/a-custom/custom.css?25
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8750955dc9849aa1f13a62c862aadd2ee900157be523740d6914a5a599182af3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:53 GMT
content-encoding
gzip
last-modified
Wed, 30 Sep 2020 08:02:35 GMT
server
nginx
etag
W/"5f743b9b-408"
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/css
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
logo.png
dengi.ua/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/logo.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
4fde05972e07818972ca37acd5fe202b748135be03d11ca6a8242769bd186bcb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-629"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
1577
expires
Thu, 31 Dec 2037 23:55:55 GMT
3x2.png
dengi.ua/img/ 		97 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/3x2.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
b68a1ba91deb32619434087b6672ff157e24654bc1285d5a70ea9eeb01726e91

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-61"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
97
expires
Thu, 31 Dec 2037 23:55:55 GMT
1x1.png
upload.wikimedia.org/wikipedia/commons/c/ca/ 		95 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://upload.wikimedia.org/wikipedia/commons/c/ca/1x1.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:0:862:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),
Reverse DNS
Software
ATS/8.0.8 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=106384710; includeSubDomains; preload

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 02:20:37 GMT
nel
{ "report_to": "wm_nel", "max_age": 86400, "failure_fraction": 0.05, "success_fraction": 0.0}
age
7908
x-cache-status
hit-front
x-cache
cp3055 hit, cp3059 hit/8916
server-timing
cache;desc="hit-front", host;desc="cp3059"
content-length
95
x-client-ip
2a02:8c8:c10:30::15
x-object-meta-sha1base36
1q4na1xj6topzln51tpzqqxtdtdwo9p
accept-ranges
bytes
last-modified
Sat, 04 Apr 2020 08:42:56 GMT
server
ATS/8.0.8
etag
71a50dbba44c78128b221b7df7bb51f1
strict-transport-security
max-age=106384710; includeSubDomains; preload
report-to
{ "group": "wm_nel", "max_age": 86400, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
permissions-policy
interest-cohort=(),ch-ua-arch=(self "intake-analytics.wikimedia.org"),ch-ua-bitness=(self "intake-analytics.wikimedia.org"),ch-ua-full-version-list=(self "intake-analytics.wikimedia.org"),ch-ua-model=(self "intake-analytics.wikimedia.org"),ch-ua-platform-version=(self "intake-analytics.wikimedia.org")
accept-ch
Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
timing-allow-origin
*
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 		86 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
186972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27748
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-15851"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=84p%2BuYdGHuHZ%2BmXROgBV3jkdFrrP%2BQ633g%2FjaEU0%2FlSgDFbtRqxSYwXaDI08Bqg12MSDKRKcO4FB8QJgJf2FAE6%2B14ucMetDCGURe36mRO9hbyFLKVt9yjCNhjOh%2Fm2hLfWdyzCXC69BRMyANG8NjTdF"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd47d150716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/ 		77 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.3.1/js/bootstrap.bundle.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
186367
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19586
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-1332b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UTh8PZtRd2HGhL4Aw4wQJOFRhZ0IdK8GzCZZUKqbqW8yD0mDv0yvjlrWJGx7m2hSpyVtp6BgqXmgDNUUZd%2BXzodNWnKH9idtzKOyS6H6%2F2qSznWGz1%2Bv8PIl7Sls9q1bJwVcYT8Nm65qco2Mr7cZV0Yn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd48d200716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
jquery.lazy.min.js
cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.10/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery.lazy/1.7.10/jquery.lazy.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5123022
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2092
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:47 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec3-139f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7lcwL0B8BKc%2BiRW8lAcoEQYVQ9lu00gsBA2ZbpMByHihtuiRT4jdW4RAxkWTaLIvZNEIrbkoPi0txOtzHrgcTW5XL1mpSEssO4dh754ROv9EelZy6wvcrxr9AUwbsP26sG%2FCJFqbwUlp1sYm0Lxn2rS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd48d220716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
owl.carousel.min.js
cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/ 		43 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1433936
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10158
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:04:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03cf0-ad36"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m3uU0sfQR8Wh8WebZnX11xWAIuFcpCU4N%2F%2Bp%2B0e3cqK7RV91ckP92vv4QuHvqcYEcrRSmDkIlyp4tHpiylAOugpBwhCJt6DFM4fs5jGj7lK3O9d%2FA402J1Zhft8BswfV85edgSqjZoRT2eqL%2FPxOeDx2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd48d230716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
custom.js
dengi.ua/a-custom/ 		98 B
389 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/a-custom/custom.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6d15cb059fde6785b76e5613e4ee4407a1f07e339d40f1a1383b60eaec13ec92

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 14:04:14 GMT
server
nginx
etag
W/"5e87425e-62"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
script.min.js
dengi.ua/js/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/js/script.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6cec0e38347b38f35dc946f2d2b435d9227e38b225ddec57e62261aced6bdb79

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 14:04:14 GMT
server
nginx
etag
W/"5e87425e-1906"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
cache-control
max-age=315360000
access-control-allow-credentials
true
access-control-allow-headers
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
on-ready-widget.js
dengi.ua/click/modules/content/js/ 		1 KB
732 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/modules/content/js/on-ready-widget.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
10c5dd1eaabf5bbf1cbee087b83d068915e9d17bd19b0ae79f3786e035a6c09b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
last-modified
Fri, 03 Apr 2020 14:03:20 GMT
server
nginx
etag
W/"5e874228-412"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
article-stat-v2.js
dengi.ua/click/js/ 		976 B
580 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/js/article-stat-v2.js?8
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
last-modified
Mon, 29 Apr 2019 05:26:10 GMT
server
nginx
etag
W/"5cc68af2-3d0"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
jquery.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 		1 KB
935 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
289640
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
591
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:11:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec1-514"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKR0FOxpsvNpNpHlYXvjhIhbdwAOkosrt%2FXW%2BB93peJAVXsaQTyhaz7Mvr3pUqjc52q22awR6d3rqfWcY%2BIfjHGxL%2FY4ZEcZ%2F54sTpt02LPBYZ6e4tVCNZ5CGiVTvtAnZy8L6mqiJQUzrmbDkDSq%2FP3T"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd48d260716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
md5.min.js
cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/blueimp-md5/2.10.0/js/md5.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1421030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1339
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:35 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d8b-eb6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rtgtMUs%2FS0vo43XdP4yis56Bl0ZJcKp%2BtY6B5hk28m%2B8GcEqR6lg0rYobVvebjinusbVw6qpVUcYAZyzO9LJVzoV%2B6HUWnSfJpVeN3bBSR7CraecyIkXujkyiKrTXpdEhOGPhroVNtPndmDH3tIGQhFq"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd48d270716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/2.1.4/toastr.min.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
8449136
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1763
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:02 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ffe-1483"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hkXqJ7fjgDRNyOsvaiilxW0a2R%2FIEPAy0j%2BlGV%2BbZ%2BpC0v9Dk9Jr9IgCodKJR1kvTqIEjv%2F4R2Cfzt9xtDJlKeGdVOIMKVwjhMmXLCz312d3Fefspo1ImRP4N9huGxOVaPhnjjg6LbM8WPGk6rdhKJ1d"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
719fdcd48d280716-LHR
expires
Fri, 02 Jun 2023 04:32:26 GMT
common.js
dengi.ua/click/js/ 		3 KB
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/js/common.js?1
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
last-modified
Mon, 06 Jan 2020 10:11:50 GMT
server
nginx
etag
W/"5e1307e6-a00"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
user.js
dengi.ua/click/modules/user/js/ 		278 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/modules/user/js/user.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
6939ea70c8ba34d1291f1c0469d399533f0b090a5078ceea7f317e06a1b1bf09

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
last-modified
Thu, 12 Mar 2020 08:27:12 GMT
server
nginx
etag
W/"5e69f260-116"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
notice.js
dengi.ua/click/common/CookiesNotice/ 		648 B
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/common/CookiesNotice/notice.js?2
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 13:24:19 GMT
server
nginx
etag
W/"5e42ab03-288"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript; charset=UTF-8
access-control-allow-credentials
true
access-control-allow-headers
*
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-11903997-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3460
date
Sun, 12 Jun 2022 03:34:46 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 12 Jun 2022 05:34:46 GMT
xgemius.js
gaua.hit.gemius.pl/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/xgemius.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Tue, 24 May 2022 16:52:19 GMT
server
GHC
vary
Accept-Encoding,Origin
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
max-age=43200
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
14031
expires
Sun, 12 Jun 2022 16:32:26 GMT
e.js
cdn.umh.ua/libs/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.umh.ua/libs/e.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block;

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
vary
Accept-Encoding
x-xss-protection
1; mode=block;
last-modified
Tue, 01 Mar 2022 15:54:34 GMT
server
nginx
etag
W/"621e41ba-16f4"
access-control-max-age
1728000
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
access-control-allow-headers
X-PINGOTHER
expires
Mon, 13 Jun 2022 04:32:26 GMT
search.svg
dengi.ua/img/icons/ 		216 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/search.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
1306abec4b8ee8a93b580fe6c9aad3599a865964a352e7f4e7d7e4400c8c1c6d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-d8"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
216
expires
Thu, 31 Dec 2037 23:55:55 GMT
user.svg
dengi.ua/img/icons/ 		228 B
498 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/user.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
89bc864825d33292d943d11957b9f3f987ac048786033e60ac6ac0c2bbe7b19c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-e4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
228
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Bold.ttf
dengi.ua/fonts/Roboto/ 		166 KB
167 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/fonts/Roboto/Roboto-Bold.ttf
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a

Request headers

Referer
https://dengi.ua/css/styles.min.css?10
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-2996c"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://dengi.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
170348
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Regular.ttf
dengi.ua/fonts/Roboto/ 		167 KB
168 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/fonts/Roboto/Roboto-Regular.ttf
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Request headers

Referer
https://dengi.ua/css/styles.min.css?10
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-29d08"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://dengi.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
171272
expires
Thu, 31 Dec 2037 23:55:55 GMT
Roboto-Medium.ttf
dengi.ua/fonts/Roboto/ 		168 KB
168 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/fonts/Roboto/Roboto-Medium.ttf
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836

Request headers

Referer
https://dengi.ua/css/styles.min.css?10
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-29e88"
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
https://dengi.ua
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
171656
expires
Thu, 31 Dec 2037 23:55:55 GMT
page.php
www.facebook.com/plugins/ Frame DEF7 		105 KB
30 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c95ad475c23b93d9c06ae8a4c3e22132c596a1eb807521631f272aad5323bfcf
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 12 Jun 2022 04:32:26 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=3,i
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
s+abVN1vCTqS4yAfTJgNCeS8TSxYtYaQ69d86Tmv891VkTJjYjObCQ75aiqRqme61DLKxtnjMkIWi0Q9jntSlg==
x-fb-rlafr
0
x-xss-protection
0
sprite.png
dengi.ua/img/icons/ 		784 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/sprite.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/sprite.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
14d56b0bb498f3ea550d0c97baffe43bb61175733e503c1a31dd4e6f744e736d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/sprite.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-310"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/png
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
784
expires
Thu, 31 Dec 2037 23:55:55 GMT
arr-left.svg
dengi.ua/img/icons/ 		161 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/arr-left.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
912f911aa605e91352bc8fe84466d20b3e4d95f40b57a6f4503344c85d541931

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-a1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
161
expires
Thu, 31 Dec 2037 23:55:55 GMT
arr-right.svg
dengi.ua/img/icons/ 		161 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/arr-right.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
56c24961aedbef6e5c5a17d918a7cf838d75ed2cadb67493d4aaaeaca9c18f78

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-a1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
161
expires
Thu, 31 Dec 2037 23:55:55 GMT
f5a37a8ab5ad7581e768a804b8113ed0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_567Xh_378.jpg
dengi.ua/i/63/21/36/4/6321364/image_main/ 		67 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/i/63/21/36/4/6321364/image_main/f5a37a8ab5ad7581e768a804b8113ed0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_567Xh_378.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
ca05a5113a7ec2a54dcb1a96c42e0e3dd5c46a8e513027cfe45a20385d2679d9

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Fri, 10 Jun 2022 16:00:46 GMT
server
nginx
etag
"62a36aae-10baa"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
68522
expires
Thu, 31 Dec 2037 23:55:55 GMT
aae47467012d5292700f7f262ebc800d-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
dengi.ua/i/63/21/42/7/6321427/image_main/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/i/63/21/42/7/6321427/image_main/aae47467012d5292700f7f262ebc800d-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
284fca6023cb68ce085674ec5a7d8d14788f52e042000ab78bcbfa574e74b6c7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Fri, 10 Jun 2022 16:27:58 GMT
server
nginx
etag
"62a3710e-9875"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
39029
expires
Thu, 31 Dec 2037 23:55:55 GMT
7a289853c9f32701362e486114b3ba64-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
dengi.ua/i/63/21/40/6/6321406/image_main/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/i/63/21/40/6/6321406/image_main/7a289853c9f32701362e486114b3ba64-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
0d5e52464ee54b8a22b01c2a1ccb8478b84a43b1c4011c54ae4e658ec2078534

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Fri, 10 Jun 2022 15:39:26 GMT
server
nginx
etag
"62a365ae-517e"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
20862
expires
Thu, 31 Dec 2037 23:55:55 GMT
f5a37a8ab5ad7581e768a804b8113ed0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
dengi.ua/i/63/21/36/4/6321364/image_main/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/i/63/21/36/4/6321364/image_main/f5a37a8ab5ad7581e768a804b8113ed0-quality_70Xresize_crop_1Xallow_enlarge_0Xw_273Xh_182.jpg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
e15c28e87c2788be5a6558d64cd0d6c577aab0e2cf60ee3411a42c03d649b980

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
last-modified
Fri, 10 Jun 2022 15:08:51 GMT
server
nginx
etag
"62a35e83-a7b1"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
42929
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
c.bigmir.net/ 		131 B
422 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bigmir.net/?o1&v147337&s145856&t6&c1&n948208&w0&y0&d24&r1600
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
e26a7168ec7721ec10f77c7a20c48a23d9d403cab828bdb91e1405728e8a81af

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:26 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
load
z.cdn.umh.ua/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1380857846&div=zone_1380857846&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
cc9eafa7791d211884b9a4704ca63f14483a0b822e9fde213fde06c97de7fc8b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
1243
expires
-1
load
z.cdn.umh.ua/ 		42 B
367 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1294580464&div=zone_1294580464&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
bd6189087cad9d19fb214c8200364606a5dd73a4f8dc8690726ff774473b9cd4

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
42
expires
-1
load
z.cdn.umh.ua/ 		923 B
974 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1159995315&div=zone_1159995315&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
4a5b48ed7b8daaad88b07cb7438c3a080025b5ccb98b3e08df5b094efeeede0f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
623
expires
-1
load
z.cdn.umh.ua/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2056070941&div=zone_2056070941&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
74fbf16c0b988914f7ea8895c1b76dda91354c0ed469fa3a82555307d3b98500

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
745
expires
-1
load
z.cdn.umh.ua/ 		57 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1390205423&div=zone_1390205423&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
5b79c21d8f1c4efd78aa32cbcbc42fa0709305b7a75637af7f3cafa03dbfc174

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
text/plain; charset=utf-8
content-length
57
expires
-1
load
z.cdn.umh.ua/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1542284465&div=zone_1542284465&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
967ec01b5256007b0fb5264c11b70511d047e8302d4dcc03122de7ec07ffde8c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
server
nginx
p3p
policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
content-type
application/javascript; charset=utf-8
content-length
1338
expires
-1
load
z.cdn.umh.ua/ 		75 B
202 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=2046209506&div=zone_2046209506&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
0bdd41f689eb4e425bf3eff8db44c60932c88999e4f00a9b05309e5ae68adb10

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
cache-control
no-cache, must-revalidate
server
nginx
content-type
text/plain; charset=utf-8
content-length
75
expires
-1
load
z.cdn.umh.ua/ 		1 KB
941 B 		Script
General
Check archive.org
Download Go to
Full URL
https://z.cdn.umh.ua/load?z=1198542071&div=zone_1198542071&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Requested by
Host: cdn.umh.ua
URL: https://cdn.umh.ua/libs/e.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
78.159.118.240 Munich, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS
hosted-by.leaseweb.com
Software
nginx /
Resource Hash
b4a3c394a66ae400250772cb60ad2794de6dc3245464cf3d4a62e952c14ed13f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
server
nginx
content-type
application/javascript; charset=utf-8
cache-control
no-cache, must-revalidate
content-length
788
expires
-1
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1520728734&t=pageview&_s=1&dl=https%3A%2F%2Fdengi.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=482575332&gjid=217418645&cid=799306086.1655008346&tid=UA-11903997-1&_gid=982554339.1655008346&_r=1&gtm=2ou680&z=1334743693
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.js
go.rcvlink.com/static/ Frame 7947 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/main.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1380857846&div=zone_1380857846&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e8dcdf5dff373850306ae1bb9c886dbeb76540e57163f2124a52408fad73ec2f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 21:45:12 GMT
server
nginx
etag
W/"622bc2e8-18d0"
content-type
application/javascript
cache-control
max-age=86400
expires
Mon, 13 Jun 2022 04:32:26 GMT
dengi.ua.1296110.js
jsc.idealmedia.io/d/e/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/d/e/dengi.ua.1296110.js
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1159995315&div=zone_1159995315&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
472da821a9382665bbc3e14b8b15326045957bb473ee08cb2f89eeecb2ad70e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
3VP0Q8YNCDN7PE7C
cf-ray
719fdcd65a4675bf-LHR
content-length
903
x-amz-id-2
FLneqQJWqb9u9AJZ2IPuoKXcbruZGSBZVOrLpI4AAC4AMdVPEocFDGGeKn6qyaBX/YxL7jFsZAM=
last-modified
Wed, 08 Jun 2022 10:40:55 GMT
server
cloudflare
etag
"8cea713b7c1acb170d83a779849f70bd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
UDTrKTJGGqDb9tZbI6DfPriROri1Hj8c
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 07:32:26 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/ 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ae09df7643bb2e32c88e43fe55ea0da47ecec7e54e6fb7625f6ef9637a310e00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
123039
x-xss-protection
0
server
cafe
etag
7213960039140277123
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:32:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/ Frame BAC7 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220608/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
44751
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 16:06:35 GMT
etag
14734731752043123527
expires
Sat, 25 Jun 2022 16:06:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
c.html
cdn.admixer.net/scripts3/46506/ Frame E463 		738 B
441 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 12 Jun 2022 04:32:26 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc34
a21031c0f6a0994b3314.b.js
cdn.admixer.net/scripts3/46506/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/a21031c0f6a0994b3314.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:15 GMT
server
nginx
etag
W/"6282426f-5d41"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
0a75d04ce9f53a1a35b6.b.js
cdn.admixer.net/scripts3/46506/ 		75 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/0a75d04ce9f53a1a35b6.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:04 GMT
server
nginx
etag
W/"62824264-12c39"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:26 GMT
fpdata.js
gaua.hit.gemius.pl/ 		277 B
391 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/fpdata.js?href=dengi.ua
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
cd2f1ba0d7f8a1b8578ff48ba73a2fedcf70b35a299c0dbec436f13e05801479

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
server
GHC
etag
PRIVATE7520710249
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
private, max-age=2592000
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
277
expires
Tue, 12 Jul 2022 04:32:26 GMT
lsget.html
ls.hit.gemius.pl/ Frame 8B0A 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ls.hit.gemius.pl/lsget.html
Requested by
Host: gaua.hit.gemius.pl
URL: https://gaua.hit.gemius.pl/xgemius.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
146.59.30.104 , France, ASN16276 (OVH, FR),
Reverse DNS
ip104.ip-146-59-30.eu
Software
GHC /
Resource Hash
13d656898e959646a49bbfaf5cd6215e9f0ab394977529da6776010220d9b2eb

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
none
cache-control
private, max-age=2592000
content-encoding
gzip
content-length
2722
content-type
text/html;charset=utf-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:26 GMT
etag
PRIVATE7520710249
expires
Tue, 12 Jul 2022 04:32:26 GMT
last-modified
Mon, 16 Jul 2012 10:03:40 GMT
p3p
CP="NOI DSP COR NID PSAo OUR IND"
server
GHC
vary
Accept-Encoding,Origin,User-Agent
collect
stats.g.doubleclick.net/j/ 		7 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-11903997-1&cid=799306086.1655008346&jid=482575332&gjid=217418645&_gid=982554339.1655008346&_u=YEBAAUAAAAAAAC~&z=970915667
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 12 Jun 2022 04:32:26 GMT
content-type
text/plain
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7
expires
Fri, 01 Jan 1990 00:00:00 GMT
mwayss_invocation.min.js
ad.mox.tv/mox/ 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1198542071&div=zone_1198542071&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Tue, 07 Dec 2021 16:48:38 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"61af9066-72a8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 12 Jun 2022 05:32:26 GMT
RwXN2PoG7Ii.css
static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/ Frame DEF7 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/RwXN2PoG7Ii.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cd12dd695fefd532396b9788fc6caf3ba4230accd5d0a25db9593b6043c533f6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
8e+BTTQgtCy9qJnFLOwDQg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4681
x-fb-rlafr
0
x-fb-debug
QjFi6IHxxSabPydB1xqPUD97PEd9TFvgWZFNiJ+PcdAVGDFvsQmjEX9zLzNSXdAzquvz7peQXU3uLP4qkDVo4Q==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 11 Jun 2023 17:08:37 GMT
FPdNN1TK3wJ.css
static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/ Frame DEF7 		2 KB
1022 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yF/l/0,cross/FPdNN1TK3wJ.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XpWPuiqLnlvq4xkatdITVw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
831
x-fb-rlafr
0
x-fb-debug
NZg/AtyagRQTH1pwNeH1d622WudhqTly2Z1mYNfJweDLBxaJ42W1O0TLz42zkHRTxQOeJw1Qx10c3AQVvRutgA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 07 Jun 2023 23:32:43 GMT
2Wrb3kFIcuy.css
static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/ Frame DEF7 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c68f78ab5b36309b244041c15ef4163aac66ede31ee53b2d4271b1f7aae1a6cc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
LmKg6bAj5CVq6/oKWEfMNQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6321
x-fb-rlafr
0
x-fb-debug
1797gpusBGlaZG/1rtre7zq7mhUqfDdqZEcoV0znewLRyjwVTYVRFHNu1muKdn3twY5giFLzFVAjNqkEKFaFYw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 07 Jun 2023 07:08:33 GMT
QUsNACrsLCM.css
static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/ Frame DEF7 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y4/l/0,cross/QUsNACrsLCM.css?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2f171236738e4cdf2a1a5eb473b4994a6ed7bb9adf443112319c9210cb818380
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
stjhCIvTr8/vFM9MFaMhhA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3793
x-fb-rlafr
0
x-fb-debug
1yXel0tmJtVLsF4ol/hHqYf+JzYecKm+xUtpP5z6l0cON7B6YAi1U0gMm5qHTTVjwywRNjAZjD+U2jsa1GtLTQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
text/css; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 11 Jun 2023 17:08:37 GMT
C0teK_h3UC4.js
static.xx.fbcdn.net/rsrc.php/v3/yM/r/ Frame DEF7 		309 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C0teK_h3UC4.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
edb5379e249cf88c2f9d413d197e87ea8b220aabf07a88807eba32512d235bcc
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
pAd6Rw0MQ73slI5vHxoumw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85030
x-fb-rlafr
0
x-fb-debug
6muMW73a+ww7gxWsswpR49lTs43QoxbM184vX3tl9bUn/oF3huLe++w92D8/3S6s66FQSzV9olhET+Zn09WD4A==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 08 Jun 2023 02:52:01 GMT
sH2WlcFqYqu.js
static.xx.fbcdn.net/rsrc.php/v3/y6/r/ Frame DEF7 		43 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y6/r/sH2WlcFqYqu.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c044db77dade79fbe5542f231444b3988107e8378a2f0f3396bf821b87ea3d19
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
vOo0EdtA1qhHSuo6ZMNxTg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
13941
x-fb-rlafr
0
x-fb-debug
1wiaNTcCk5eSqAHqWsmcpGKGml3lB7bxcylR3wgAkmjtCR0yowvnxLb5OQ8TSE4C9lweJuUQSGvSoGYiK2yScQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 08 Jun 2023 05:26:32 GMT
d2fLL8mULMc.js
static.xx.fbcdn.net/rsrc.php/v3/ye/r/ Frame DEF7 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ye/r/d2fLL8mULMc.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8eb7856729dbbbdd64360d7ce70d675003da8851aab963941e4efeab976d49b7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
zbl3u6AjAOx96qUR2vNePg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
15598
x-fb-rlafr
0
x-fb-debug
d/ILyu1ykdWMyggwM2Fgi+aQBJwoH4amNfwIZilaCjEEQ3cZ2XgyrPVUTL+PuO8YmO5pTONHQqZedvdkFfwLLQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 09 Jun 2023 19:15:35 GMT
YsM41I_0SE-.js
static.xx.fbcdn.net/rsrc.php/v3/yj/r/ Frame DEF7 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yj/r/YsM41I_0SE-.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b52949cdd5d89e9e1c83151516f7a8f896d82c36c5596a95cffa34ccde699c1c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
86YP8VL6NkX3saGAigh+rA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6777
x-fb-rlafr
0
x-fb-debug
DN8BVWJDDZz2sIdTFaGvr+ijyV7zWGjMKFckxywcsO5+Q0lyHmptbQGe2KQ0/qjfoWAAJVi1PzXNYjDIsVZimQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 11 Jun 2023 17:08:37 GMT
LnUGDljECJa.js
static.xx.fbcdn.net/rsrc.php/v3/ys/r/ Frame DEF7 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ys/r/LnUGDljECJa.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c9c12bf825586b20d8d3a094904f30c21576cdb8f48f23b36da75a55f45efb90
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Tjtt8oo2k0RJHlUWz2KE2w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5432
x-fb-rlafr
0
x-fb-debug
pumCDJsg4E50Op7QQJDh0EOROHxaZFv5jXcl//rhUfdki8y9JcfXqrfuagzMPrAxVKaCAkhkdRtV1Fl3JMO0HQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Fri, 09 Jun 2023 17:10:48 GMT
g5AQd5Iz5os.js
static.xx.fbcdn.net/rsrc.php/v3/y9/r/ Frame DEF7 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y9/r/g5AQd5Iz5os.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
23e739a09c5e219f456d566f49e7ac215b36ae369ddc5a2dcfcb12dd817b91da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
XZPoCeog4o9vI/KMj/Vp1w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
6286
x-fb-rlafr
0
x-fb-debug
1lNOIwDlvS71TGc5XGGl/Ig58BHM8hfe4w7yKg+gdHERP85pg8AOaGeMRrm4dapqueHfXzCk7PD3n0MEQ6b/uA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 10 Jun 2023 00:49:03 GMT
QZoWFXZ-Qq_.js
static.xx.fbcdn.net/rsrc.php/v3iLl54/yi/l/en_GB/ Frame DEF7 		179 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iLl54/yi/l/en_GB/QZoWFXZ-Qq_.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
cd7bc24a08b2361d483dcfbc5a43bdc996854768269f9ff0396ca3f846eb719a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hCiFDCwlUxOisto4XxTlkQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
53239
x-fb-rlafr
0
x-fb-debug
DgTu2F4QGP3uxoHG1yA3U7cq9w4UM0h5oBnYqeTXvTfX97OyL++2J6Xd90vT3ngar93N4jF9PPQcDFB/x34tUw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 09 Jun 2023 17:22:31 GMT
GG1Y0sYc7My.js
static.xx.fbcdn.net/rsrc.php/v3/yv/r/ Frame DEF7 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yv/r/GG1Y0sYc7My.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
FvCDsjtWXbnS8g0a11kzwQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1657
x-fb-rlafr
0
x-fb-debug
lms1FZVhojKVM+xoLmY5h0uHM3JoKBP3CwIZP98Q7uM+5imIm3kaHDeQoNIvFA0PxV2aGa78d0oGEIJLQ9Gi5w==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 08 Jun 2023 02:02:43 GMT
3ay7UdnwSLD.js
static.xx.fbcdn.net/rsrc.php/v3i7244/yG/l/en_GB/ Frame DEF7 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i7244/yG/l/en_GB/3ay7UdnwSLD.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
941f1ecf42c551dd763d5ef5659b0d909b847027177639855bc27dbe4d065662
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
JIAM7MqGfksJHmP+eNtqcg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
22858
x-fb-rlafr
0
x-fb-debug
uQfiaioBBnGTdlzy2PQzKiDIcUpPSvFjww7JPfwUWk4V8DD39lKOOlO5bSTQXdxwROtjqVk7JQmSD1RI0tNQag==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Sat, 10 Jun 2023 21:44:16 GMT
XSIH0SWqDEY.js
static.xx.fbcdn.net/rsrc.php/v3/yo/r/ Frame DEF7 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yo/r/XSIH0SWqDEY.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1c8ee67c6c8104fb420447f3d36a1217e0753259119e6b0f65b11d62b40d634e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
AwtG79Bq83OcuHbXxj5SPA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
7058
x-fb-rlafr
0
x-fb-debug
670BnF2kpLlsGWVWiT4afSpIpF10LnFNGM0C6v9e7Nk2bNuQRtuSC6pu2hfL/0Iwl9kCPyvqYVW1yn2vnyrZzA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Fri, 09 Jun 2023 18:45:29 GMT
pEAACN7-k7Y.js
static.xx.fbcdn.net/rsrc.php/v3ilrZ4/yK/l/en_GB/ Frame DEF7 		245 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3ilrZ4/yK/l/en_GB/pEAACN7-k7Y.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
368a2461c53469cd62503b1d18328789dcacc73c91cf66c4b591ac9fe3b3bd03
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
E+JohUGd36Upz9KTDAnLhg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
58004
x-fb-rlafr
0
x-fb-debug
BgIyH7y+vtrM7yencBBTdltCpRghZQBhGEloNdKvw2AVOgwHQM/d9a67rzu+TG7iFqYi33OCSHg425UWnog+Qw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 08 Jun 2023 05:29:36 GMT
RojAvN2Poq8.js
static.xx.fbcdn.net/rsrc.php/v3/yL/r/ Frame DEF7 		70 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yL/r/RojAvN2Poq8.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7d880e63c31985db774019cf0f0673c7b0d6dda6ec7a20d2f8c8f33bf5227850
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
q3+dnSvqDfgXFGFxyxtB+g==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
19149
x-fb-rlafr
0
x-fb-debug
n665ZwJuZjsK12Mv4GWgT703/qAq/NYL4Ww+I7X2dsQNONAbzIoxGVzWPhCahcNcXSXEIbllqE15o8upnzJHLw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 08 Jun 2023 02:55:03 GMT
EuXn_73_8HS.js
static.xx.fbcdn.net/rsrc.php/v3iWdt4/yJ/l/en_GB/ Frame DEF7 		203 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iWdt4/yJ/l/en_GB/EuXn_73_8HS.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
bd6a24b5328c614c56e68f1b24651d1b6d2c42bec0631fca940dac479bbfa4c3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
hDHkUq/TU1aZ3tNVuuc6Jg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
54214
x-fb-rlafr
0
x-fb-debug
ZpNOCW0O+zuR4WsE3tokCq1BIifv51m2auRTd/l1nseTJcEMZYd00C66lzln5oSVc57cgqeXK/nSHy47La/xPw==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 07 Jun 2023 05:40:22 GMT
jF8emf1aqCz.js
static.xx.fbcdn.net/rsrc.php/v3iCwx4/y8/l/en_GB/ Frame DEF7 		110 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3iCwx4/y8/l/en_GB/jF8emf1aqCz.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b09f1ccac5b541c51d8d3cfaf003baba9bd0ecb1ede1444057dd41d0d43ad58a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
6iXARY8C44f76AzN3N7Hiw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
29126
x-fb-rlafr
0
x-fb-debug
FDJBVu0bZRS8RLDIsQEyMpXjWYO09rX4BmmFa1XcFoIpCGF+gYqVpS+iq4hOA9O/8MY+RZj5ag0UB8YlYve4AA==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Wed, 07 Jun 2023 21:02:13 GMT
5z65Jxz-xow.js
static.xx.fbcdn.net/rsrc.php/v3/yg/r/ Frame DEF7 		208 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yg/r/5z65Jxz-xow.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
fc78b4c3d938e87a4619af8a647e9fde47fca3f9dcc4afb8935cb0725401f639
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
s28YqSzsTo1+PUCVnLIZHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
47785
x-fb-rlafr
0
x-fb-debug
5nL86sjdZzaNuD+7Upngt5Zdt/cBK+Sqwt1RVw8MFlkSfD/CTr5qTUbNqtJZ9uqpJ1+O8io4UDzdp3mciJDwIQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
expires
Thu, 08 Jun 2023 02:07:01 GMT
XYLSCBSUyrm.js
static.xx.fbcdn.net/rsrc.php/v3/yC/r/ Frame DEF7 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yC/r/XYLSCBSUyrm.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83799217ef99e7dd2a260797d72bc087bedbd70db679ec2982f8bb33709e706f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
Z0pcrlBdmGqAtJBa8KWOuw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
5028
x-fb-rlafr
0
x-fb-debug
iHt8zMf6vdlU9hIUBVTfSHMtlRtV36k3vvNy3TsRDbubXmdbfWoKo900Q4GOCLH3nn06/nVQZY3LCrcaz2KucQ==
x-fb-trip-id
2050670934
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 08 Jun 2023 02:53:32 GMT
36570909_2091094660924577_4297442846429937664_n.png
scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-9/ Frame DEF7 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-lhr8-1.xx.fbcdn.net/v/t1.6435-9/36570909_2091094660924577_4297442846429937664_n.png?stp=dst-png_p130x130&_nc_cat=108&ccb=1-7&_nc_sid=dd9801&_nc_ohc=PykWcZ4sxV8AX_zJxWl&_nc_ht=scontent-lhr8-1.xx&edm=ADwHzz8EAAAA&oh=00_AT_S3DTOKb3Rfdaf5iM0QVzol8dG_C-7W8Q-xy2tWiGtyg&oe=62CB5555
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f058:f:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ed2079967b7d579afa74ee197566a111c379b79d90f73a5292e0284b1bfa8110

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum
2012793179
date
Sun, 12 Jun 2022 04:32:27 GMT
x-fb-trip-id
1679558926
last-modified
Tue, 03 Jul 2018 15:59:11 GMT
content-type
image/png
access-control-allow-origin
*
content-digest
adler32=674954386
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
2257624970
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
45322
13567319_1300059163361468_6878139397555449693_n.jpg
scontent-lhr8-2.xx.fbcdn.net/v/t1.18169-1/ Frame DEF7 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent-lhr8-2.xx.fbcdn.net/v/t1.18169-1/13567319_1300059163361468_6878139397555449693_n.jpg?stp=cp0_dst-jpg_p50x50&_nc_cat=104&ccb=1-7&_nc_sid=dbb9e7&_nc_ohc=o_Ip1f67aWIAX-Ytre_&_nc_ht=scontent-lhr8-2.xx&edm=ADwHzz8EAAAA&oh=00_AT-oL71bfSdsYBSv7uOd8PYIMdoKkGkMxzeZrUif5h0cGw&oe=62CB9FB7
Requested by
Host: www.facebook.com
URL: https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f058:10c:face:b00c:0:3 London, United Kingdom, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
35f0efc96c93811d2a7d7371c836715904b78b865494fab6bd7d892eb1b0de56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://www.facebook.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-haystack-needlechecksum
2714344121
date
Sun, 12 Jun 2022 04:32:27 GMT
x-fb-trip-id
1679558926
last-modified
Wed, 06 Jul 2016 10:27:13 GMT
content-type
image/jpeg
access-control-allow-origin
*
content-digest
adler32=1658080517
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
3245884124
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1224
c.html
cdn.admixer.net/scripts3/46506/ Frame 6A64 		738 B
396 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/c.html?b=46506
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache
HIT
cache-control
max-age=31622400
content-encoding
gzip
content-type
text/html
date
Sun, 12 Jun 2022 04:32:26 GMT
etag
W/"62824272-2e2"
expires
Wed, 17 May 2023 12:25:26 GMT
last-modified
Mon, 16 May 2022 12:24:18 GMT
server
nginx
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:26+00:00
x-id
fr5-up-gc34
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		163 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3755662197386269
Requested by
Host: z.cdn.umh.ua
URL: https://z.cdn.umh.ua/load?z=1542284465&div=zone_1542284465&cw=1600&ch=1200&sr=1600x1200&df=1&bh=2&tl=860&pl=3&mi=4&me=8&hc=4&n=1655008346459&url=dengi.ua%2F&vc=Intel%20Iris%20OpenGL%20Engine&ti=%D0%94%D0%B5%D0%BD%D1%8C%D0%B3%D0%B8%3A%20%D0%9A%D1%83%D1%80%D1%81%D1%8B%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD%D0%B0%20%D0%BD%D0%B0%D0%BB%D0%B8%D1%87%D0%BD%D1%8B%D1%85%20%D0%B2%D0%B0%D0%BB%D1%8E%D1%82%2C%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82%2C%20%D0%B2%D0%BA%D0%BB%D0%B0%D0%B4%2C%20%D0%BA%D1%80%D0%B5%D0%B4%D0%B8%D1%82%20%7C%20dengi.ua&zyx=5057390
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e44326c286ef32df56cea8c85a13af6188c7412a5df61e3362e5d13879af45f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56301
x-xss-protection
0
server
cafe
etag
12457124589334289998
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 12 Jun 2022 04:32:26 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11903997-1&cid=799306086.1655008346&jid=482575332&_u=YEBAAUAAAAAAAC~&z=943532058
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.co.uk/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-11903997-1&cid=799306086.1655008346&jid=482575332&_u=YEBAAUAAAAAAAC~&z=943532058
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
c.bigmir.net/ 		124 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bigmir.net/?o1&v1630&s23&t6&c1&n490990&w0&y0&d24&r1600
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.239.68.97 , Ukraine, ASN39468 (BIGMIR-INTERNET-AS, UA),
Reverse DNS
c.bigmir.net
Software
nginx /
Resource Hash
b73900ea2fb9b750544387e38add0288419f409b72b13493a4f0b1f8023838fc

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:26 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/x-javascript; charset=windows-1251
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Expires
0
1
go.rcvlink.com/cs/1/ Frame 7947 		34 B
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/cs/1/1
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
fdc446c15558e671571a26396c92f03bac7a21e8d49b0f37beafa52d9d3a6767

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
hn
b24
cache-control
private, max-age=315360000
expires
Wed, 09 Jun 2032 07:32:26 +0300
cookie.js
partner.googleadservices.com/gampad/ 		212 B
638 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=dengi.ua&callback=_gfp_s_&client=ca-pub-3755662197386269
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
e57b9f97ceb4368f7b2a4193e239d87984fa99da9d6cee4eabe2259091b2bfb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
193
x-xss-protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=dengi.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dengi.ua
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7894 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&adk=1812271804&adf=3025194257&lmt=1655008346&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fdengi.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346555&bpp=3&bdt=484&idt=264&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=828244554574&frm=20&pv=2&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=280
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:26 GMT
expires
Sun, 12 Jun 2022 04:32:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BD05 		75 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03ffc29a68e1c4207ab272ec060bad389531d61570b818225b5d3b3c11eb93eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
29952
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:27 GMT
expires
Sun, 12 Jun 2022 04:32:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dengi.ua.1296110.es6.js
jsc.idealmedia.io/d/e/ 		249 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3a7a12965f8992407c9c9062d75f838e53ab899f3948dc3bbbf04d0688d4996

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
x-amz-request-id
Q9TSVH2TVB6PKQY4
cf-ray
719fdcd7eb5175bf-LHR
content-length
77295
x-amz-id-2
pbvsaPqMseQ8wTTuauDmj9NrEJ1jnxMDZNHweLwGmy8aNMfdWSNcYZd8mk/Z1n0S8dklVq6IMbA=
last-modified
Wed, 08 Jun 2022 10:40:54 GMT
server
cloudflare
etag
"8da4d6c22d0b3e6f37b006db7d4fd91e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-version-id
cgPHDopeVOGX7TBKkvaDhkYuZTH1uevK
cache-control
public, max-age=10800
accept-ranges
bytes
content-type
text/javascript
expires
Sun, 12 Jun 2022 07:32:26 GMT
impress
ad.mox.tv/delivery/ 		18 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/delivery/impress?ctype=div&pzoneid=1557&height=300&width=400&tld=dengi.ua&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=dengi.ua&top_url=https%3A%2F%2Fdengi.ua%2F&domain=dengi.ua&url=https%3A%2F%2Fdengi.ua%2F&referrer=&async=1&uid=1782095045
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
dec8ea19893b373b23080fa544d141695707332cffa296f85ea827435bbeaeed

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
https://dengi.ua
date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
ads
googleads.g.doubleclick.net/pagead/ Frame 169B 		108 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202206070101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3755662197386269&plah=dengi.ua
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2e3ea9e61dec4d6189aa75f3573d460bd3f21678d0aa7f0fdfce1f480b2a9af7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
35269
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:27 GMT
expires
Sun, 12 Jun 2022 04:32:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
iframe.htm
go.rcvlink.com/static/ Frame 6C1D 		17 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/static/iframe.htm
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/main.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
e3b5d759ff9d75be634664fc1ae80f63318195ad6e7e40c0df9fd9e3e0ba43be

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 12 Jun 2022 04:32:26 GMT
etag
W/"623db510-4430"
expires
Mon, 13 Jun 2022 04:32:26 GMT
last-modified
Fri, 25 Mar 2022 12:26:56 GMT
server
nginx
rexdot.js
gaua.hit.gemius.pl/__/_1655008346881/
Redirect Chain
  • https://gaua.hit.gemius.pl/_1655008346881/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F...
  • https://gaua.hit.gemius.pl/__/_1655008346881/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua...
169 B
426 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gaua.hit.gemius.pl/__/_1655008346881/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=8Fnbr0UUvtEKI1Hurj9qHjMs4xwWNiKH6I6JjTIo32b.L75v0jqnPEftU8YoztSBtahvIZ.9b.ZtiIIxolzTWx5SlhKC/lFP7W_A5KPaUJ/&ltime=241&fpdata=fl4l_XPAYNuNu9sqQvCG8YipSYWjAV2i08AR4aJf5mb.t7&fpcap=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Server
54.37.238.28 , France, ASN16276 (OVH, FR),
Reverse DNS
ip28.ip-54-37-238.eu
Software
GHC /
Resource Hash
37482bf53f20a4a3b4a0205db37705d268a94e442e5ea79429c4f5f8fa2a608a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-type
application/x-javascript
content-length
169
expires
Sat, 11 Jun 2022 04:32:26 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:26 GMT
server
GHC
p3p
CP="NOI DSP COR NID PSAo OUR IND"
location
/__/_1655008346881/rexdot.js?l=100&id=ogU1Lv_Zub5CzFop9RZL9rQXPw1WvC82bOz8HMp4PLD.E7&et=view&hsrc=1&initsonar=1&extra=&eventid=0&fr=1&tz=0&fv=-&href=https%3A%2F%2Fdengi.ua%2F&ref=&screen=1600x1200r1000&col=24&window=1600x1200&vis=1&lsdata=8Fnbr0UUvtEKI1Hurj9qHjMs4xwWNiKH6I6JjTIo32b.L75v0jqnPEftU8YoztSBtahvIZ.9b.ZtiIIxolzTWx5SlhKC/lFP7W_A5KPaUJ/&ltime=241&fpdata=fl4l_XPAYNuNu9sqQvCG8YipSYWjAV2i08AR4aJf5mb.t7&fpcap=
cache-control
no-store, no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
accept-ranges
none
content-length
0
expires
Sat, 11 Jun 2022 04:32:26 GMT
s
r.i.ua/ 		43 B
506 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.i.ua/s?u11&p0&n0.5852690571045625&c1&d24&w1600&h1200&rdengi.ua/
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.2.81 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cache-control
no-cache, must-revalidate
cf-ray
719fdcd878bd889d-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
0
z
s.zmctrack.net/ Frame 41A5 		50 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
5bfa84358f99c44e11d55d795bf0556e94b380d92e23f5a437629803905060da

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
X-Location, X-Meta-Status, X-Set-Cookie, X-Cookie, X-Check
cache-control
no-cache, no-store
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
23334
expires
Thu, 01 Jan 1970 00:00:01 GMT
s
h.holder.com.ua/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&bholder_300x100_4379&c1&r99046556&dholder1390205423&hhttps%3A//dengi.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 04:32:27 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
0
s
h.holder.com.ua/ 		0
126 B 		Script
General
Check archive.org
Download Go to
Full URL
https://h.holder.com.ua/s?ta&b7275&c1&r99046556&dholder1294580464&hhttps%3A//dengi.ua/
Requested by
Host: i.holder.com.ua
URL: https://i.holder.com.ua/t/holder.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
91.198.36.35 , Ukraine, ASN43405 (DIGITAL-VENTURES, UA),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 04:32:27 GMT
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=5
index
dengi.ua/click/content/show/ 		364 B
497 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/content/show/index?content_alias=currency_calc_data&cid=15&site=dengi&aid=1691282&template=right-currency&produced_url=%2F&send_options=&0.15035332072878993&_=1655008346357
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
333995b70417ec38d16685c96ec46940268e94bb541e8db03df756472c4e800c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dengi.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
add-view
dengi.ua/click/articles/stat/ 		39 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/articles/stat/add-view?cid=15&site=dengi&aid=1691282&0.6475984516121778
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
09f5778d15738612633f19a1adc6170deecbee0888bc00d0983d9dbf015a6f20

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dengi.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://dengi.ua
access-control-allow-credentials
true
access-control-allow-headers
*
index
dengi.ua/click/content/show/ 		130 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/content/show/index?content_alias=onready_user_auth_templates&cid=15&site=dengi&aid=1691282&template=header-login-button&produced_url=%2F&send_options=&0.36446689021522216&_=1655008346358
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
dc7af645ced73024fc89f84cbb8c72a3eacd05a5daaa50c2b64f9091d5cdf18b

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dengi.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
index
dengi.ua/click/content/show/ 		1 KB
766 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dengi.ua/click/content/show/index?content_alias=onready_user_auth_templates&cid=15&site=dengi&aid=1691282&template=modal-login&produced_url=%2F&send_options=&0.8823976634887227&_=1655008346359
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
53f04d9ce71520a466e682e4331b8e3f0e35fcb4e545d8c3c2d6c271515d4fd2

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://dengi.ua/
X-Requested-With
XMLHttpRequest
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:54 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx
access-control-allow-headers
*
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json; charset=UTF-8
dsp.aspx
inv-nets.admixer.net/ 		222 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/dsp.aspx?sender=admixer&rct=4&v=2.0&rnd=5096794954906219&cpv=91b4d066-255e-906d-3937-a11b0efa3025&responseType=default&uids=%7B%7D&fpd=%7B%7D&kvTargeting=%7B%7D&data=%7B%22id%22%3A%22098eaa4f-a208-be7c-e06d-8e977f82bc7b%22%2C%22site%22%3A%7B%22page%22%3A%22https%253A%252F%252Fdengi.ua%252F%22%2C%22ref%22%3A%22%22%2C%22sf%22%3A0%7D%2C%22device%22%3A%7B%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36%22%2C%22sr%22%3A%221600x1200%22%7D%2C%22labels%22%3A%7B%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22381e494f-c9bc-fb1c-dcea-e05a20d9bc6b%22%2C%22tagid%22%3A%22b1a45f41-c850-4c1a-99ab-f9f20ac940a8%22%2C%22ext%22%3A%7B%22ph%22%3A%22admixer2046209506%22%2C%22pos%22%3A1%2C%22inView%22%3A1%7D%2C%22sender%22%3A%22admixer%22%2C%22responseType%22%3Anull%7D%5D%2C%22allimps%22%3A1%7D&am-uid=null&3rdEnabled=true&3rd=true
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
856795643b973b1d7e95c37aed1ade368b7460d01ec634cb5b0822949df8b01e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 04:32:27 GMT
Content-Encoding
gzip
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
202
X-Xss-Protection
0
swiper-bundle.min.css
unpkg.com/swiper@7.3.0/ 		15 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
17779665
fly-request-id
01FMS6Y6SGEK1GR9A28ED5H9NJ
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"3ccb-bbg35pXUy1EXOpXHxlwOip0M+cE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
719fdcd8fbc97413-LHR
achernar.min.js
ad.mox.tv/js/achernar/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/achernar.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Mon, 21 Feb 2022 14:47:09 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6213a5ed-2b1e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 12 Jun 2022 05:32:26 GMT
prebid.js
ad.mox.tv/js/achernar/ 		237 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/js/achernar/prebid.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Fri, 22 Apr 2022 10:13:13 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"62627fb9-3b3ea"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Sun, 12 Jun 2022 05:32:26 GMT
gpt.js
www.googletagservices.com/tag/js/ 		81 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5edbb8dcaa1f00e81f3bf02059f7156d1c670a8d488e119c2a4842f4734b1734
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28074
x-xss-protection
0
server
sffe
etag
"1242 / 446 of 1000 / last-modified: 1654898807"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 12 Jun 2022 04:32:27 GMT
swiper-bundle.min.js
unpkg.com/swiper@7.3.0/ 		132 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/swiper@7.3.0/swiper-bundle.min.js
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
age
17779806
fly-request-id
01FMS6SWHNFZK5N5XF14ZSEYYP
content-encoding
br
vary
Accept-Encoding
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
server
cloudflare
etag
W/"211c1-rxAEOIj0DtL1iihSDpsruCFXSHs"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
719fdcd8fbca7413-LHR
mwayss_invocation.min.css
ad.mox.tv/mox/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.mox.tv/mox/mwayss_invocation.min.css
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:26 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-a0a"
vary
Accept-Encoding
content-type
text/css
p-gsmZhdaUra0N6.gif
pixel.quantserve.com/pixel/ 		35 B
373 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-gsmZhdaUra0N6.gif
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
magic.png
bgstats.mox.tv/ 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bgstats.mox.tv/magic.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
167.71.9.19 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
0
content-type
image/png
sync
ad.outstream.today/delivery/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=f13a082a-a43e-43a5-98a6-55ed0aa2404e&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=f13a082a-a43e-43a5-98a6-55ed0aa2404e&gdpr=0&gdpr_consent=
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
  • https://x.bidswitch.net/sync?dsp_id=429&user_id=dafbd3a2-4f3b-52a3-99ba-b5f4fb1fd9af&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
  • https://ad.mox.tv/delivery/sync?userid=42a92204-a714-4ba1-b0d5-b915bd5a9f04
  • https://ad.mediawayss.com/delivery/sync?userid=42a92204-a714-4ba1-b0d5-b915bd5a9f04&inner_redirect=1&inner_uuid=f13a082a-a43e-43a5-98a6-55ed0aa2404e&redirect_host_list=YWQub3V0c3RyZWFtLnRvZGF5LGFkL...
  • https://ad.outstream.today/delivery/sync?userid=42a92204-a714-4ba1-b0d5-b915bd5a9f04&inner_redirect=1&inner_uuid=f13a082a-a43e-43a5-98a6-55ed0aa2404e&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFt...
0
0
/
go.rcvlink.com/bdto/9ASamGVc3b/ Frame 6C1D 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go.rcvlink.com/bdto/9ASamGVc3b/?cache=tp3b6dLavWv92Bo&ver=220325-1426&w=320&h=0&vw=1600&ms=439.0&ref=https%3A%2F%2Fdengi.ua%2F
Requested by
Host: go.rcvlink.com
URL: https://go.rcvlink.com/static/iframe.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
172f66a0708a6906c02fcd59a990a9643746a3fe2e73a9c57df89591a39bfa9c

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
last-modified
Sun, 12 Jun 2022 04:32:26 GMT
server
nginx
p3p
CP="CAO DSP COR LAW CURa ADMa DEVa PSAa PSDa OUR DELa BUS IND PHY ONL UNI PUR COM NAV INT STA",policyref="/w3c/p3p.xml"
access-control-allow-origin
*
hn
b18
cache-control
no-cache, no-store, no-transform, must-revalidate
content-type
application/json
expires
Sun, 12 Jun 2022 07:32:26 +0300
SQZZiMWhOLh.png
static.xx.fbcdn.net/rsrc.php/v3/yH/r/ Frame DEF7 		767 B
822 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yH/r/SQZZiMWhOLh.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/RwXN2PoG7Ii.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/RwXN2PoG7Ii.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
x-content-type-options
nosniff
content-md5
7Ob9foDk+QbAEt4lrnDs0w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
767
x-fb-rlafr
0
x-fb-debug
NQbJSvpE0V24yJMbiRUyTmzxLGv8Zyiv/PBV0L7/EJIxXc3XWuQ2OPA5JiI3jY8dLXZQobZ7GIH0YEjtMEQRDA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Wed, 07 Jun 2023 23:19:25 GMT
/
www.facebook.com/platform/plugin/tab/renderer/ Frame DEF7 		0
0
/
www.facebook.com/platform/plugin/page/logging/ Frame DEF7 		971 B
587 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/platform/plugin/page/logging/
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yG/l/en_GB/3ay7UdnwSLD.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ad7bd9459f51c23d6e7fcb980f8b5d858d7f8a9f806ff7d53e3004a33ae137fb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
440mf5YDpowq2bYcF3XZ8P
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
ulJ4FNxzIDuSkf/soAkyS8hJpiP6rIRCzO5FmKyGxqJ7jw8dDMpE9mpJvehMECEGmv2QVgKp0PK3g9htAEyOPw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 12 Jun 2022 04:32:27 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/pages/call_to_action/fetch_dialog_data/ Frame DEF7 		971 B
589 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/pages/call_to_action/fetch_dialog_data/?id=1221258677908184&surface=pagePlugin&unit_type=VIEWER
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3i7244/yG/l/en_GB/3ay7UdnwSLD.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
31f7622533f4575eccab5d8e11b6455a4e2382381569b46be4932a5b1a300356
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

X-FB-LSD
440mf5YDpowq2bYcF3XZ8P
Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

strict-transport-security
max-age=15552000; preload
content-encoding
br
x-content-type-options
nosniff
document-policy
force-load-at-top
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
cross-origin-resource-policy
same-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
oxuYqWZxLNTmK6nTJ43PiYcMJxUvLjB1R5FTkklZhEH8ez0YN76yzghr15GLYQtDFktgmEII0XTBD61CF8YM7w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 12 Jun 2022 04:32:27 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
LvxWU8GROx1.png
static.xx.fbcdn.net/rsrc.php/v3/yk/r/ Frame DEF7 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yk/r/LvxWU8GROx1.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
daf10bd3b413af46baf9f5ae42fa60e9d95f04ead18b0bc75f2973395ccd5035
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y-/l/0,cross/2Wrb3kFIcuy.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
x-content-type-options
nosniff
content-md5
ZWDikb3Ir0bcCPo+/+lPHw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
29133
x-fb-rlafr
0
x-fb-debug
i/En0RrauTZ1pecG5spXp07M409sSJCjQuVsYddCYmENgzJqTqYWe3SpvqeWkzo0mIvaz/veeQJJQkN2458QWQ==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 08 Jun 2023 05:27:11 GMT
onuUJj0tCqE.png
static.xx.fbcdn.net/rsrc.php/v3/y2/r/ Frame DEF7 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y2/r/onuUJj0tCqE.png
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/RwXN2PoG7Ii.css?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://static.xx.fbcdn.net/rsrc.php/v3/y5/l/0,cross/RwXN2PoG7Ii.css?_nc_x=Ij3Wp8lg5Kz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
x-content-type-options
nosniff
content-md5
OK0dmVpVmdoMRpKMP9eDcg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
3944
x-fb-rlafr
0
x-fb-debug
8liApBLIv85Y7MTYDSWBD0AtzpXRjwSBEmFBwscUQhYDX+b+8Y/CaTVjBGSWbOU1GAayNybZQP0E6TY666Gf7Q==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 08 Jun 2023 02:39:30 GMT
4fa0a4b4b34a13abefc36d1dc8305ceb
st11.rcvlink.com/2/304/ Frame 6C1D 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://st11.rcvlink.com/2/304/4fa0a4b4b34a13abefc36d1dc8305ceb
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
last-modified
Fri, 03 Jun 2022 09:50:28 GMT
server
nginx
etag
"6299d964-1bf89"
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
16508
expires
Sat, 10 Sep 2022 04:32:27 GMT
KwlODotAzX7.js
static.xx.fbcdn.net/rsrc.php/v3/y-/r/ Frame DEF7 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/y-/r/KwlODotAzX7.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C0teK_h3UC4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0dee9ee1e3fadddcff22c8ad6285cc143ec22265d77ddf21af873cfe2f0a8284
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
EVbi9Beq59LBSIWktHsS7Q==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
4768
x-fb-rlafr
0
x-fb-debug
fwXBUpioqQUOllpAryNh9y1ukT/gK4wbY/9OZ1OV+5g7bbd/VsL82r7trAWeLAuSdotlti6hqJ9gApwuXu4r9A==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sun, 11 Jun 2023 17:08:38 GMT
E_Q2o8Yrzmp.js
static.xx.fbcdn.net/rsrc.php/v3/yw/r/ Frame DEF7 		356 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yw/r/E_Q2o8Yrzmp.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C0teK_h3UC4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
de8ce29198b569ea76e3b8387be1097823b082f4287ef11c4fe6a41e004ea062
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
mq5Gj0bmxCIEnlydakmqQA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
77189
x-fb-rlafr
0
x-fb-debug
cvvE32Gy6Ahm+wHP5cj9TwqKeNeWi9XNiLwcZnq7cjQGmyO6bnWGRr2+WBkuYJ2EmnxO2G02P+p00kwyXe6GuA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sat, 10 Jun 2023 17:40:36 GMT
XBLnClJ8ggF.js
static.xx.fbcdn.net/rsrc.php/v3/yK/r/ Frame DEF7 		51 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/yK/r/XBLnClJ8ggF.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C0teK_h3UC4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
a26edf2c20a8992eecf0ac4132c7cfd9870ffa9c03c06a31ec2582cf4507a794
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
sA/91JSDQNeR5ewHOFsLpA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
12823
x-fb-rlafr
0
x-fb-debug
SqQr9xeCaBDTk4T8YcQQnurywGPyWJxtnqa8cHuSc/6Ftwyzl4tX5+agwbp3i4U6ok+o5tWSZap4oyhc3Xd+Qw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Thu, 08 Jun 2023 07:32:11 GMT
gX8nd8zS0lX.js
static.xx.fbcdn.net/rsrc.php/v3i1MJ4/yt/l/en_GB/ Frame DEF7 		1007 B
510 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3i1MJ4/yt/l/en_GB/gX8nd8zS0lX.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C0teK_h3UC4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
340f96ed644a3582903f60243f227986c8983b63d1188addad8b85a8a430f8a7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
e1RYMjzTTH678u2yldo5Wg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
453
x-fb-rlafr
0
x-fb-debug
kvbDRTiMlyre7+ssEp1gw8UTPvY6rGZX6qp3TCNmmG6LvCg3pXdsy2U8wAoJBg4LKQ90PtxuoK/29CQmmeUzKA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=1
expires
Sun, 11 Jun 2023 17:24:09 GMT
gt.svg
go.rcvlink.com/img/ Frame 6C1D 		219 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/gt.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
56d1f1f3e5b1add4f774ea6c58dbb722abd040454ccc1cc1ce38e9fe98e9021d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
last-modified
Tue, 22 Jan 2019 19:51:29 GMT
server
nginx
etag
"5c477441-db"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
219
expires
Sun, 19 Jun 2022 04:32:27 GMT
logo160.png
go.rcvlink.com/img/ Frame 6C1D 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.rcvlink.com/img/logo160.png
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
136.243.84.74 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.74.84.243.136.clients.your-server.de
Software
nginx /
Resource Hash
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://go.rcvlink.com/static/iframe.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
last-modified
Mon, 21 Jan 2019 15:07:51 GMT
server
nginx
etag
"5c45e047-1869"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
6249
expires
Sun, 19 Jun 2022 04:32:27 GMT
3a4730db-3d1e-4223-97d0-9a37a635d816
https://dengi.ua/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dengi.ua/3a4730db-3d1e-4223-97d0-9a37a635d816
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
0
Content-Type
text/javascript
5d3b95fb-b56e-4128-8173-aa254f5cbc4c
https://dengi.ua/ 		245 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://dengi.ua/5d3b95fb-b56e-4128-8173-aa254f5cbc4c
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Length
245
Content-Type
text/javascript
e1eee23f36481a69453f.b.js
cdn.admixer.net/scripts3/46506/ 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/e1eee23f36481a69453f.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:20 GMT
server
nginx
etag
W/"62824274-702f"
vary
Accept-Encoding
x-cached-since
2022-05-31T07:56:04+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Thu, 01 Jun 2023 07:56:04 GMT
fdabe098f34289659a17.b.js
cdn.admixer.net/scripts3/46506/ 		42 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/fdabe098f34289659a17.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:21 GMT
server
nginx
etag
W/"62824275-a793"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
84011c43c3075e543c6d.b.js
cdn.admixer.net/scripts3/46506/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/84011c43c3075e543c6d.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:13 GMT
server
nginx
etag
W/"6282426d-326c"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
7103cce7fa6705169441.b.js
cdn.admixer.net/scripts3/46506/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/7103cce7fa6705169441.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:12 GMT
server
nginx
etag
W/"6282426c-2a79"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
5927ef40e4a80e0040be.b.js
cdn.admixer.net/scripts3/46506/ 		215 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.admixer.net/scripts3/46506/5927ef40e4a80e0040be.b.js
Requested by
Host: cdn.admixer.net
URL: https://cdn.admixer.net/scripts3/loader2.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software
nginx /
Resource Hash
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-id
fr5-up-gc34
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
last-modified
Mon, 16 May 2022 12:24:11 GMT
server
nginx
etag
W/"6282426b-35ac7"
vary
Accept-Encoding
x-cached-since
2022-05-16T12:25:27+00:00
content-type
application/javascript
cache-control
max-age=31622400
cache
HIT
expires
Wed, 17 May 2023 12:25:27 GMT
pubads_impl_2022060701.js
securepubads.g.doubleclick.net/gpt/ 		368 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
sffe /
Resource Hash
72ec618723da6d0be7eeda72a1842f3b6925229960b5b31aa54f38b10041dda7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 20:51:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
27682
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127778
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 08:35:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 11 Jun 2023 20:51:05 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		453 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=dengi.ua
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
9dc5eaf0ee09be94e860c4a570dbaf10aee89bd0c7480b59037f21aac62c1aee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
184
x-xss-protection
0
expires
Sun, 12 Jun 2022 04:32:27 GMT
OZcLupMIkEN.js
static.xx.fbcdn.net/rsrc.php/v3/ya/r/ Frame DEF7 		279 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/v3/ya/r/OZcLupMIkEN.js?_nc_x=Ij3Wp8lg5Kz
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C0teK_h3UC4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.facebook.com/
Origin
https://www.facebook.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
content-md5
QusOzUJEj2HVYgmawONobw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
189
x-fb-rlafr
0
x-fb-debug
3/BhmFjZw2IN08wkM0Dav359e2s/dKq+kZsbApF5tEamaeHZOiAm05hcWJqk22SVzdraq3kKxigfZfHsLZRAKw==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
vary
Origin
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://www.facebook.com
cache-control
public,max-age=31536000,immutable
timing-allow-origin
*
priority
u=3,i
expires
Thu, 08 Jun 2023 02:40:35 GMT
/
loadercdn.net/ 		0
169 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadercdn.net/?r=1&u=e8b5e0261d0248c1&d=dengi.ua
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Jun 2022 04:32:27 GMT
server
openresty
16447801168426566045
tpc.googlesyndication.com/simgad/ Frame BD05 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16447801168426566045?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmvHyhsAVF-_Lo2Hc2pnWoONS--wQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02941d91e3f073e57f92b5dfe77e775bdb9ed4e758f8b6a5d065872f3e0290a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 12:14:17 GMT
x-content-type-options
nosniff
age
58690
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
22303
x-xss-protection
0
last-modified
Tue, 12 Apr 2022 12:58:14 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Jun 2023 12:14:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame BD05 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4385ce68ba65a6c2764beb260a537b22f9e9757433721b4ae06bbab7a3cb4809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8668
x-xss-protection
0
server
cafe
etag
13623652577628218544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:30:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame BD05 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 03:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 03:50:50 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BD05 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 04:32:27 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame BD05 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:31:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BD05 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CtabSWmylYuipOtOEtweqjo3wCbmS9sVqkMDJrc8PrIeqiIMwEAEgxuCLeWC7BqAB6fSLvwPIAQKpAsMM_VteqbQ-qAMByAPJBKoEvwFP0BDv1FvF56vIT7w7rh8NNVQU2-GgS1MrbLdwLUhkMUb8aI24jtYhg3Tlo9PkTajbyIKp4NPEdARSRZHi31KLDjNjfp6q94X2GS3KCCXHR8q2KQmj8ZXGVvsxGWNTR4KvkCdkMXFAl-OsFUZ2Vmva3ffOt61esx1Vqu-3FYV5ZrEg9OfXffVs5gigUrdbsylJQmA2ZIDaeBjWbo5vY9CFBVWKp2HymE5u7MUr6C9N-qtasdIXrclOvev8eWISQsAEraPr7_cDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB-WA2j-oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDqwEvSCAkIgOGAcBABGB-ACgHICwHYEwrQFQGAFwGyFxwKGggAEhRwdWItMzc1NTY2MjE5NzM4NjI2ORgA&sigh=zyxl_vONVdI&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 12 Jun 2022 04:32:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sun, 12 Jun 2022 04:32:27 GMT
one_click_handler_one_afma_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame BD05 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/one_click_handler_one_afma_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d5ca564f18e0916139730d4e6050f8033f978ba7e8b73d895b5551a4b185d77
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20879
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12974
x-xss-protection
0
server
cafe
etag
2342341684586369591
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Jun 2022 22:44:28 GMT
fa287546e1d5bd0678894d5c227e456c.js
www.gstatic.com/mysidia/ Frame 169B 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 00:38:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
273216
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4351
x-xss-protection
0
last-modified
Tue, 31 May 2022 21:35:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 00:38:51 GMT
327a2f53e8b7ae59adc1a35b4c015d49.js
www.gstatic.com/mysidia/ Frame 169B 		134 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2966fd929f6ef5ac5b30eb42f2eff08724c7f2a0b7a653dea0aa0d6995d6ab85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 01:43:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
269324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50844
x-xss-protection
0
last-modified
Tue, 31 May 2022 21:35:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 01:43:43 GMT
css
fonts.googleapis.com/ Frame 169B 		8 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 12 Jun 2022 03:30:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 12 Jun 2022 04:32:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 12 Jun 2022 04:32:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 169B 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:29:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
186
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:29:21 GMT
/
www.facebook.com/login/ Frame DEF7 		0
0
/
www.facebook.com/login/ Frame DEF7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FDengiUA%252F%26tabs%3Dtimeline%26width%3D320%26height%3D600%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D212599602674838
Requested by
Host: static.xx.fbcdn.net
URL: https://static.xx.fbcdn.net/rsrc.php/v3/yM/r/C0teK_h3UC4.js?_nc_x=Ij3Wp8lg5Kz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.facebook.com/plugins/page.php?href=https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F&tabs=timeline&width=320&height=600&small_header=false&adapt_container_width=true&hide_cover=false&show_facepile=true&appId=212599602674838
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
private, no-cache, no-store, must-revalidate
content-encoding
br
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type
text/html; charset="utf-8"
cross-origin-opener-policy
unsafe-none
date
Sun, 12 Jun 2022 04:32:27 GMT
document-policy
force-load-at-top
expires
Sat, 01 Jan 2000 00:00:00 GMT
pragma
no-cache
priority
u=0
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
strict-transport-security
max-age=15552000; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-fb-debug
/cYtzliC2YpGpL1cOmZOSizT3XcTG7ZN5ghFxC0bVsNena8ytXTDzt6EL7UXcpJaSNKhzaMzIlx9lp8fiuUbsQ==
x-fb-rlafr
0
x-frame-options
DENY
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame 169B 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4385ce68ba65a6c2764beb260a537b22f9e9757433721b4ae06bbab7a3cb4809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:30:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
93
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8668
x-xss-protection
0
server
cafe
etag
13623652577628218544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:30:54 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 169B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 03:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2497
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 03:50:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 169B 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:31:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 169B 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 04:32:27 GMT
1a132ce94651f9fd8f1d4e10540034d5.js
www.gstatic.com/mysidia/ Frame 169B 		31 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 06:33:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
251965
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13011
x-xss-protection
0
last-modified
Tue, 31 May 2022 21:35:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 06:33:02 GMT
/
c.idealmedia.io/pv/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.idealmedia.io/pv/?pv=5&cbuster=1655008347297246347681&uniqId=02e43&childs=1296171&lct=1654646400&niet=4g&nisd=false&jsv=es6&ref=&cxurl=https%3A%2F%2Fdengi.ua%2F&lu=https%3A%2F%2Fdengi.ua%2F&sessionId=62a56c5b-076f2&pageView=1&pvid=181562f44a289a94d68&site=466734&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
719fdcdacd8575bf-LHR
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
0351d6ce-7aa5-4a82-8b7b-3f5cc9682fcc
https://dengi.ua/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://dengi.ua/0351d6ce-7aa5-4a82-8b7b-3f5cc9682fcc
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
im_logo_mini_43x20.svg
cdn.idealmedia.io/images/ 		1 KB
917 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.idealmedia.io/images/im_logo_mini_43x20.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
cf-cache-status
HIT
age
1504
x-amz-request-id
H95AGEJZP07YHGXH
x-amz-id-2
69Wj+QeZLzi0sADAhkLr9P83sNaeZTlIKYpKFMQwBSXIFaOIJs2+iwr+BtGdmS8EM3lu+sh1FBI=
last-modified
Mon, 04 May 2020 12:16:51 GMT
server
cloudflare
etag
W/"ff394e3a03921d25c2f03e03046bf506"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public, max-age=14400
x-amz-version-id
null
cf-ray
719fdcdadda075bf-LHR
expires
Sun, 12 Jun 2022 08:32:27 GMT
1
servicer.idealmedia.io/1296110/ 		1021 B
784 B 		Script
General
Check archive.org
Download Go to
Full URL
https://servicer.idealmedia.io/1296110/1?pv=5&cbuster=1655008347389256875581&uniqId=02e43&childs=1296171&lct=1654646400&niet=4g&nisd=false&jsv=es6&mp4=1&ap=1&w=320&h=250&cols=1&ref=&cxurl=https%3A%2F%2Fdengi.ua%2F&lu=https%3A%2F%2Fdengi.ua%2F&sessionId=62a56c5b-076f2&pageView=1&pvid=181562f44a289a94d68&implVersion=11&dpr=1
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ec771a9ca62a8731ad8253fa47d45cbbea257100700a3d28ef69b0690b0c997

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cf-ray
719fdcdb5dfa75bf-LHR
rda_video_bg_pattern.png
googleads.g.doubleclick.net/pagead/images/ Frame 169B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/images/rda_video_bg_pattern.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 18:13:44 GMT
x-content-type-options
nosniff
server
cafe
age
37123
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
etag
9923804599063086578
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2033
x-xss-protection
0
expires
Sun, 12 Jun 2022 18:13:44 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/10704138643107670701/ Frame 169B 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10704138643107670701/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7c468ebd599fb308718ce261b9a872bfe691a7abe0a057f04224516da96b070
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 13:50:09 GMT
x-content-type-options
nosniff
age
484938
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1601
x-xss-protection
0
last-modified
Wed, 02 Feb 2022 17:13:11 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 06 Jun 2023 13:50:09 GMT
truncated
/ Frame 169B 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
prebid.1.2.aspx
inv-nets.admixer.net/ 		42 B
498 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/prebid.1.2.aspx
Requested by
Host: ad.mox.tv
URL: https://ad.mox.tv/js/achernar/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 12 Jun 2022 04:32:27 GMT
Server
nginx
P3p
CP="NID DSP ALL COR"
Access-Control-Allow-Origin
https://dengi.ua
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/javascript; charset=utf-8
Keep-Alive
timeout=25
Content-Length
42
X-Xss-Protection
0
integrator.js
adservice.google.co.uk/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.co.uk/adsid/integrator.js?domain=dengi.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=dengi.ua
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1136083849959437&correlator=297434000909941&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022060701&ptt=17&impl=fifs&iu_parts=21679382043%3A22434891267%2Cmt_banners%2Cmt_umh_dengi.ua_s_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=4&adks=2108943474&sfv=1-0-38&ecs=20220612&fsapi=false&prev_scp=mt_fln%3D0.8&sc=1&cookie=ID%3D6a3ca5a42aeef7ad-22f8dddaaecd0088%3AT%3D1655008346%3ART%3D1655008346%3AS%3DALNI_MaFSdcxnA4xzvIpJ8qHNcwN_ZfaeQ&abxe=1&dt=1655008347501&lmt=1655008347&dlt=1655008346071&idt=1379&biw=1600&bih=1200&adxs=1050&adys=1208&ucis=1&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdengi.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=true&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
49e9e192ab60c9a1e688bfab9b66da3a48f84d5d7bee9341e5e4055abe9d51fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9700
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		106 KB
37 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1136083849959437&correlator=297434000909941&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022060701&ptt=17&impl=fifs&iu_parts=21986089839%3A22434891267%2Civm_display%2Civm_dengi.ua_s_ww_300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=5&adks=2664418738&sfv=1-0-38&ecs=20220612&fsapi=false&prev_scp=mt_fln%3D0.3&sc=1&cookie=ID%3D6a3ca5a42aeef7ad-22f8dddaaecd0088%3AT%3D1655008346%3ART%3D1655008346%3AS%3DALNI_MaFSdcxnA4xzvIpJ8qHNcwN_ZfaeQ&abxe=1&dt=1655008347507&lmt=1655008347&dlt=1655008346071&idt=1379&biw=1600&bih=1200&adxs=2250&adys=1208&ucis=2&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdengi.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=true&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
544065a7094cf577d4764748933705a38ace16f55b6359cbdb088d185dd84bd4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37566
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1136083849959437&correlator=297434000909941&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022060701&ptt=17&impl=fifs&iu_parts=21830442390%3A22434891267%2Cdengi.ua_S_WW_%2C300x250&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=6&adks=3404430540&sfv=1-0-38&ecs=20220612&fsapi=false&sc=1&cookie=ID%3D6a3ca5a42aeef7ad-22f8dddaaecd0088%3AT%3D1655008346%3ART%3D1655008346%3AS%3DALNI_MaFSdcxnA4xzvIpJ8qHNcwN_ZfaeQ&abxe=1&dt=1655008347509&lmt=1655008347&dlt=1655008346071&idt=1379&biw=1600&bih=1200&adxs=3450&adys=1208&ucis=3&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdengi.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=true&btvi=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
76447fe8ff6df5d9d075114334e78173dcb981493db8b1b91f20dad7dfc15c1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9821
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		26 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1136083849959437&correlator=297434000909941&eid=31067487&output=ldjh&gdfp_req=1&vrg=2022060701&ptt=17&impl=fifs&iu_parts=52555387%3A22434891267%2Cdengi.ua_S_WW_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250%7C300x100%7C300x75%7C300x50%7C300x31%7C292x30%7C250x250%7C240x133%7C234x60%7C220x90%7C216x54%7C216x36%7C200x200%7C180x150%7C168x42%7C168x28%7C125x125%7C120x240%7C120x90%7C120x60%7C120x30%7C120x20%7C88x31&fluid=height&ifi=7&adks=1867861018&sfv=1-0-38&ecs=20220612&fsapi=false&prev_scp=yb_ab%3Db%26yb_dc%3Dd%26yb_mx%3Dm89%26yb_tt%3Dtt0%26yb_ff%3D1%26yb_th%3D20%26yb_tm%3D32%26yb_wd%3D6&sc=1&cookie=ID%3D6a3ca5a42aeef7ad-22f8dddaaecd0088%3AT%3D1655008346%3ART%3D1655008346%3AS%3DALNI_MaFSdcxnA4xzvIpJ8qHNcwN_ZfaeQ&abxe=1&dt=1655008347513&lmt=1655008347&dlt=1655008346071&idt=1379&biw=1600&bih=1200&adxs=4650&adys=1208&ucis=4&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fdengi.ua%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=1200x-1&msz=1200x-1&fws=516&ohw=0&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=true&btvi=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
5c25eca2c9ee0f6ed606606919360617107fa0b5c9b98ede8b7dee95f4bf86d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13273
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://dengi.ua
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A7A0 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:27 GMT
expires
Mon, 12 Jun 2023 04:32:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 12E4 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2785
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 03:46:02 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame BD05 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e3e0fc042bdd302311be0df77a4f867b0c256fc4bfaed2e88990c652ff5485a

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 169B 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~l4at8ltz&c=6249739935192&slotId=3124869967596&qqid=CPW8-8SKp_gCFQnB7Qod9D0AkQ&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=rda&ulv=1
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c2c::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1005398999052622216/ Frame 169B 		231 KB
231 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1005398999052622216/downsize_200k_v1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b166d852a0fd03a64692102ff4b4394f073226ee30258364435789864f08ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 10:39:56 GMT
x-content-type-options
nosniff
age
237151
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236562
x-xss-protection
0
last-modified
Thu, 09 Dec 2021 12:48:29 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 09 Jun 2023 10:39:56 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 169B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=Cm6kSWmylYvWnOomCtwf0-4CICYfDh8tqrvT2tq8Pxe6pg80oEAEgxuCLeWC7BqABtYOU1wPIAQmpAsMM_VteqbQ-qAMByAPLBKoE6gFP0FSSjGLyDTDP58JZP6d9LEtG64ut64AzXVudUMhF4zoM2h7Brk9x29b5ZT0_v_TIyL25P3ZikaWUmVVFBoo8OTjUJjxlrJbgROghR17EY-og_Sw4_K9hcAMM9jZwcKrCoe6DtYOoiMxwwZtY9AcTHKtmED4lD07CmHcxMNKateva1i1_hlrzHm7Lt4NJmuoNzBm6Ayt0XarpuRL44soRRM-Lsyno4BMYSi8Mvl7picyqF_WPu-7VZQgiVlDSpRX5l6Wf4TrPVrpze0g48OkUFoNdM3L1u8rbssBRF891qI2-vd29aNScjRPABJ6myK_MA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfa-rQoqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ8phQ0ggJCIDhgHAQARgfgAoByAsBuBOcG9gTDYgUBdAVAYAXAbIXHAoaCAASFHB1Yi0zNzU1NjYyMTk3Mzg2MjY5GAA&sigh=cUoSeFVYSjI&uach_m=[UACH]&template_id=3484
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sun, 12 Jun 2022 04:32:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 169B 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0b56e0113d0a725b0b305d8a3793eef2cc5be19fde3d6da9ab4b5b2a2c555cd1

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
z
s.zmctrack.net/ Frame B671 		102 B
446 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.zmctrack.net/z
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.187.81.41 Kyiv, Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software
openresty /
Resource Hash
d2640fecdfb8b06e73db37af4bc387e2682b550067a98451a480bb2400cc2eb5

Request headers

Referer
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-language
eyJ4LXBvc3QiOiIxIn0=
Content-Type
application/x-www-form-urlencoded

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
server
openresty
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://dengi.ua
access-control-expose-headers
X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
access-control-allow-headers
X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length
102
videoplayback
r2---sn-aigl6ner.gvt1.com/ Frame 169B
Redirect Chain
  • https://redirector.gvt1.com/videoplayback?id=9057359b6adb307b&itag=18&source=web_video_ads&requiressl=yes&cmo=secure_transport=yes&ip=0.0.0.0&ipbits=0&expire=1655015547&sparams=ip,ipbits,expire,id,...
  • https://r2---sn-aigl6ner.gvt1.com/videoplayback?id=9057359b6adb307b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1655015547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,m...
896 KB
896 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://r2---sn-aigl6ner.gvt1.com/videoplayback?id=9057359b6adb307b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1655015547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=17E8AE0D4EA412922724AAB1B935AB0349EC3AE4.54E36582AEA16EF5F16930007CC711551626CF50&key=cms1&cms_redirect=yes&mh=UO&mip=2a02:8c8:c10:30::15&mm=28&mn=sn-aigl6ner&ms=nvh&mt=1655007114&mv=u&mvi=2&pl=32
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Server
2a00:1450:4009:10::7 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
d56b00efef714c4d203408b73c79d820dcb60774bd41cb88f299537acd1d7912
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
x-content-type-options
nosniff
last-modified
Tue, 24 May 2022 14:01:21 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
Content-Range
bytes 0-917328/917329
client-protocol
quic
cache-control
private, max-age=6900
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
917329
expires
Sun, 12 Jun 2022 04:32:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
x-content-type-options
nosniff
server
ClientMapServer
x-frame-options
SAMEORIGIN
content-type
text/html; charset=UTF-8
location
https://r2---sn-aigl6ner.gvt1.com/videoplayback?id=9057359b6adb307b&itag=18&source=web_video_ads&requiressl=yes&ip=0.0.0.0&ipbits=0&expire=1655015547&sparams=expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,requiressl,source&signature=17E8AE0D4EA412922724AAB1B935AB0349EC3AE4.54E36582AEA16EF5F16930007CC711551626CF50&key=cms1&cms_redirect=yes&mh=UO&mip=2a02:8c8:c10:30::15&mm=28&mn=sn-aigl6ner&ms=nvh&mt=1655007114&mv=u&mvi=2&pl=32
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
706
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 169B 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 20:40:28 GMT
x-content-type-options
nosniff
age
287519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28288
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 19:05:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 08 Jun 2023 20:40:28 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 12E4
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 04:32:27 GMT
expires
Sun, 12 Jun 2022 04:32:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 04:32:27 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
csi
csi.gstatic.com/ Frame 169B 		0
318 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~l4at8lv9&c=6249739935192&slotId=3124869967596&qqid=CPW8-8SKp_gCFQnB7Qod9D0AkQ&umsem=0&ape=1&ple=1&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252Ffa287546e1d5bd0678894d5c227e456c.js%253Ftag%253Dclient_fast_engine_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c2c::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 169B 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~l4at8lxc&c=6249739935192&slotId=3124869967596&qqid=CPW8-8SKp_gCFQnB7Qod9D0AkQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F327a2f53e8b7ae59adc1a35b4c015d49.js%253Ftag%253Dvideo_mra%252Fweb_raspberry&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c2c::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 169B 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~l4at8lxd&c=6249739935192&slotId=3124869967596&qqid=CPW8-8SKp_gCFQnB7Qod9D0AkQ&event_name=unmeasurable_asset&resource_name=https%253A%252F%252Fwww.gstatic.com%252Fmysidia%252F1a132ce94651f9fd8f1d4e10540034d5.js%253Ftag%253Dmysidia_one_click_handler_one_afma_2019&encoded_body_size=0&transfer_size=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c2c::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I3ZjY5MjZjMTAzYzZjZTNmODBlZTI3ODFlOGE1OGExLnBuZw.webp
s-img.idealmedia.io/g/3882281/492x277/0x0x913x608/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-img.idealmedia.io/g/3882281/492x277/0x0x913x608/aHR0cDovL2ltZ2hvc3RzLmNvbS90LzIwMTktMDcvMTAxOTI0L2I3ZjY5MjZjMTAzYzZjZTNmODBlZTI3ODFlOGE1OGExLnBuZw.webp?v=1655008347-hdvFaq-lcFXNri93zAEwpQkMaofvx98aj3HnddPMBoY
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.199.73 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
073b0cfc02449936eab14f8c823605a4e663708982c598b5903625e6fefca440

Request headers

Referer
https://dengi.ua/
Origin
https://dengi.ua
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
cf-cache-status
HIT
last-modified
Thu, 03 Mar 2022 11:18:18 GMT
x-mg-request-uuid
be04f4f3-7cc4-40b3-b04e-8d9c390ce133
age
25384
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
719fdcdd5a6b886b-LHR
content-length
7852
server
cloudflare
expires
Sun, 12 Jun 2022 21:29:23 GMT
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame F8FC 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=90&slotname=1280828557&adk=1130233035&adf=3961623946&pi=t.ma~as.1280828557&w=728&lmt=1655008346&psa=0&format=728x90&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346749&bpp=2&bdt=678&idt=94&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=B5M9GuIGMh&p=https%3A//dengi.ua&dtd=99
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 21:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
199499
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 21:07:28 GMT
i.js
cm.idealmedia.io/ 		0
133 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i.js?&cbuster=1655008347657457357432
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Jun 2022 04:32:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
719fdcdcff3f75bf-LHR
content-length
0
i-noref.js
cm.idealmedia.io/ Frame 8145 		0
40 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cm.idealmedia.io/i-noref.js?cbuster=1655008347672357808512
Requested by
Host: jsc.idealmedia.io
URL: https://jsc.idealmedia.io/d/e/dengi.ua.1296110.es6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
cf-cache-status
MISS
last-modified
Sun, 12 Jun 2022 04:32:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-store, no-cache, must-revalidate, max-age=0
accept-ranges
bytes
cf-ray
719fdcdd0f4675bf-LHR
content-length
0
truncated
/ 		287 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/svg+xml
mob-burger.svg
dengi.ua/img/icons/ 		199 B
469 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/mob-burger.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
f0d2d5c0d8373ea3e787c353abefebde3a345b06f99751afe27697519d3afc15

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:55 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-c7"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
199
expires
Thu, 31 Dec 2037 23:55:55 GMT
close-modal.svg
dengi.ua/img/icons/ 		269 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/close-modal.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
51c4526f6ab88ff68a7dd2400ed53f87949f63afe5a0a8694ad8cc082eef3805

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:55 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-10d"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
269
expires
Thu, 31 Dec 2037 23:55:55 GMT
google.svg
dengi.ua/img/icons/ 		438 B
708 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/google.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
0a790017591866b91ce60f012035ec6ade2b5e7e3e2e431942b88eb9faf89b62

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:55 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-1b6"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
438
expires
Thu, 31 Dec 2037 23:55:55 GMT
facebook.svg
dengi.ua/img/icons/ 		363 B
633 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dengi.ua/img/icons/facebook.svg
Requested by
Host: dengi.ua
URL: https://dengi.ua/css/styles.min.css?10
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
193.29.200.162 , Ukraine, ASN197203 (UMHAS, UA),
Reverse DNS
Software
nginx /
Resource Hash
436c54643e77538c94951f6f91083ac11f8b194a8855c05de5ae0aaa93983842

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/css/styles.min.css?10
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:35:55 GMT
last-modified
Tue, 28 Jan 2020 07:00:00 GMT
server
nginx
etag
"5e2fdbf0-16b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/svg+xml
cache-control
max-age=315360000
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
content-length
363
expires
Thu, 31 Dec 2037 23:55:55 GMT
counter.php
autocounter.idealmedia.io/autocreative/ 		0
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://autocounter.idealmedia.io/autocreative/counter.php?id=466734&pid=49126&referer=&cxurl=https://dengi.ua/&undefinedh2=qfhc2xK2KoQKzoip0ATWKkRgECLkbhqjWY10mOTk7KU*&cbuster=165500834768538040230
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.221.74 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
719fdcdd2f5b75bf-LHR
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
container.html
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4475 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:27 GMT
expires
Mon, 12 Jun 2023 04:32:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=YnZpTEpmT1VuU0k4Yk5MeDhJZFBaYjRUSFhOdkU1UklJdkZCczJzeFdGL2srS0h6YkxXWHZxYWxTV2NwbU9LTmFkSng0VUlVRWpNYVd3T2lheVZBTVMxSHJhUHI4d2tpNTdoR3BCRFIwRkFnZDVzdUV6dTJuaHF3cHFMWlhNSEZjcXhLSjFnRVJYaHdIR2lzNSt6dkZoRTROMVcwa3lnV0dOU3ZWQlZ3UUt5L1IzYm0rd0QvTXZNcnhFdW5hejNSTWdSSEl6TWljeEIrWUhiWGljMmRuQ1V0VWJoU2I1SEhqWkh0ZkcraFVWMXA0ZU5xVklER3QwMmdhTXRtNWZ2WDVBcERJM2lzNWl0OFlNYis0ZFBUWHc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4C87 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:27 GMT
expires
Mon, 12 Jun 2023 04:32:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=UTBFMTNXTEZRS1VjNDE0cm9hRDh6S0lyQ05qcmNNQ0FSOG9pNEJwZXpMT0lLTGEvZTdDcllVcHV6T05vOUxvR2lSU25EN2VTdGxLeC9GTWNEU3J2bUZLRUREM28xL2ZOUDZueHpON2RIQ3ZsUk03cFNNQ3cwWWxaRUorbUc2TGR1L2E4RGdxNldoLy84ck93SllIMjd4eHAxUnVmRmJscjIwVFg3RGpiMmgyRmhIcjkxR0M2bnJnRFcyVC9oZVRaZkF4Q3QyNFhjeENUbWNCenlnc1laYy9vVTFPZ3ZNSXRmQnh4OHdsVGZNTEdzYWhuVldPM2UreDdnS0w5a0Q3Vw%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Jun 2022 04:32:27 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CBEB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:27 GMT
expires
Mon, 12 Jun 2023 04:32:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=OFpaa2RKN1BPMW1IUGpudVVZVHozZnR5ekYxeVZuRm9uWUQ2TDdENHlLdkY4VE42NXFzdWlYVlBCeFZiSllld1BucGIwanl5M1hKRkRXWDNGaUFvUGN5ajhQWWtIUHJIM1JnMzVJamcvb0NxMjFUdTU4QUZQQTV2cXlXeGRMRm5nQVB5UnorSTA5SFpaMkN0TGZVRzNpM1JMWjdwcGFpazBnckErcDlsSk9KT3N3TFhqYkpKZFJKK29ORzR0WW83V3lFT1lYYnhwSzh5aFZMNEYybWVrcS9pQVJYendYalczVFZ3TXM2Z043U3FoT0EzQ2tmeWZhcnJvb0dNRHVyRWpHS3NTSDZ1Nm9aSVZjcFNHRCswbWc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
container.html
46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAD9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://dengi.ua/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:27 GMT
expires
Mon, 12 Jun 2023 04:32:27 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
tracking
ad.mox.tv/delivery/ 		51 B
51 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/tracking?hash=U3p0N3dUVGQrZjRrbHFwazlOM2FJTkFTblUxSHZ3b1VxN2NIK0thZ2FLcWhLUlhXeFhFRlF3S1JBTzFDejlNK1Q1TDQ0cmVldDdrRmNpaFhxNW1vMlRnaERGWjVnamwwOGJLUHg5UDlUZldKdEs3WFA1VGd5WEJtdlcxeDZJUzRkZFNWSmtDa1FNSjhUcUFudzNkZEdxY3RXTmlnUTIvbHpwdXNCSHZSK1djcSs1Q3c1TG0rL1k5OFB4MklwUVQrblM4TlJudS9NVzl3S21oLzN0d2dBKzRQallDZkhkRmkwcWhabFdHUXZLcnIwUGJLWjZWZnFOd2RRdGZ4RG5EdjBxbkMrZHVIdGZmOVpNK3pzT0tBcnc9PQ%3D%3D&params=WU5hbjdEMFYwSjFoSjB4VmZOWlNFUT09
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 169B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C76RvWmylYvWnOomCtwf0-4CICYfDh8tqrvT2tq8Pxe6pg80oEAEgxuCLeWC7BqABtYOU1wPIAQmpAsMM_VteqbQ-qAMByAPLBKoE7QFP0FSSjGLyDTDP58JZP6d9LEtG64ut64AzXVudUMhF4zoM2h7Brk9x29b5ZT0_v_TIyL25P3ZikaWUmVVFBoo8OTjUJjxlrJbgROghR17EY-og_Sw4_K9hcAMM9jZwcKrCoe6DtYOoiMxwwZtY9AcTHKtmED4lD07CmHcxMNKateva1i1_hlrzHm7Lt4NJmuoNzBm6Ayt0XarpuRL44soRRM-Lsyno4BMYSi8Mvl7picyqF_WPu-7VZQgiVlDSpRX5l6WfozjuxBf59XiOfqq1mMD8lXPpsVTQnNj-ullFHiEhqvGltGwKzrJUbenABJ6myK_MA6AGLoAH2vq0KKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YBwEAEYH7EJgKJLqtzv5FeACgGYCwHICwGADAG4DAG4E5wb2BMNiBQF0BUB-BYBgBcB&sigh=OO3_t6k2XXE&cid=CAQSGwCNIrLM7-BqkW_4jb8E3899UH7VKw5x2cXC7w&label=adresume
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame 5EDA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 21:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
199500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 21:07:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 71F5 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ4J3YrgIY8f-svgEwAQ&v=APEucNWzUWffu6CrsZmSYAACXJ9UTpR-i_izedos5tV4yKDONsc4_RFIYUe3VFF7escRVWXhM7eTwMJkdPkUq4bBc-7embHtENCGGIEprwPC7iJNBRujPbARNlRKxvPDASxJ1M50IAqVZU8lGEsVanYypRQwpp9rDceoAKXWaOxlGKZoNlNOgMU
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4475 		78 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfE28bXHkSA0xV5vWCWceGXPnGBqHm2KDVpH3eTMxYJrK0SmzzJiE8VKxLL8gSeHRhXeqhJcp6toh4uOySH3tmZC-uVsKT87rnyhirzEVAhjK2Z9mRj0zinrkG9cpiVigZdc3Cs5OJHAkx55X8xfgFO1BowA&dbm_d=AKAmf-Ajh1E9nCqE7bZVblHREG6XzVbUxHaMT6KhiAuYVNa2BuHrL2qiJ1hO9xUKTxvo4QBBdPgbpJAmzyoa-TJLNdTj08UaTnySMmwLav1FHUjowatVs_w92qzO13V1CaAD1hg4gxtkyTFcmMeykxYgHUvOoOVwP_GqwffOnrZGHITo6Jv4o_iCPvjWopzJrJXnFgCYeTAfCoLj2gI00gN_de_cG1T09oAClWC6STHBQ9QYTFb7P9-lqCS2A-d_5pGFM5fEW9G-SE-i61_oq3K0hDQ159F_lxpw7T0TbS8I507Z7QQMq99nKxEeQzB8IRhvpiayH1ozywZ9FOp68j5r3XDHajdGNDlA-EyNRpz8Pe59JaYiqqRPIGm3afxiA_TOCSnFGuX3fXaPJsCZNwHefFq1KV235dwON-EKRiBeEernR6G-saEEGRb7rZgwQVRXvMK-o_AjnDhH3yj9bE1h65uZz-4EH4XBfsVfAVQoCxEEScWYDrbS3JUAjGN0Yl4m3E_bhwXqjicguDCp8hQb5hJ9DwSUjcyBpz4PkPnnS4hCKVHkYcZPnjELLzt20nNLEq2hohtnpFn9OXWgEFWm7k-r-c4aYA20sKZAuAEA2vShEppREekbGTMm5suRqHz5Ok1cmD-ZZnfK9DZss0lZCzsj2fOJPHGVbpwBbZzQZkSgR9D30Ha1tulJpmIlSvTwo04AP8b83zT1vUYXpCV9dgQMRAufrvo_ImSh38EpxwFcx_AQWem9yWYd401dOXQI5wV8_2_Rr2gRyB5gXYrvfhOOB9dUy0H5h4__RMSCR3IGfT7Cxjcjfz2cuAXw-cThKrsqr7CPfpei75atDauLuKYdBfCrrTHT91xZSiGpRNgsssqdYzQEtY2yH-hwhuXC92VI8qDSLgjl3JOKuLYLPz9cXvkxtoDErRmPqgR2rN3_RnOkpkmXEhl1j_jcbvhbU06gcvnMXO2GL2jGb-uwNUu9Z3JvLslMe6IEW8HOOD78CwPXn5JL3YxjXbopTJXugPMNCVHhcxGlqsVOwg_J2czHdThskdfgEyq3D31IABYOfu9YbuPWYE5_2Py7rexZop0zOVL4o5ZOCom2ZriqmFSrVE5csyboASgDwsvdPoe_FpNcFygeUboU9cgQD2BvsFoO9l1Tf25ovPDaCTy8ooa3GDdJI0FQzb4_6gjGQeGvqrQEoR1VChp9D_FmVjaTY-fx038we-kojFGWyiGJQXvj4UjtPRDJY5Q2S0_Q3dWdwDN9uXlQlIEM-tjijOCcUfrJOJyceFP_-UY9Gm42QRIDcYrF8VVEJEFNeSxwBTydznDpSXD5eri8ahi2JJfDs30PT6gpIUTGR-9QBfe9Gn5ctozcNLZsxWD3gCm3pJOIx9pBIEcbUMbzXgqhvxpBvVoJaVgzpFSnxhiePhpiJx77nys3QhRpi1WHfTnowdBA08lGzIaB-P0eb3BNRpuvcuRhnFI702L6vkHwRmNYsg_piu4SQMhl3vIHvfPd72WHMQ8nbPUiIsSYGkTNTMRwnFgXdNZx7vaHFpnJ9Zvk-vr23l3Z9xpNez2yig8pXkbGyEE0JbekNMv8uGZJoeBOw8ytRdB5fnVGplPEDQn94n-G5M9v3tNjixkcHJ0-9CjzWP8Cqq_bI3beqw8omVXHIAgXPTHPCsURYCdKL7F6uOfvSWAdhBMHb9rHEOeHYRkb9JlIhJyQXTPFqcw1XFwfmvxV__V555kRsC57iovBQ-cjYGY1bEgKQ9nW34oaIgQ4yb-PbLJmW5k7K185DnW9ZHMHEF5IjBq6xRf2morde5EGXWSta3da6usau1XFFDQhfWbIf2OBZjTYDyo3PL_t69EcYQFC1-1Fws4gNMeVzHk2PEk_HrpNVH-vsgqtJSg5WpxFOKwN0bKdiNOSgdec6sYPv25uypuY6IZTssOi0n4hVofYh2DDEFc-TKfnmvQRiHyPjs5Kb-WtihkAu5HWLLJ0AgBVhBF-N45FRXWqgdApaXqDrP9gd149K4f0V7pXGPpE49GYtO0yzoiph2bHoJbDxMIj4a8v_Ae8LmhE6sDXzFxxaAKapqS-rPPzHwh9QlAbHsBp7JW1_qWv0IdesFO0Sqh7JQEP-GuAWkujqkVLo1lCOdFCNnaYp68xDxYiURbQ14yj04mRGCiwrKV-WGh6ItCuOnY3g_8R1_8f1PqRhYvTqHfmrkU14137m1BeIlQ4OR3CfUTdXcIptstQjURDZsW8vP125uTkUTZXGnp6bjLQDV2C8Mw-z5bO8LG8qUMcLg_VCdEQGHF0cPvXcAbxNTBnifntl2h9bA3n1_rwwLFFFPSvrpaT-Nnpgxq9AMMhJxo6S4U7_5ttwVim2gTWDXWqaOP9zg1tib1fuNhJFRqInF2SNKxixxMFkYEAnaIIqi2Mu1QhUUAn61d2t1xWzztUYpXnEhMZBmGYA-e49tgPeKBd-kSqUM3a-Kj8pXqRLB4Xci29_Tc9zbBQqzlKNYtipXVPm_f7cQoReu-yqbohEEypiKMamMuXTzXVSxdw8YeARI1hpIHzoZuTrFThZs4z88Oc1eOLSZVau2w_fLYfd8BCKp03mrE2y88EF82ur77R2xJ8zxb8FplmEi9UwWUmBJhiSFtt2OZ5qOj_3tWu2Q48fwKz3rLbHgE0mibDktnll-5cDO0OCz3VTM1uHptngO2AzRIIq9LXQPreFrwJ9YoS3rAKKP7HEOjz_rCbeqgC9gGNb0iIHYUUAE-ao0sJc4Chaghh7OOuCG-eUswHd2eK7JHT5qnIBE5CvQWE_ZgdXr5eFXffZkC0FR10B8x0jX9W2-lIiG62OAeevCqAeLQitkqcjEOwIi9167e9OoP0gJiMwGjBGEIxztkmJA1SQ3Nl-p9znUPVdnQjHxaEXd3XPO41iCjjXhgMRIpL1n-8JnlCmrmyKGIpeph4R9xg-2ykAYMLpTEKeSZv7c2AsqWh8NzeQplb8E9-BMGKZVdgaz1hPiC272ESFQQiop9j8K0xITY3NsQvHWY-xWEwSOEgt8NPStE_h5MyABr2ShgNsRk_8fksV-wCHMcN8-PSKyLlOaHXD6D0zPsqHhf9CnxOzu1q9OqYya43uFll8mblaYKz0HhV_n3zwNAdo5sZe25eh5wUEbP7b1ilwAGq2M7qX1J6OeGBFEeJv-9ejS4iode-JD6qBg3YkKsjiZe-EdrN_NLNTGJqLhufsd8iBdyByIOh52gzlxMcyZcnkg3Uh3ningCtHhNgDRJXdYrPZ5AmxH9lKft-rWeGsuSumHRvkmp8EnUsT9H5Y0g280ziyxVshLmtBxnIxmMS_kkkyDwAMdKsV95_zY5BEKc-GnbcsDNa06nbvGQf_BC-izpO5vFy9P5E26_OrasTl9UFKb6kZ0ldsCjANgBxQ7c81D0fry315M0EOBVBuXCoIWh4bzA2QNyedwUdQMe2kYdMOgfTTUEg4pmPry--FVSKpJIL0KmMMSbZxzaf4oQkeuUT8kRnB572vdgE1FwGLHYD0Q7oreB0umiYRKSBmOw4e0y46d3FToxwxFhTumGQ9GfAGa8EzMTw8-WSnUT0BIecZWdAIIl5e5UMrLSEELaaru4jgAJAE9vkbZv_xXMVMCnNH9PSZNy58SGVCshvGY6y&cid=CAASJORooI9_SMdp6T0yPe6n5EALYs4FjJTWJ2xvjz6HOPEtTD2Mrg&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8dc83426e406cb4fc70fe4d2f1a6dd08ce8b0f238776795f65c2db82f1c89156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33119
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4475 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-COOd8dNLCET1xyH4VVLVfXU8hsCTruPn7puH9r4A6oimQnR1SMOTQnnL1A_4CZCZc0e0c6loIwon0JhQA7K8GbYbWas6CUvpG1tgnJFp15x53DN8Q
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 4475 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 03:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 03:50:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 4475 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:31:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4475 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 04:32:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 94DF 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGoO2lATAB&v=APEucNXRh6v74lozJ8hDX8J1QYhbrnL3MZcbV7fDjLllvYF9urUnMNDKA75aaTeBCbatu2CpmJL9yJ6MAo7b2BvwTTiyY0VMKmI3umaqcCv_l3li8vk4JlAS2lK1m0HYXZsHeU4AGhIa61y_FGjz53Rnn-uqMA0B0FqVNZVjiun8igTYT1Lcss499tqMdpYkNUL3-c7Yjwyi
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame CBEB 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BebSvjhaF9Op0sK-7S4DTcVT5t2NDZsj4Cjo9ojs27EValXQo-qxbIV6BXfm5xAGeLoRwn_tYOrBTo4qQQHoi7yQVjLOoqeeVtD31afaBO9gP7IBubsvF8tNELtiT-SU6YI9MAtJAk4UPW_eeHcZ5XAtaP2Q&cry=1&dbm_d=AKAmf-DX6gEw-GdO2N00o60FiFo_rFvFnVgXVpMhe85Yu4JhLRE8ktqDgH2HTjmMzgzpcZxVl1ZZb9nhVUFMmqMMMzGTIIpSUF7B0uotdiSVaTNyL9HR5nZwM7YUTGbOiLX8OdoSF51U3g0McVRQitRPyxu9rURfSOczHHV351BdkKOgj-unbLcIjy2e3p86_5_5_pJn5kuWmrG3NbKBYLXommQmB-gUhSRW5_uDsCZT1ika7gR24CxD_CwH4CsujSQA4pDpGV460OuVXXFRLINCpy6yBEY03m1whpe3iXhamxHQ7NAr3dB2ahYbUrR6k3o_xBsuvJcBvG1l4-bSFsEE4RrnDycg64tq9zwsB5xacoCbQ4ltBu0Q6KvIkLq1hfOCj5rETSz7knbJqYN7vXx2FF8kd85JzPN7SQuvjLiJXeuC8C97aE91dFJn19Tr4BnpGWwbeMUkEgT2RNhoy7LvTXfmWb71psrjXRvI5unn6NvG7CDpisg7TmZhYA7kjp33NuiyoUrs8ggGf3uF7i4ML04C8NN_O7e5oLeue5vIQ_-VnXYlZ5sDhsYOvS4Gx324KHNuemYKLWrL-Cz-VgdNt9U6lO3-xMSjH_ICODZ2fziY84RBZI8ZpxrW8bowIBOyc7qdTzfE4K0vig3dXhZfHvWih-MK1QZSbgnxHybXcsH0MmfBiOFrfazm3aBurBsDxoh_nJZXY3wjmDvkjXypv7sYM2sxU-UpCUTsxug-9RQjjdrgYzKZaAYIE3Vg-aFrP5Vl95Hxx2UK3OrdvDkAlqnN8CGqHHC6CJ6tuP36EueAdGwsNK36WVN8S2cIulSptmstIgo87T9d_Uwtt7977DDPiJ4EifYLaLfqKDBWKjo8XnvXa-NihpQb2A9WHvDGhCjBkjMyPuYs-wuMz5zUNT5PyTqxmC6JMshsYeDn1ShJaRCnsDPykAYo-_IokM1s2dXm91UEq4gy2NcFHYjMNgHSAfg70Ehmq2DJLcalKP39ahnVbzttb6uxMOS9IFcbo-nxDGXKv8NAo0YxcixL5I0om5_ZeYtZFlH5yTqMZXoyY3H54WAOnvv0B-DCEAXIMdvgo7neys0yMI0oFkH3vRFGv-R_AzZB6m-PUXw-ZVpQFxGtmp9S8XC27ZLDSsXXU7oWTnLuaQf5CHsEpxbdehzOlbHSKnAzq8tYdIvw3vK8eWO1KwVeD2sGzl67l_oXcp2xshvohOiiziQiK9L6H4dgAMayZBzmRPIq8dP1XpEwctx3CUmpd_IgqHXLKDJbbAeihk8gEv1kBHUVKDXTiapLmE05NN_e6xJ7z7eawkBBNsbCJt_UZD0mDJr0ectCOMdh28xbSyiMJeVLBBPM_VQtfleID27jiK0j7wQvxxLhPpKXYvLADjWWjF6kE8ihv5GPcImnD-2AWkAH1QuMbs35DeHGb7SsecNGk5MmtEISNK9J4V2Gaaevf_VDAHXCXGgKc-w7MsykwzHUh4T3vGO3AXtaF4KUXOfc2P6a0MOaOdyKFLYmHIa3lMuYB-Br2OKbt8imPunXwQDxwM4bFGqD0K5AtRVX3oewgBtjzSInbjLG4wQYBs7CRygLWO_3mOFHXMcvZ9ZIT431qBk2saLS8CzPB7vQgMgCvnobm2G6iLx_ijlczPr62Qt0MPS1PiDGBQuUMUXDrv5kWpOB4fk-85mVsaGFyMapzQrjiZC03vq5p_FpF-irwFwv9fCulFwzSNjbdp61VOL7cHUoC3tDsjfZnNcm8tyvKV3t7vtOMA6vPHaevNFl9aSZ8VMM7dQou4I_Ekci_I79hRMxwvOR-0ZuDMtStH1BM_bH1h76gZMUIJqoPwPb9qasROe1nfEs8I2oS76Q-e5z8iUz0pIRCxv9n72DjUsLpT9M0SHhFgxF1kbnnfHnlj3wL80YizN2XE-lKM77Z2XjI_eh7T2fHWd9V0hSEdxe88jx8ilhN0I5OU1kDKzxRUyAx7xuokh-90yIfA3MK5eXlwsjHRdVYIfS7YK5ulEmtR31-TZab0UOql3qh0WlrHXZENOOxAeHZi9Nc0iMytn29N4PGtZ9EMI-s_m53SRXwCJyPsNB4o8i1aZv2p0fHGo8-S7S2C_WEF5AZCtguwFTha4smYj90zUTivHMwN3tpbhdD2tdMPd0_wqWYMulGjYo6BJDIXLB1ZjpzNMaNpvE3gwARil-GEAmUSDqHVNQfuno_CXND-G5ttiS9Nx-yPxU9SEOMBzXhmk-k1ZInyL2KewKfDxINqQdUa4dIEqS9HKq5AJdF3edmiJB2ztoE1Zd5HHXJnwlw9fB0td7wghgKIvTcDcnqfL27LxlQoJMuWucrm3PB7zBr7vx4wB2yGhcHm9mnMNw2z7jiEIF6BR6tyRiRXaMY5qXnztYkrGjW_dmjN385dnYvIZ4aDM_39LmyIjLItdXfkOom-wfFYwz113fyTikLl7rKX85499KSIdzDg6enGfNUq8iQom18yHfviap6zRHl5b54w_z85bJn-aMjWvIm7wn-AAolnEh3lvybL7IUbviq-xiI2nu6q9Igulzo8UBDwI2brJHCerv4Pq-bHqgeapCoHgh5CRkpYFBH4ui2K0sF7euK7YCjN_G4jsIv7aLuo_JCBui9x4KJJy_cPQ9aXbO-XXRYNVO34zLubnULExGe20_ZObTOG8va0WGDIR7m-VCb7eqHV6jnKswYYBEkKNCbjWwcOMFkC37RQUKAY0aa5H3GakNIFPgoYTdiHuPlte_FGMr2gbimMuqzDUbF09YC4PCR8xR5jyg8lzfBeWmQDpWHmgFTI4NAnpBt_5PQgp-tZy-PETgYqwW0JJemah_M-PlvZU_BvGIc8u1aE-_9G2msjcheuVJcIB5jTfUSGVYq3wJgUr1m0wkaphkkNA1KaP3-6lUvLEc3mHossVRt6RacZnXDErbZT1n0Bc6vjF9ex_66bodpIx7CDX6-KxlBRBVYCYviVQaNnVESNWV9wSrsGOAp4Cuzr3rYCBV2XJoidC2PBOl6MrWnzqkDSp7bf4Lxoh8CAIthEFi7141XTvUxNrqnF5T3EJZlJaUcgkQ3Mu109MBqBLMiA0NHA9t2oyKsfs6Tsng3ihN_1Mz4j4aF0opNhgN9bV6PrbGFT9z-opfFZCje9bhNVgQHH51MkTRrBRujmRwcem21vjltICnovpHh6rT1jF_Tt5rY29F5DH2w6N1Btm-Z-3GnVOFwDSrgNy_Eqa1e8-9FtsTS7rIk0ilElAZNHcwgXNSqlFjDuDGKC7qHXiJpV6DnrSYehGNFIUAeD-gqJVtoTGgVF4ZCIZGK6McsfXssenXwn-vsATy1MxKKbFMZQDPmohvgCQ-CpvjoIjteLuKEnXhGufsNbQrNyyLlk648-wSPyHuSPpQ9eYtsUx-XWN-r0cbM1xWjhnb79pLZ8P-0xwkfUu9UbMYuVcmyZ7b9sW72HTBJq-Fh4G0N7sVnhhe-wQdr-v0QzHwFzhIHCQ-nYSH15gG3wlGfNhxayFGOleHw9oW8CjDLzWG-ALxun6omhaT8Gku7d0kliUYq0VDu-8ygMQ1JeaV8-TI5xQZvX-uWaxBeaWOLOuLocUC0tvY3W8SCgb-Nj9NryHXloVjs6JUOmOUAr01TSXJhKURZCjciM5YeDDOksBP0kok3fjDExKjJqLCiJ0WQsePqpBlM6_NgH15fHpglDiHqskyCkEPZc3FMwtJ900v-y9DOx5Z7ImZEvN8dYgFT4JnlO-A1iPCP24oQZbuj_w-37ti4ceRsI98ESOZHAsDQmHVWODjxiwtJg&cid=CAASJORoRU5RYUfEefjAB-uC3qQ6-ZIayno04pPV9hM8MtrNc2erYA&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f40ae6bbd84e3b0b59e32bc9eb753db443fe9c703af036b3d43495426558c319
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16426
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CBEB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BIAzC9Zeo87B8922sBTU5QOm2egpshyQdYgSqzHu4Rhhe-aWK8KGWPHMCnJ0YedvsLqX14cO3qiNuIVXMPnKJ7uoL5T8b0SE38DNOBPvVhqdoqOlo
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame CBEB 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=5207946&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jaYmIDW4cIQt2QqH4P-lBK&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=46959267&DVP_DBM_4=347820102&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=34173461753&turl=https://dengi.ua/&DVP_PP_BUNDLE_ID=
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:df:3ac::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 04:32:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 14:27:37 GMT
Server
Microsoft-IIS/10.0
ETag
"fcf82911d7cd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Timing-Allow-Origin
*
Content-Length
1170
dvtp_src.js
cdn.doubleverify.com/ Frame CBEB 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jaYmIDW4cIQt2QqH4P-lBK&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=46959267&DVP_DBM_4=347820102&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=34173461753&turl=https://dengi.ua/&DVP_PP_BUNDLE_ID=
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:df:3ac::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
04edcd41ffda0b3b0a8753e57b1a72e1bbf97c08a593cfb7edd52face2a249f3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 04:32:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 11:02:45 GMT
Server
Microsoft-IIS/10.0
ETag
"80f87372f07bd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3302
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame CBEB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 03:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 03:50:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame CBEB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:31:06 GMT
l
www.google.com/ads/measurement/ Frame CBEB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTKYhgBreOarEbUqfpKoMm_U9fjEobujL-fUguxjNm-vVnKJ6Is3VoZpOYsxYUKqyqMXonoduEeg_ZENMZn8OHyvm5nVQ
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CBEB 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 04:32:28 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame CE65 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1Ahi-8Nu2ATAB&v=APEucNXTnD6XGKGE1jlumrjzsNacjAryCpiUKtOsK41Dx177tB8_Kt2P9I76527CzxSsuo-7V-z6kifVETKYy0yE9ILZr8CDdNVCH3CYwSqbvyMgw5tnEFvR9hwnnDktOAw91Yjaflxx7iH0cun2q_NFanBhdL1cr440AcnLjPMH4ugSRvfDGl8
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 4C87 		61 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyQh-xUw5b6lUb1uph36GbpfYN2KUXlg13sAUWPEemezyfsR-9kLcFlQBg_-qwZFj_zhWfBg47R8P8T1xKDieUygUteFNEUMbPBVGLe5_NbqcH8lZK-7zTAgzutGnaM2oVDvSvZBfrpuqanraTS3-XBea0CQ&dbm_d=AKAmf-DKXCKeUT6E3nLu4HJ-n9NCXmBlkPEbiX2ogUlA4lpWfQk3jRUKHSNyZICst6CIDlXE0H74_FX8NcJ3D7WOglSUio4g4CzKVCNVb1hEHV4XWfLD3lJpqauGzHgaYIzWIZYuEmrqMJlFLmggGwjsWxycgIoVbzjo551jfmL0GCqgATDbYddiIOfCamh5hPV2Jq-zmYnLVfcfWXJA_R6zS03gyfi-BtCbO5ZjzscHdYnIUkydaDz91oghWXeM4iNwGfvn0mMMehLHWrD9GhJhPoHR9uZ8Q_ojz3Ry1cZ4Oy2CGdcbA89qjvIdhrbAkIKpv8GKrEorRS2o3btGjgTyBmqCRU9iCo4GZSLMpJH4USlXaK_f9-aGpg_w_6xQoN7IT1c8QLgShWFJhK-vk2pwm_6WHjklfla3RFiwA8kY43IGZVCeiQ6ue5Foandc8nVn9qThaPPO2whT9Z7G5V5zgAb9dbDhpQwTpWp2PBfIOGCyBS9rEgcGNPPPJzgl8h3bVFFN0KWX6mkumEZ7-N6uD2A0o5qwT0olOkGNbM7hW6LmD8cjBpKcW1-6OHc_AHdB_7vAorDAOzn_59eGmrOspBoyulmrQ92zwEtnheIRpz8bud3TCo9dI1CyYcPBs93_V_cMT4OMijxiiK8CoJPAjJ0DioOv4G5Fbtpp5WVCOgO858NBnRxMJxY4ksoUq-4jTlO0BRgZD5UqqNwTZlFzs4sWPwTbsWzNDdOaDOUqQpK6PLIZYaBhdu79Q_ozjcCXhVow7V9xr-ywY9JyRX12YptjURszQeDIT614zdC031PtXSWVcNovElJ-bP0u52dG6P2O9HM52NWZJqF_zqdZA0wfMZq76mrxIJB1H1sEnAqpol-gpe6No49O6jpN1EbAGdF2D0EaSqBc57lm16cDbAKfBS5uGJZmn2t6BGWrDtw8zY4YLF1-XTZ8nTIgRgemHBOTWtCNNUPhwaT2xUNr2vT8oXnS0Mq_iwmNbvp8JLvH2BrMh14CTW9gii-n_DHyMRvf2YT75hwCdLGVvmJFMRSQRHQMA2VAptPClidWph5LARGlTZywT6ngTJh7aA5elVUy9EM2KUEU3doS0WW0c72rjI11MiU38oxPaySDb3ncU_wK1wtbGWOCaW0QxDGAp5l1Wo9XOwpHZN9fuSYFVcJ5kvyCztBz1bT29exZub830bB6Z0m2Z5femk4u0qElyPT_ixG8VSU8EEsUtCWApsbP4JUT5hLNzwKOkEwg-xt8dABYZ8CLl-9HTah3xYbLlv1JixzxsCzQkchyOuXcP206IHrXFtnn92K7mM9J5jxkg7fCdmSzt98EcU7s3ssc49TTkk056dsB0vdWzsg8Szqj4gFdDWOu2PNc1xNSrJVrTcJyF4OInbpiR-Zv1ikmQp-UwlcGJNWoheGbgorzcs9val73JiITXVoQ3pIMvRpq9LqjakDCe1hm72j11oT6pwYdok5jBxkUn9VciPXHIFUuzoPSMfZl1Yue1dDrs2NfLtIsxicXlMM3ybtB_uMP_l_vWpHfmRlREA9hpBLQ3Z_SMv_jAB_fD3dxr5u4Iz9VzlMslkzNsqqYTgsy3ExJ4Agwrs9D8JdsAqjBT_g4MnvUiOU1aPO5w7as9RoDFDSdiQ5sk65nvAzmKaGv4JuAFcz9gRNMasqV1wwmLsfYHh8DeUYgX_H8OOgjFIJC08Kdd5susfjsZdaR5bfLe4lgfaHWQurSh0FM-1HMO4WZMdfY6ATOhBn9eGk1zTPMV7xQA3KEdBSjseLN_mltwCk5pjSI3C9OXnEOhYQYXxxc4hX0Zifa01dLKRXHONWB2IixJskJ8wE6uQavIqnayglS_hb-a_LnzSEMkUiC3Tz_biBVuDv020-dG3IoIT3kTl9DTXOaTo08BQKuvbU4U3vbC-sI_Nc6GvCY6YsCTf9ceXrodeNg8nNN-CZwmXs9KSVOKKTvuJsmdBlQm0IZKYX3DJ8uSZ-OMke07wiHUn1abYA5ny9af2-jkonPrnkV2ZSntbb4CbCFADBLW-4ofBDo1RHZalXVZx7rCMyqJCxOSIsqZJnr41LczBASFX5CRhKyngWQOX2v3v0ipgoCU_Or_vARkGUD-eeb3guj_McTb5jklfc8CCQTUC1EDcvcuvtU7QQ_Tx3b4zvK8ozfNLrpUw98LCwC9BI_Z7jitnFIiTVVIukcmme7Exxvhxy0vLvEdEeqUYQA7-Q7xrnhRy_2fPEtNxRx5NQGm8dTWTg5IdOgySFNe50MH27Q1hacEdFkaXwhGJzKa6ivRiAsIJ7v1ECML0QgMCyGD04bBrYEZ2PPDl-FRvBLGVMERIrQiHuxErUI9uxomto9q7F-2FXeMtqeH9bcyKSDD7UlmEo65bW1fk8DNqPPoYm4_CaoMsdURUB9WOrx-_44iSBgU7FG9ksK06wOsCse5kcUPj5UiUYrM1V5MSRTRLbNcqwHSLWWHtJPYYNXWwlcgtr1k5phu8iyO6KO5PxCg-thYBB1T6LgfesjaQszBQpnkVNaFEzKfb1864pE42CtVkgQwnnaE4dzOQMO6kRylCrtFbItTzI0aogFXCPP0Al2og_mVKX31IUqGWr5w6BsFHJFlwOmOqFZlaz_T2ok_dUhy18T9RCep0UvBW5FrYSpK9Agk_flCE5UBkYiRZAiBVMCkv9E6Klf9IFE7cS9gQrL4Jdp1LiSQdEB_uA4lWTqXkeB4NTNruHnkaSj7x7ml5aN7e34VMZz-Kv7pNUlZWNdsDyzqfaWhBSUdwuUzE1gMlo6Klvcn2EbXDnHXYM2_BTTZKSwagnPuwDChwYpSQ96vJw48pKaYWxlU1pBjzwvY59xE2-9HgVtTqwTYUBQCXDXHpbroOXCC042e68uDRKuIpOzYxHaJVUUZIPGGDI9tEPHZWRWsDMlHb1p9RUhGObmubdMUmXofn-fUQbR1xwepAgPAZsQG-lH4WiWlW0177sTeHoJLr7hdc6HsWlAfcgc5kO7GoCQqssM5JCeYIvJTgSW69wmqy1pTKNcJt2-ggiVv-zKe-GhRbkEmcFTBa5kUuX-esWP8PqW-UeZmvH27OiWNJ5suHuM2vlkbAkl2S8Lb4l3uOIixZ1k339GMYSIf4xFNmxSDT56eSLzb5awKIM3wVGcPVCEgkKfRGxUMo7GIAVgZP5UzRNZLNZxUvrynbxe2umdnSLYRi9jmfrrN-8-f8ZR9KHWlODq9vJkYEAnpFkzoaZEQREhHp4MOzO_ERWTborT67vzJeBvQc9wYWDHy-JsCoVEztL-b3B4BrxpwJDxVh9pByWIpR5VtjHKHc0BONHt2fE_fsXMjmKDZf_K5W48GdItm2GjLY2SKHeHMwwV2UiLi8KaCdI8lJnChaLfRWzEpb1tKOmRKz7rg2JlRb1_TUUCOg&cid=CAASJORo03UppxorbiWc0GZ2nvNe3XGjrJgtUdImkSp-PEWYG56K1A&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36d600aec9e60e144e591c50d184930cecd8769dfda478c74fd5e8631b936bb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30809
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4C87 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BBehkUYqyaPUui80Wmiipu-USd8-6WRRgbX3YC3vLZ4QbBLDIa1w2jM2UxkuBBBdqKh9xf_i8jnUWhKAsZg_t-v0L6rdeGf1k1_WHIA3aYIwfvJ7Y
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 4C87 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 03:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 03:50:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame 4C87 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:31:06 GMT
l
www.google.com/ads/measurement/ Frame 4C87 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0rdfIagBSL7RjCHzFal5EycY6O4U4s73YpPpjuT2ZXn1fIOILnfQMOANnDcF7ABV9Tt0ljnngsL7vUFNQ4nfN6yNJRQ
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C87 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 04:32:28 GMT
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame EAD9 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1b62b90bf18ec7c74f6f0e3712c716454d923ade4cc50406b60e5e996a1e3a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 22:58:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20036
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13796
x-xss-protection
0
server
cafe
etag
15026990954476011790
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 25 Jun 2022 22:58:32 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame EAD9 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 06:30:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
338543
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 08 Jun 2023 06:30:05 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAD9 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43429
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1654688687962514"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 12 Jun 2022 04:32:28 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame EAD9 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4385ce68ba65a6c2764beb260a537b22f9e9757433721b4ae06bbab7a3cb4809
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:22:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
594
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8668
x-xss-protection
0
server
cafe
etag
13623652577628218544
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:22:34 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame EAD9 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/window_focus_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 03:50:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 03:50:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/ Frame EAD9 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220608/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:31:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7312
x-xss-protection
0
server
cafe
etag
10280116914265038571
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:31:06 GMT
l
www.google.com/ads/measurement/ Frame EAD9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1VK85CqTmE5UiVvKM3uhE2OT_CnhJVgdG5PwloQAU6HfsNDB5JFIyIjv1-RxPB2epRg3JJCY7Tpdj7Mc7XxGLHBHerA
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame CBEB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=jca&jc=75&version=r20220608&sample=0.01
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 71F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1&C=1
43 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ4J3YrgIY8f-svgEwAQ&v=APEucNWzUWffu6CrsZmSYAACXJ9UTpR-i_izedos5tV4yKDONsc4_RFIYUe3VFF7escRVWXhM7eTwMJkdPkUq4bBc-7embHtENCGGIEprwPC7iJNBRujPbARNlRKxvPDASxJ1M50IAqVZU8lGEsVanYypRQwpp9rDceoAKXWaOxlGKZoNlNOgMU
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 12 Jun 2022 04:32:28 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Sun, 12 Jun 2022 04:32:28 GMT
rum
dsum-sec.casalemedia.com/ Frame 71F5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqVsXLXGl7RaT5zf3ClU1QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ4J3YrgIY8f-svgEwAQ&v=APEucNWzUWffu6CrsZmSYAACXJ9UTpR-i_izedos5tV4yKDONsc4_RFIYUe3VFF7escRVWXhM7eTwMJkdPkUq4bBc-7embHtENCGGIEprwPC7iJNBRujPbARNlRKxvPDASxJ1M50IAqVZU8lGEsVanYypRQwpp9rDceoAKXWaOxlGKZoNlNOgMU
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 12 Jun 2022 04:32:28 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 71F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPct4itdH0mgT9guIe24pNM&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPct4itdH0mgT9guIe24pNM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ4J3YrgIY8f-svgEwAQ&v=APEucNWzUWffu6CrsZmSYAACXJ9UTpR-i_izedos5tV4yKDONsc4_RFIYUe3VFF7escRVWXhM7eTwMJkdPkUq4bBc-7embHtENCGGIEprwPC7iJNBRujPbARNlRKxvPDASxJ1M50IAqVZU8lGEsVanYypRQwpp9rDceoAKXWaOxlGKZoNlNOgMU
Protocol
HTTP/1.1
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2e8ed1f9-316b-4f41-926a-3f96f44a67e1
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPct4itdH0mgT9guIe24pNM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 71F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4MTY4NDE3MjQzNjE0Mjg5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4MTY4NDE3MjQzNjE0Mjg5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJik9wIQ4J3YrgIY8f-svgEwAQ&v=APEucNWzUWffu6CrsZmSYAACXJ9UTpR-i_izedos5tV4yKDONsc4_RFIYUe3VFF7escRVWXhM7eTwMJkdPkUq4bBc-7embHtENCGGIEprwPC7iJNBRujPbARNlRKxvPDASxJ1M50IAqVZU8lGEsVanYypRQwpp9rDceoAKXWaOxlGKZoNlNOgMU
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
acbb17c1-246f-4f39-8140-2011b2812a4e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4MTY4NDE3MjQzNjE0Mjg5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 94DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1&C=1
43 B
781 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGoO2lATAB&v=APEucNXRh6v74lozJ8hDX8J1QYhbrnL3MZcbV7fDjLllvYF9urUnMNDKA75aaTeBCbatu2CpmJL9yJ6MAo7b2BvwTTiyY0VMKmI3umaqcCv_l3li8vk4JlAS2lK1m0HYXZsHeU4AGhIa61y_FGjz53Rnn-uqMA0B0FqVNZVjiun8igTYT1Lcss499tqMdpYkNUL3-c7Yjwyi
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 12 Jun 2022 04:32:28 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Expires
Sun, 12 Jun 2022 04:32:28 GMT
rum
dsum-sec.casalemedia.com/ Frame 94DF
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqVsXLXGl7RaT5zf3ClU1QAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
43 B
892 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGoO2lATAB&v=APEucNXRh6v74lozJ8hDX8J1QYhbrnL3MZcbV7fDjLllvYF9urUnMNDKA75aaTeBCbatu2CpmJL9yJ6MAo7b2BvwTTiyY0VMKmI3umaqcCv_l3li8vk4JlAS2lK1m0HYXZsHeU4AGhIa61y_FGjz53Rnn-uqMA0B0FqVNZVjiun8igTYT1Lcss499tqMdpYkNUL3-c7Yjwyi
Protocol
HTTP/1.1
Server
2.20.157.55 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-20-157-55.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 12 Jun 2022 04:32:28 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI-Dva6LRMxxyDgxKPg5KXo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 94DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEPct4itdH0mgT9guIe24pNM&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEPct4itdH0mgT9guIe24pNM&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGoO2lATAB&v=APEucNXRh6v74lozJ8hDX8J1QYhbrnL3MZcbV7fDjLllvYF9urUnMNDKA75aaTeBCbatu2CpmJL9yJ6MAo7b2BvwTTiyY0VMKmI3umaqcCv_l3li8vk4JlAS2lK1m0HYXZsHeU4AGhIa61y_FGjz53Rnn-uqMA0B0FqVNZVjiun8igTYT1Lcss499tqMdpYkNUL3-c7Yjwyi
Protocol
HTTP/1.1
Server
185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
66870d9e-176d-4eaa-a93a-ebf0b6c68675
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEPct4itdH0mgT9guIe24pNM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 94DF
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4MTY4NDE3MjQzNjE0Mjg5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4MTY4NDE3MjQzNjE0Mjg5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARjGoO2lATAB&v=APEucNXRh6v74lozJ8hDX8J1QYhbrnL3MZcbV7fDjLllvYF9urUnMNDKA75aaTeBCbatu2CpmJL9yJ6MAo7b2BvwTTiyY0VMKmI3umaqcCv_l3li8vk4JlAS2lK1m0HYXZsHeU4AGhIa61y_FGjz53Rnn-uqMA0B0FqVNZVjiun8igTYT1Lcss499tqMdpYkNUL3-c7Yjwyi
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
X-Proxy-Origin
5.187.21.101; 5.187.21.101; 726.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7c4d38a7-9537-467f-b6c6-51f6c4945319
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODY4MTY4NDE3MjQzNjE0Mjg5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
2EnyDLdCiM0Oj6Lb7NSXzwLtIT64iN6Wmm06tI8liqsOVrZHAfb9VLmWQ--UVwCUYyoSGekwgGH4AfALGlMDjWgA-8ugFJ4=w1200-h628-rj-pd-pc0x00e9e9e9
lh3.googleusercontent.com/proxy/ Frame EAD9 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lh3.googleusercontent.com/proxy/2EnyDLdCiM0Oj6Lb7NSXzwLtIT64iN6Wmm06tI8liqsOVrZHAfb9VLmWQ--UVwCUYyoSGekwgGH4AfALGlMDjWgA-8ugFJ4=w1200-h628-rj-pd-pc0x00e9e9e9
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
ed9c3d0762bd9e96a20addb3f1f04a9b10e3808ce44837778c6e76e8b97a3cb0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
fife
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
content-disposition
inline;filename="unnamed.jpg"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73743
x-xss-protection
0
expires
Mon, 13 Jun 2022 04:32:28 GMT
17818266648275552032
s0.2mdn.net/simgad/ Frame EAD9 		175 KB
175 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17818266648275552032
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bafde1230d814d2f7c3f90f1965eb27f53648151f379ac15df6b6cba855d56f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 05 Jun 2022 22:51:18 GMT
x-content-type-options
nosniff
age
538870
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
179344
x-xss-protection
0
last-modified
Mon, 07 Mar 2022 10:01:11 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 05 Jun 2023 22:51:18 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame EAD9 		42 B
63 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcSjNrtKF0t6DMsJ_4YyClsiCMrmoIhDZotDaErSefMK9Dks2arHsB8pwykmYepk1bNdbKOOJ3Bg6FqDm1_3qDHzo5i0rpKVyJ8ln6tDr7ec3TBsSsbQ5nmMarBvEPAepEU6-BYVkzqVkfqw9wl0vhER8kZQ&dbm_d=AKAmf-ArDM4jJZVYcIineKdgINgl5aFQD8t6Smwdk-XS32eUBNgNvdAA44Dq2PfqZm4-9DCP20MGa41PWEp_H8_QttmWecCs8TmBBfwCi4D0d3DX0rCB46_oIj8AdZkNcXUQpn_OdXJdmqJXMDQ2jaoMY813P-X74cEw3GZCBJgNQ0OKPvlK0Tfu60YMLhxnOkXeivy4marz8XJDYUdmaLBfzP4xe511y2R-amkfA2fIPCksZanpqKfgYIfkvz8paziJpO4RnxRTaF3y-gE-vUCbFbFvCN_SUWUH4ecjpCtXOFbHun3_WeBVYW3FKYwZHtJpB9Neb9yS2xSiOSnk219FkSOmz4QVDDFN2Qp-XzvCnlg4rM7aj3NGmgO1tT3k9n0f1zldwI-iXSu7iSHn_XgQONZdEGPcq8TyEONMr5ECfrrN3Y6c2VCEGzDlaWr6TDI8-PwIwmpaI1cLspml51rdEw-durHJRKicovERETF0laH1PIU-dZlj65uC2VQzTlNIP6DQjF_vF61CY-r6gMmOrPjvJCzba1NAwBgqyYT6zcu5KueQat1OasGbf_hEFfFxqEffGz4gAfEzdSxPTU69qV5p4Viete6QIgqGm1UsIeqPKBYTYdBqjP8dn5FOWAQ51Z4-JVLZmKAv9bFDkk3kmnV-9kDy3OrrBKSkAmdAoTERZfF5kmuLQ0b4aGSH4JGzKQuQOqNJaIGZKB2WfeL6HL_7lqTfSAA-LNxnzPZzzconty5pjbrnSg3xDlBoRdusRl6z98nuYo1gUU_2rJqUQXKiiTUOkozR-_sJLIWQEY8Zy00XORREd99xrnFYhI6FH7dOc0bjBM9KzdSjNAUtsQkoQC3vq82LiPdAlAfVE1OxyRMvEI0fjrIZSJJS5G3-2Z_0cMehEu-IdVhbbJvqxjWWwuJZI26Ccz9gFDYcJqFttwYPpOS9ZVn9Zc6SoQVE2cZn3ObjGfDYaIAjzoOAMvkRKuLeouEdlerfilQLQjQmtBWpjOJOACB5zgXLLZfQV2elnBphrfhArYPfzgSsU7QTj8-QA3R4jSI-brRGT4eQVRwYhHsUQ2TUQ4oyeFXtfTYmj5sJpOCVLbVw-tjXJMsF0jbiTZjt0VkKEQrL6JA4w8jxpV-BhogP4Cl8hM7etnRGY83-Oxw-jG7BDCWzXTePk-DkjjKphP44SvVavSepengfEnf_vwwM8oJ_ybWEGv1P1upv_v3mB9HzM2ynOiwcA-dUdFhHbvQ79YZrycyyhJ4Y7lEWRajCN5gQOnScZbYnipsYpidvKMxWMo5XRRfYNT7Gr4p-I1LdYsNWFm3IuFASjoHPYOm4FE3pYlyi8sfyXCviSpplJi0e8tNO5myP_GKG4RDjYxeo1FlYvk2rlZ-BBEqxsZ_gwGUKO1zo3aqZKCzf_wyF6wKSTeM8Qs22roSqt_5pmvYzLzvsT-0CcXjui3hGI39i317LDk12U-ncyxd4N-wgF4dSgzQwOhCTi9RyARvsJPGJvN-Bc9ifdAEdDUmgPxitZMkV3gFIZjTxgLvAOlIFFnEG1tVoh-C2ZzQgW5oJrrAdOzWiUC8XtV1u1mHEGZMEDxSXDI6d1GG8k2Nn4MCukH5_95_uf71NZDhm6bbJG3e4bVObfyoCoYLaJU09-LcaxcS_0rHWUAsZWqzDiacnNJ731-lzXpxKXxvKtRNEtcw7-1dSvXI4trGMhsSMCkUjikuE9kBngfopxlZGn3Ba46Lpeg1XFlfF7RvA7nZOKu9K54eaaWURAi4I6ZD7LpBbgSuIEs6ff-iVpiiJntk7Dw1v7tyRD131ksWGq3jgytptDqPDoWAahIWMC1xENQJdwipSOepzBRgfdU2COst9cpm2nfwwUSziBXBfiIZnKSVsVMzjjnEXYFQb2nvXA85wok_obcDA18UFY0OKLlj8GT4LTNqioBZ0BZp4AyFRhoAQyRetNs2P_xKNs3zbgCdh2JZWgVS601P8RjPVBm_d99WagqmFZHJOhoAo_lXoX2a23NGikBbEtsNLnBp0yEcqk8QYKzIx1I2p5RJV2Q5gjLXNxv9G9FnIxZJCTHdkaqTjPVEr0j4ZvK2X8UXGvNuN5qo0y69HcpKlAD9BuSBMtsBKTl0t1-XkAjEdGRqkPi-uXdU3rFhIHRLikuu8jrU9q0GfLvaAcYFV0KfWZmTqC4kvr_6KCmkq8nsFh_l9vMgCdxojjzKRxkvDhvr94NFbwImZ7IQvAMEGuFun4QXJLzsTxZO82ox-Q2I2LcB0W93nNzMvCfgJLLS_E4ZqeBFzWxqI1qyfv-pBFJ0MhWULKQyy_Smd6iy2c5mTLnllpredMgHKpvbkEuugj7Mzuq4lzrt6tp4EzH6QinRXkuTOjLX38Gx5kegsJNScKnWGNm7ZuZf-aX44__Ix1LjtoR25XRcxR2EmDf1DJqfEFPXhcAyfKTX_ajobvnzbMYxoU3N2vp6I0jpjAPHe-SUNvg1W7waI_9I2IapTFVUJGOMY7L5luTxORXFdTo8dOCybWljppMBsIDtKNXSR77GAKe9PJtgiZcrFrHxj2Exq5FOtEFGJHyzXl7JZbwGapwP0Z11HF6BFQmqASk2L95Mozqt_qlfieiiielzIRGPIXZu_dqhco1vK8OH4uYcvA9bn7SOKOnlZzBABseLV39TD0IGMfcDAbUby2oK-WD3CNOX4h3DKrAvmEGtmVivONKBYERD3F6t1RqQYABvKInMrPnKfypM5KjF0bBieEb-Z8CmSS8-Pck4TBXyQ9mw_QiEg33Pfl7z2M72EnonkMDZa_X2y-E3QEwnBW1jNeW4FuMP6eNAn6KK3sAVlWl09UFXjOZOcXKMSbl7reyqbxxKEGYzvxTjaHvu_nuZZXcedbagvXrCg6IMV2ep3s87YpNiY7YszfIFsIbIxKl9CJI3vrBuuiHlBPxUblTetgR8sxUv_xumwDIi09IPm6dT7amYK7TjR4YGDd7lBu3DL-1DDZFXQxgNyNUELG4oaxImlMnTqh4NOIC3xZFdC5XT2VSTFhaQV3iQ8_v4LPve9pJ9WbhtutvK5p-tKRlySsmCaWa7xQO1Lk6pA1y7Yspqig6xErn6Kf1f8fxvsB1VulrbqPMJITbow8UfhpBs1fp9eu3ZD-znJ-wamJrBnZPmTyfABbELVtyOeaiWUrmAYRBhRKcqhhdfQ2-57jsZIi1BkfWuA2qq17TymvUY3ag_VFGMEPkKKsZMO6ivPoBo6ya95WTkdv79BEcrtkKGH7j4G&cid=CAASJORoCuhInxkvkhSKkDOGIKkUbbsbs8wfH-PN6V9TYBmlsM6fog
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame EAD9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CFf9QW2ylYtyuJ9Xjx_APosyhgArk5IeJaoiWvL_kDfqd3KDUARABINLIxnxg7QSgAaTvn-0CyAEGqQIxo2tP7aWxPqgDAaoEkwJP0AYCf7qfJA_SOPrwh0grx2n9cY5CIDP7zsh--qSzXLg9VKUNTxoAzT7l7GioFWMfCkmwd-Hte1kmb7hItKETCyRm9P7-De5NbJFuZNQUbYj22Px73QzySykCDE4ywas_E3r3qcE-hV6UJv7-4qZBfR92PRgMTIycSc_Z0RTyE3uFivWPfve7nGlLxlzKbLlq6_XEsIcRn-93pXcftDad1qnEYB18COkcTd48wh4qL7qCft2XpQgUHTOr7sQTPoh0TgDaSHc8m-_T79AqLwyOSv4_fbM0WDFe87TgCqOXygcpInoxZK3vkhxkLEmNjxV7DHiwlcMYwSXeSFseZcUX9kECuu446P8pNr0_8NfZJH-DCcAE7LnV5ZED4AQDiAWKvoqiJpIFBAgDGAGSBQYIGxADGAGSBQQIBBgBkgUECAUYBJIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGN4AHxJDgkgGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHChCTmBAY9_fcrAHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTI5NjAwNjM1NDAyMTI3MjiACgPICwGwE8-usQ_IE9WPzwjYEw2IFAPYFAHQFQGAFwGyFx4KHAgAEhRwdWItMTI5MDk5NTkwMTkwNTU4OBi7iXY&sigh=sf41cTrM1HY&uach_m=[UACH]&cid=CAQSOwCNIrLMpJOQNrZursHCkl5ep1z15u0TYaCInaPVfCiaq-HXQzAJJDNT2P7l59yi7feCTKNTTIyjyywj&template_id=509&vt=10
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers
sd
us-u.openx.net/w/1.0/ Frame CE65
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKyGAjO-AeCvtTKVpO2H8g0&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKyGAjO-AeCvtTKVpO2H8g0&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1Ahi-8Nu2ATAB&v=APEucNXTnD6XGKGE1jlumrjzsNacjAryCpiUKtOsK41Dx177tB8_Kt2P9I76527CzxSsuo-7V-z6kifVETKYy0yE9ILZr8CDdNVCH3CYwSqbvyMgw5tnEFvR9hwnnDktOAw91Yjaflxx7iH0cun2q_NFanBhdL1cr440AcnLjPMH4ugSRvfDGl8
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKyGAjO-AeCvtTKVpO2H8g0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame CE65 		43 B
306 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1Ahi-8Nu2ATAB&v=APEucNXTnD6XGKGE1jlumrjzsNacjAryCpiUKtOsK41Dx177tB8_Kt2P9I76527CzxSsuo-7V-z6kifVETKYy0yE9ILZr8CDdNVCH3CYwSqbvyMgw5tnEFvR9hwnnDktOAw91Yjaflxx7iH0cun2q_NFanBhdL1cr440AcnLjPMH4ugSRvfDGl8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame CE65
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEGFz6ftOTg_o5kjUi8hS1iA&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEGFz6ftOTg_o5kjUi8hS1iA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1Ahi-8Nu2ATAB&v=APEucNXTnD6XGKGE1jlumrjzsNacjAryCpiUKtOsK41Dx177tB8_Kt2P9I76527CzxSsuo-7V-z6kifVETKYy0yE9ILZr8CDdNVCH3CYwSqbvyMgw5tnEFvR9hwnnDktOAw91Yjaflxx7iH0cun2q_NFanBhdL1cr440AcnLjPMH4ugSRvfDGl8
Protocol
H2
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 12 Jun 2022 04:32:28 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEGFz6ftOTg_o5kjUi8hS1iA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame CE65 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJS2MhCOh8X1Ahi-8Nu2ATAB&v=APEucNXTnD6XGKGE1jlumrjzsNacjAryCpiUKtOsK41Dx177tB8_Kt2P9I76527CzxSsuo-7V-z6kifVETKYy0yE9ILZr8CDdNVCH3CYwSqbvyMgw5tnEFvR9hwnnDktOAw91Yjaflxx7iH0cun2q_NFanBhdL1cr440AcnLjPMH4ugSRvfDGl8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-242-245.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sun, 12 Jun 2022 04:32:28 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4475 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Origin
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 17:58:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
38014
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Jun 2022 17:58:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/elements/html/ Frame 4475 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfE28bXHkSA0xV5vWCWceGXPnGBqHm2KDVpH3eTMxYJrK0SmzzJiE8VKxLL8gSeHRhXeqhJcp6toh4uOySH3tmZC-uVsKT87rnyhirzEVAhjK2Z9mRj0zinrkG9cpiVigZdc3Cs5OJHAkx55X8xfgFO1BowA&dbm_d=AKAmf-Ajh1E9nCqE7bZVblHREG6XzVbUxHaMT6KhiAuYVNa2BuHrL2qiJ1hO9xUKTxvo4QBBdPgbpJAmzyoa-TJLNdTj08UaTnySMmwLav1FHUjowatVs_w92qzO13V1CaAD1hg4gxtkyTFcmMeykxYgHUvOoOVwP_GqwffOnrZGHITo6Jv4o_iCPvjWopzJrJXnFgCYeTAfCoLj2gI00gN_de_cG1T09oAClWC6STHBQ9QYTFb7P9-lqCS2A-d_5pGFM5fEW9G-SE-i61_oq3K0hDQ159F_lxpw7T0TbS8I507Z7QQMq99nKxEeQzB8IRhvpiayH1ozywZ9FOp68j5r3XDHajdGNDlA-EyNRpz8Pe59JaYiqqRPIGm3afxiA_TOCSnFGuX3fXaPJsCZNwHefFq1KV235dwON-EKRiBeEernR6G-saEEGRb7rZgwQVRXvMK-o_AjnDhH3yj9bE1h65uZz-4EH4XBfsVfAVQoCxEEScWYDrbS3JUAjGN0Yl4m3E_bhwXqjicguDCp8hQb5hJ9DwSUjcyBpz4PkPnnS4hCKVHkYcZPnjELLzt20nNLEq2hohtnpFn9OXWgEFWm7k-r-c4aYA20sKZAuAEA2vShEppREekbGTMm5suRqHz5Ok1cmD-ZZnfK9DZss0lZCzsj2fOJPHGVbpwBbZzQZkSgR9D30Ha1tulJpmIlSvTwo04AP8b83zT1vUYXpCV9dgQMRAufrvo_ImSh38EpxwFcx_AQWem9yWYd401dOXQI5wV8_2_Rr2gRyB5gXYrvfhOOB9dUy0H5h4__RMSCR3IGfT7Cxjcjfz2cuAXw-cThKrsqr7CPfpei75atDauLuKYdBfCrrTHT91xZSiGpRNgsssqdYzQEtY2yH-hwhuXC92VI8qDSLgjl3JOKuLYLPz9cXvkxtoDErRmPqgR2rN3_RnOkpkmXEhl1j_jcbvhbU06gcvnMXO2GL2jGb-uwNUu9Z3JvLslMe6IEW8HOOD78CwPXn5JL3YxjXbopTJXugPMNCVHhcxGlqsVOwg_J2czHdThskdfgEyq3D31IABYOfu9YbuPWYE5_2Py7rexZop0zOVL4o5ZOCom2ZriqmFSrVE5csyboASgDwsvdPoe_FpNcFygeUboU9cgQD2BvsFoO9l1Tf25ovPDaCTy8ooa3GDdJI0FQzb4_6gjGQeGvqrQEoR1VChp9D_FmVjaTY-fx038we-kojFGWyiGJQXvj4UjtPRDJY5Q2S0_Q3dWdwDN9uXlQlIEM-tjijOCcUfrJOJyceFP_-UY9Gm42QRIDcYrF8VVEJEFNeSxwBTydznDpSXD5eri8ahi2JJfDs30PT6gpIUTGR-9QBfe9Gn5ctozcNLZsxWD3gCm3pJOIx9pBIEcbUMbzXgqhvxpBvVoJaVgzpFSnxhiePhpiJx77nys3QhRpi1WHfTnowdBA08lGzIaB-P0eb3BNRpuvcuRhnFI702L6vkHwRmNYsg_piu4SQMhl3vIHvfPd72WHMQ8nbPUiIsSYGkTNTMRwnFgXdNZx7vaHFpnJ9Zvk-vr23l3Z9xpNez2yig8pXkbGyEE0JbekNMv8uGZJoeBOw8ytRdB5fnVGplPEDQn94n-G5M9v3tNjixkcHJ0-9CjzWP8Cqq_bI3beqw8omVXHIAgXPTHPCsURYCdKL7F6uOfvSWAdhBMHb9rHEOeHYRkb9JlIhJyQXTPFqcw1XFwfmvxV__V555kRsC57iovBQ-cjYGY1bEgKQ9nW34oaIgQ4yb-PbLJmW5k7K185DnW9ZHMHEF5IjBq6xRf2morde5EGXWSta3da6usau1XFFDQhfWbIf2OBZjTYDyo3PL_t69EcYQFC1-1Fws4gNMeVzHk2PEk_HrpNVH-vsgqtJSg5WpxFOKwN0bKdiNOSgdec6sYPv25uypuY6IZTssOi0n4hVofYh2DDEFc-TKfnmvQRiHyPjs5Kb-WtihkAu5HWLLJ0AgBVhBF-N45FRXWqgdApaXqDrP9gd149K4f0V7pXGPpE49GYtO0yzoiph2bHoJbDxMIj4a8v_Ae8LmhE6sDXzFxxaAKapqS-rPPzHwh9QlAbHsBp7JW1_qWv0IdesFO0Sqh7JQEP-GuAWkujqkVLo1lCOdFCNnaYp68xDxYiURbQ14yj04mRGCiwrKV-WGh6ItCuOnY3g_8R1_8f1PqRhYvTqHfmrkU14137m1BeIlQ4OR3CfUTdXcIptstQjURDZsW8vP125uTkUTZXGnp6bjLQDV2C8Mw-z5bO8LG8qUMcLg_VCdEQGHF0cPvXcAbxNTBnifntl2h9bA3n1_rwwLFFFPSvrpaT-Nnpgxq9AMMhJxo6S4U7_5ttwVim2gTWDXWqaOP9zg1tib1fuNhJFRqInF2SNKxixxMFkYEAnaIIqi2Mu1QhUUAn61d2t1xWzztUYpXnEhMZBmGYA-e49tgPeKBd-kSqUM3a-Kj8pXqRLB4Xci29_Tc9zbBQqzlKNYtipXVPm_f7cQoReu-yqbohEEypiKMamMuXTzXVSxdw8YeARI1hpIHzoZuTrFThZs4z88Oc1eOLSZVau2w_fLYfd8BCKp03mrE2y88EF82ur77R2xJ8zxb8FplmEi9UwWUmBJhiSFtt2OZ5qOj_3tWu2Q48fwKz3rLbHgE0mibDktnll-5cDO0OCz3VTM1uHptngO2AzRIIq9LXQPreFrwJ9YoS3rAKKP7HEOjz_rCbeqgC9gGNb0iIHYUUAE-ao0sJc4Chaghh7OOuCG-eUswHd2eK7JHT5qnIBE5CvQWE_ZgdXr5eFXffZkC0FR10B8x0jX9W2-lIiG62OAeevCqAeLQitkqcjEOwIi9167e9OoP0gJiMwGjBGEIxztkmJA1SQ3Nl-p9znUPVdnQjHxaEXd3XPO41iCjjXhgMRIpL1n-8JnlCmrmyKGIpeph4R9xg-2ykAYMLpTEKeSZv7c2AsqWh8NzeQplb8E9-BMGKZVdgaz1hPiC272ESFQQiop9j8K0xITY3NsQvHWY-xWEwSOEgt8NPStE_h5MyABr2ShgNsRk_8fksV-wCHMcN8-PSKyLlOaHXD6D0zPsqHhf9CnxOzu1q9OqYya43uFll8mblaYKz0HhV_n3zwNAdo5sZe25eh5wUEbP7b1ilwAGq2M7qX1J6OeGBFEeJv-9ejS4iode-JD6qBg3YkKsjiZe-EdrN_NLNTGJqLhufsd8iBdyByIOh52gzlxMcyZcnkg3Uh3ningCtHhNgDRJXdYrPZ5AmxH9lKft-rWeGsuSumHRvkmp8EnUsT9H5Y0g280ziyxVshLmtBxnIxmMS_kkkyDwAMdKsV95_zY5BEKc-GnbcsDNa06nbvGQf_BC-izpO5vFy9P5E26_OrasTl9UFKb6kZ0ldsCjANgBxQ7c81D0fry315M0EOBVBuXCoIWh4bzA2QNyedwUdQMe2kYdMOgfTTUEg4pmPry--FVSKpJIL0KmMMSbZxzaf4oQkeuUT8kRnB572vdgE1FwGLHYD0Q7oreB0umiYRKSBmOw4e0y46d3FToxwxFhTumGQ9GfAGa8EzMTw8-WSnUT0BIecZWdAIIl5e5UMrLSEELaaru4jgAJAE9vkbZv_xXMVMCnNH9PSZNy58SGVCshvGY6y&cid=CAASJORooI9_SMdp6T0yPe6n5EALYs4FjJTWJ2xvjz6HOPEtTD2Mrg&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:16:57 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame 4475 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BfE28bXHkSA0xV5vWCWceGXPnGBqHm2KDVpH3eTMxYJrK0SmzzJiE8VKxLL8gSeHRhXeqhJcp6toh4uOySH3tmZC-uVsKT87rnyhirzEVAhjK2Z9mRj0zinrkG9cpiVigZdc3Cs5OJHAkx55X8xfgFO1BowA&dbm_d=AKAmf-Ajh1E9nCqE7bZVblHREG6XzVbUxHaMT6KhiAuYVNa2BuHrL2qiJ1hO9xUKTxvo4QBBdPgbpJAmzyoa-TJLNdTj08UaTnySMmwLav1FHUjowatVs_w92qzO13V1CaAD1hg4gxtkyTFcmMeykxYgHUvOoOVwP_GqwffOnrZGHITo6Jv4o_iCPvjWopzJrJXnFgCYeTAfCoLj2gI00gN_de_cG1T09oAClWC6STHBQ9QYTFb7P9-lqCS2A-d_5pGFM5fEW9G-SE-i61_oq3K0hDQ159F_lxpw7T0TbS8I507Z7QQMq99nKxEeQzB8IRhvpiayH1ozywZ9FOp68j5r3XDHajdGNDlA-EyNRpz8Pe59JaYiqqRPIGm3afxiA_TOCSnFGuX3fXaPJsCZNwHefFq1KV235dwON-EKRiBeEernR6G-saEEGRb7rZgwQVRXvMK-o_AjnDhH3yj9bE1h65uZz-4EH4XBfsVfAVQoCxEEScWYDrbS3JUAjGN0Yl4m3E_bhwXqjicguDCp8hQb5hJ9DwSUjcyBpz4PkPnnS4hCKVHkYcZPnjELLzt20nNLEq2hohtnpFn9OXWgEFWm7k-r-c4aYA20sKZAuAEA2vShEppREekbGTMm5suRqHz5Ok1cmD-ZZnfK9DZss0lZCzsj2fOJPHGVbpwBbZzQZkSgR9D30Ha1tulJpmIlSvTwo04AP8b83zT1vUYXpCV9dgQMRAufrvo_ImSh38EpxwFcx_AQWem9yWYd401dOXQI5wV8_2_Rr2gRyB5gXYrvfhOOB9dUy0H5h4__RMSCR3IGfT7Cxjcjfz2cuAXw-cThKrsqr7CPfpei75atDauLuKYdBfCrrTHT91xZSiGpRNgsssqdYzQEtY2yH-hwhuXC92VI8qDSLgjl3JOKuLYLPz9cXvkxtoDErRmPqgR2rN3_RnOkpkmXEhl1j_jcbvhbU06gcvnMXO2GL2jGb-uwNUu9Z3JvLslMe6IEW8HOOD78CwPXn5JL3YxjXbopTJXugPMNCVHhcxGlqsVOwg_J2czHdThskdfgEyq3D31IABYOfu9YbuPWYE5_2Py7rexZop0zOVL4o5ZOCom2ZriqmFSrVE5csyboASgDwsvdPoe_FpNcFygeUboU9cgQD2BvsFoO9l1Tf25ovPDaCTy8ooa3GDdJI0FQzb4_6gjGQeGvqrQEoR1VChp9D_FmVjaTY-fx038we-kojFGWyiGJQXvj4UjtPRDJY5Q2S0_Q3dWdwDN9uXlQlIEM-tjijOCcUfrJOJyceFP_-UY9Gm42QRIDcYrF8VVEJEFNeSxwBTydznDpSXD5eri8ahi2JJfDs30PT6gpIUTGR-9QBfe9Gn5ctozcNLZsxWD3gCm3pJOIx9pBIEcbUMbzXgqhvxpBvVoJaVgzpFSnxhiePhpiJx77nys3QhRpi1WHfTnowdBA08lGzIaB-P0eb3BNRpuvcuRhnFI702L6vkHwRmNYsg_piu4SQMhl3vIHvfPd72WHMQ8nbPUiIsSYGkTNTMRwnFgXdNZx7vaHFpnJ9Zvk-vr23l3Z9xpNez2yig8pXkbGyEE0JbekNMv8uGZJoeBOw8ytRdB5fnVGplPEDQn94n-G5M9v3tNjixkcHJ0-9CjzWP8Cqq_bI3beqw8omVXHIAgXPTHPCsURYCdKL7F6uOfvSWAdhBMHb9rHEOeHYRkb9JlIhJyQXTPFqcw1XFwfmvxV__V555kRsC57iovBQ-cjYGY1bEgKQ9nW34oaIgQ4yb-PbLJmW5k7K185DnW9ZHMHEF5IjBq6xRf2morde5EGXWSta3da6usau1XFFDQhfWbIf2OBZjTYDyo3PL_t69EcYQFC1-1Fws4gNMeVzHk2PEk_HrpNVH-vsgqtJSg5WpxFOKwN0bKdiNOSgdec6sYPv25uypuY6IZTssOi0n4hVofYh2DDEFc-TKfnmvQRiHyPjs5Kb-WtihkAu5HWLLJ0AgBVhBF-N45FRXWqgdApaXqDrP9gd149K4f0V7pXGPpE49GYtO0yzoiph2bHoJbDxMIj4a8v_Ae8LmhE6sDXzFxxaAKapqS-rPPzHwh9QlAbHsBp7JW1_qWv0IdesFO0Sqh7JQEP-GuAWkujqkVLo1lCOdFCNnaYp68xDxYiURbQ14yj04mRGCiwrKV-WGh6ItCuOnY3g_8R1_8f1PqRhYvTqHfmrkU14137m1BeIlQ4OR3CfUTdXcIptstQjURDZsW8vP125uTkUTZXGnp6bjLQDV2C8Mw-z5bO8LG8qUMcLg_VCdEQGHF0cPvXcAbxNTBnifntl2h9bA3n1_rwwLFFFPSvrpaT-Nnpgxq9AMMhJxo6S4U7_5ttwVim2gTWDXWqaOP9zg1tib1fuNhJFRqInF2SNKxixxMFkYEAnaIIqi2Mu1QhUUAn61d2t1xWzztUYpXnEhMZBmGYA-e49tgPeKBd-kSqUM3a-Kj8pXqRLB4Xci29_Tc9zbBQqzlKNYtipXVPm_f7cQoReu-yqbohEEypiKMamMuXTzXVSxdw8YeARI1hpIHzoZuTrFThZs4z88Oc1eOLSZVau2w_fLYfd8BCKp03mrE2y88EF82ur77R2xJ8zxb8FplmEi9UwWUmBJhiSFtt2OZ5qOj_3tWu2Q48fwKz3rLbHgE0mibDktnll-5cDO0OCz3VTM1uHptngO2AzRIIq9LXQPreFrwJ9YoS3rAKKP7HEOjz_rCbeqgC9gGNb0iIHYUUAE-ao0sJc4Chaghh7OOuCG-eUswHd2eK7JHT5qnIBE5CvQWE_ZgdXr5eFXffZkC0FR10B8x0jX9W2-lIiG62OAeevCqAeLQitkqcjEOwIi9167e9OoP0gJiMwGjBGEIxztkmJA1SQ3Nl-p9znUPVdnQjHxaEXd3XPO41iCjjXhgMRIpL1n-8JnlCmrmyKGIpeph4R9xg-2ykAYMLpTEKeSZv7c2AsqWh8NzeQplb8E9-BMGKZVdgaz1hPiC272ESFQQiop9j8K0xITY3NsQvHWY-xWEwSOEgt8NPStE_h5MyABr2ShgNsRk_8fksV-wCHMcN8-PSKyLlOaHXD6D0zPsqHhf9CnxOzu1q9OqYya43uFll8mblaYKz0HhV_n3zwNAdo5sZe25eh5wUEbP7b1ilwAGq2M7qX1J6OeGBFEeJv-9ejS4iode-JD6qBg3YkKsjiZe-EdrN_NLNTGJqLhufsd8iBdyByIOh52gzlxMcyZcnkg3Uh3ningCtHhNgDRJXdYrPZ5AmxH9lKft-rWeGsuSumHRvkmp8EnUsT9H5Y0g280ziyxVshLmtBxnIxmMS_kkkyDwAMdKsV95_zY5BEKc-GnbcsDNa06nbvGQf_BC-izpO5vFy9P5E26_OrasTl9UFKb6kZ0ldsCjANgBxQ7c81D0fry315M0EOBVBuXCoIWh4bzA2QNyedwUdQMe2kYdMOgfTTUEg4pmPry--FVSKpJIL0KmMMSbZxzaf4oQkeuUT8kRnB572vdgE1FwGLHYD0Q7oreB0umiYRKSBmOw4e0y46d3FToxwxFhTumGQ9GfAGa8EzMTw8-WSnUT0BIecZWdAIIl5e5UMrLSEELaaru4jgAJAE9vkbZv_xXMVMCnNH9PSZNy58SGVCshvGY6y&cid=CAASJORooI9_SMdp6T0yPe6n5EALYs4FjJTWJ2xvjz6HOPEtTD2Mrg&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10548
x-xss-protection
0
server
cafe
etag
12800787445863738695
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:28:24 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame CBEB 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BebSvjhaF9Op0sK-7S4DTcVT5t2NDZsj4Cjo9ojs27EValXQo-qxbIV6BXfm5xAGeLoRwn_tYOrBTo4qQQHoi7yQVjLOoqeeVtD31afaBO9gP7IBubsvF8tNELtiT-SU6YI9MAtJAk4UPW_eeHcZ5XAtaP2Q&cry=1&dbm_d=AKAmf-DX6gEw-GdO2N00o60FiFo_rFvFnVgXVpMhe85Yu4JhLRE8ktqDgH2HTjmMzgzpcZxVl1ZZb9nhVUFMmqMMMzGTIIpSUF7B0uotdiSVaTNyL9HR5nZwM7YUTGbOiLX8OdoSF51U3g0McVRQitRPyxu9rURfSOczHHV351BdkKOgj-unbLcIjy2e3p86_5_5_pJn5kuWmrG3NbKBYLXommQmB-gUhSRW5_uDsCZT1ika7gR24CxD_CwH4CsujSQA4pDpGV460OuVXXFRLINCpy6yBEY03m1whpe3iXhamxHQ7NAr3dB2ahYbUrR6k3o_xBsuvJcBvG1l4-bSFsEE4RrnDycg64tq9zwsB5xacoCbQ4ltBu0Q6KvIkLq1hfOCj5rETSz7knbJqYN7vXx2FF8kd85JzPN7SQuvjLiJXeuC8C97aE91dFJn19Tr4BnpGWwbeMUkEgT2RNhoy7LvTXfmWb71psrjXRvI5unn6NvG7CDpisg7TmZhYA7kjp33NuiyoUrs8ggGf3uF7i4ML04C8NN_O7e5oLeue5vIQ_-VnXYlZ5sDhsYOvS4Gx324KHNuemYKLWrL-Cz-VgdNt9U6lO3-xMSjH_ICODZ2fziY84RBZI8ZpxrW8bowIBOyc7qdTzfE4K0vig3dXhZfHvWih-MK1QZSbgnxHybXcsH0MmfBiOFrfazm3aBurBsDxoh_nJZXY3wjmDvkjXypv7sYM2sxU-UpCUTsxug-9RQjjdrgYzKZaAYIE3Vg-aFrP5Vl95Hxx2UK3OrdvDkAlqnN8CGqHHC6CJ6tuP36EueAdGwsNK36WVN8S2cIulSptmstIgo87T9d_Uwtt7977DDPiJ4EifYLaLfqKDBWKjo8XnvXa-NihpQb2A9WHvDGhCjBkjMyPuYs-wuMz5zUNT5PyTqxmC6JMshsYeDn1ShJaRCnsDPykAYo-_IokM1s2dXm91UEq4gy2NcFHYjMNgHSAfg70Ehmq2DJLcalKP39ahnVbzttb6uxMOS9IFcbo-nxDGXKv8NAo0YxcixL5I0om5_ZeYtZFlH5yTqMZXoyY3H54WAOnvv0B-DCEAXIMdvgo7neys0yMI0oFkH3vRFGv-R_AzZB6m-PUXw-ZVpQFxGtmp9S8XC27ZLDSsXXU7oWTnLuaQf5CHsEpxbdehzOlbHSKnAzq8tYdIvw3vK8eWO1KwVeD2sGzl67l_oXcp2xshvohOiiziQiK9L6H4dgAMayZBzmRPIq8dP1XpEwctx3CUmpd_IgqHXLKDJbbAeihk8gEv1kBHUVKDXTiapLmE05NN_e6xJ7z7eawkBBNsbCJt_UZD0mDJr0ectCOMdh28xbSyiMJeVLBBPM_VQtfleID27jiK0j7wQvxxLhPpKXYvLADjWWjF6kE8ihv5GPcImnD-2AWkAH1QuMbs35DeHGb7SsecNGk5MmtEISNK9J4V2Gaaevf_VDAHXCXGgKc-w7MsykwzHUh4T3vGO3AXtaF4KUXOfc2P6a0MOaOdyKFLYmHIa3lMuYB-Br2OKbt8imPunXwQDxwM4bFGqD0K5AtRVX3oewgBtjzSInbjLG4wQYBs7CRygLWO_3mOFHXMcvZ9ZIT431qBk2saLS8CzPB7vQgMgCvnobm2G6iLx_ijlczPr62Qt0MPS1PiDGBQuUMUXDrv5kWpOB4fk-85mVsaGFyMapzQrjiZC03vq5p_FpF-irwFwv9fCulFwzSNjbdp61VOL7cHUoC3tDsjfZnNcm8tyvKV3t7vtOMA6vPHaevNFl9aSZ8VMM7dQou4I_Ekci_I79hRMxwvOR-0ZuDMtStH1BM_bH1h76gZMUIJqoPwPb9qasROe1nfEs8I2oS76Q-e5z8iUz0pIRCxv9n72DjUsLpT9M0SHhFgxF1kbnnfHnlj3wL80YizN2XE-lKM77Z2XjI_eh7T2fHWd9V0hSEdxe88jx8ilhN0I5OU1kDKzxRUyAx7xuokh-90yIfA3MK5eXlwsjHRdVYIfS7YK5ulEmtR31-TZab0UOql3qh0WlrHXZENOOxAeHZi9Nc0iMytn29N4PGtZ9EMI-s_m53SRXwCJyPsNB4o8i1aZv2p0fHGo8-S7S2C_WEF5AZCtguwFTha4smYj90zUTivHMwN3tpbhdD2tdMPd0_wqWYMulGjYo6BJDIXLB1ZjpzNMaNpvE3gwARil-GEAmUSDqHVNQfuno_CXND-G5ttiS9Nx-yPxU9SEOMBzXhmk-k1ZInyL2KewKfDxINqQdUa4dIEqS9HKq5AJdF3edmiJB2ztoE1Zd5HHXJnwlw9fB0td7wghgKIvTcDcnqfL27LxlQoJMuWucrm3PB7zBr7vx4wB2yGhcHm9mnMNw2z7jiEIF6BR6tyRiRXaMY5qXnztYkrGjW_dmjN385dnYvIZ4aDM_39LmyIjLItdXfkOom-wfFYwz113fyTikLl7rKX85499KSIdzDg6enGfNUq8iQom18yHfviap6zRHl5b54w_z85bJn-aMjWvIm7wn-AAolnEh3lvybL7IUbviq-xiI2nu6q9Igulzo8UBDwI2brJHCerv4Pq-bHqgeapCoHgh5CRkpYFBH4ui2K0sF7euK7YCjN_G4jsIv7aLuo_JCBui9x4KJJy_cPQ9aXbO-XXRYNVO34zLubnULExGe20_ZObTOG8va0WGDIR7m-VCb7eqHV6jnKswYYBEkKNCbjWwcOMFkC37RQUKAY0aa5H3GakNIFPgoYTdiHuPlte_FGMr2gbimMuqzDUbF09YC4PCR8xR5jyg8lzfBeWmQDpWHmgFTI4NAnpBt_5PQgp-tZy-PETgYqwW0JJemah_M-PlvZU_BvGIc8u1aE-_9G2msjcheuVJcIB5jTfUSGVYq3wJgUr1m0wkaphkkNA1KaP3-6lUvLEc3mHossVRt6RacZnXDErbZT1n0Bc6vjF9ex_66bodpIx7CDX6-KxlBRBVYCYviVQaNnVESNWV9wSrsGOAp4Cuzr3rYCBV2XJoidC2PBOl6MrWnzqkDSp7bf4Lxoh8CAIthEFi7141XTvUxNrqnF5T3EJZlJaUcgkQ3Mu109MBqBLMiA0NHA9t2oyKsfs6Tsng3ihN_1Mz4j4aF0opNhgN9bV6PrbGFT9z-opfFZCje9bhNVgQHH51MkTRrBRujmRwcem21vjltICnovpHh6rT1jF_Tt5rY29F5DH2w6N1Btm-Z-3GnVOFwDSrgNy_Eqa1e8-9FtsTS7rIk0ilElAZNHcwgXNSqlFjDuDGKC7qHXiJpV6DnrSYehGNFIUAeD-gqJVtoTGgVF4ZCIZGK6McsfXssenXwn-vsATy1MxKKbFMZQDPmohvgCQ-CpvjoIjteLuKEnXhGufsNbQrNyyLlk648-wSPyHuSPpQ9eYtsUx-XWN-r0cbM1xWjhnb79pLZ8P-0xwkfUu9UbMYuVcmyZ7b9sW72HTBJq-Fh4G0N7sVnhhe-wQdr-v0QzHwFzhIHCQ-nYSH15gG3wlGfNhxayFGOleHw9oW8CjDLzWG-ALxun6omhaT8Gku7d0kliUYq0VDu-8ygMQ1JeaV8-TI5xQZvX-uWaxBeaWOLOuLocUC0tvY3W8SCgb-Nj9NryHXloVjs6JUOmOUAr01TSXJhKURZCjciM5YeDDOksBP0kok3fjDExKjJqLCiJ0WQsePqpBlM6_NgH15fHpglDiHqskyCkEPZc3FMwtJ900v-y9DOx5Z7ImZEvN8dYgFT4JnlO-A1iPCP24oQZbuj_w-37ti4ceRsI98ESOZHAsDQmHVWODjxiwtJg&cid=CAASJORoRU5RYUfEefjAB-uC3qQ6-ZIayno04pPV9hM8MtrNc2erYA&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10548
x-xss-protection
0
server
cafe
etag
12800787445863738695
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:28:24 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CBEB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BebSvjhaF9Op0sK-7S4DTcVT5t2NDZsj4Cjo9ojs27EValXQo-qxbIV6BXfm5xAGeLoRwn_tYOrBTo4qQQHoi7yQVjLOoqeeVtD31afaBO9gP7IBubsvF8tNELtiT-SU6YI9MAtJAk4UPW_eeHcZ5XAtaP2Q&cry=1&dbm_d=AKAmf-DX6gEw-GdO2N00o60FiFo_rFvFnVgXVpMhe85Yu4JhLRE8ktqDgH2HTjmMzgzpcZxVl1ZZb9nhVUFMmqMMMzGTIIpSUF7B0uotdiSVaTNyL9HR5nZwM7YUTGbOiLX8OdoSF51U3g0McVRQitRPyxu9rURfSOczHHV351BdkKOgj-unbLcIjy2e3p86_5_5_pJn5kuWmrG3NbKBYLXommQmB-gUhSRW5_uDsCZT1ika7gR24CxD_CwH4CsujSQA4pDpGV460OuVXXFRLINCpy6yBEY03m1whpe3iXhamxHQ7NAr3dB2ahYbUrR6k3o_xBsuvJcBvG1l4-bSFsEE4RrnDycg64tq9zwsB5xacoCbQ4ltBu0Q6KvIkLq1hfOCj5rETSz7knbJqYN7vXx2FF8kd85JzPN7SQuvjLiJXeuC8C97aE91dFJn19Tr4BnpGWwbeMUkEgT2RNhoy7LvTXfmWb71psrjXRvI5unn6NvG7CDpisg7TmZhYA7kjp33NuiyoUrs8ggGf3uF7i4ML04C8NN_O7e5oLeue5vIQ_-VnXYlZ5sDhsYOvS4Gx324KHNuemYKLWrL-Cz-VgdNt9U6lO3-xMSjH_ICODZ2fziY84RBZI8ZpxrW8bowIBOyc7qdTzfE4K0vig3dXhZfHvWih-MK1QZSbgnxHybXcsH0MmfBiOFrfazm3aBurBsDxoh_nJZXY3wjmDvkjXypv7sYM2sxU-UpCUTsxug-9RQjjdrgYzKZaAYIE3Vg-aFrP5Vl95Hxx2UK3OrdvDkAlqnN8CGqHHC6CJ6tuP36EueAdGwsNK36WVN8S2cIulSptmstIgo87T9d_Uwtt7977DDPiJ4EifYLaLfqKDBWKjo8XnvXa-NihpQb2A9WHvDGhCjBkjMyPuYs-wuMz5zUNT5PyTqxmC6JMshsYeDn1ShJaRCnsDPykAYo-_IokM1s2dXm91UEq4gy2NcFHYjMNgHSAfg70Ehmq2DJLcalKP39ahnVbzttb6uxMOS9IFcbo-nxDGXKv8NAo0YxcixL5I0om5_ZeYtZFlH5yTqMZXoyY3H54WAOnvv0B-DCEAXIMdvgo7neys0yMI0oFkH3vRFGv-R_AzZB6m-PUXw-ZVpQFxGtmp9S8XC27ZLDSsXXU7oWTnLuaQf5CHsEpxbdehzOlbHSKnAzq8tYdIvw3vK8eWO1KwVeD2sGzl67l_oXcp2xshvohOiiziQiK9L6H4dgAMayZBzmRPIq8dP1XpEwctx3CUmpd_IgqHXLKDJbbAeihk8gEv1kBHUVKDXTiapLmE05NN_e6xJ7z7eawkBBNsbCJt_UZD0mDJr0ectCOMdh28xbSyiMJeVLBBPM_VQtfleID27jiK0j7wQvxxLhPpKXYvLADjWWjF6kE8ihv5GPcImnD-2AWkAH1QuMbs35DeHGb7SsecNGk5MmtEISNK9J4V2Gaaevf_VDAHXCXGgKc-w7MsykwzHUh4T3vGO3AXtaF4KUXOfc2P6a0MOaOdyKFLYmHIa3lMuYB-Br2OKbt8imPunXwQDxwM4bFGqD0K5AtRVX3oewgBtjzSInbjLG4wQYBs7CRygLWO_3mOFHXMcvZ9ZIT431qBk2saLS8CzPB7vQgMgCvnobm2G6iLx_ijlczPr62Qt0MPS1PiDGBQuUMUXDrv5kWpOB4fk-85mVsaGFyMapzQrjiZC03vq5p_FpF-irwFwv9fCulFwzSNjbdp61VOL7cHUoC3tDsjfZnNcm8tyvKV3t7vtOMA6vPHaevNFl9aSZ8VMM7dQou4I_Ekci_I79hRMxwvOR-0ZuDMtStH1BM_bH1h76gZMUIJqoPwPb9qasROe1nfEs8I2oS76Q-e5z8iUz0pIRCxv9n72DjUsLpT9M0SHhFgxF1kbnnfHnlj3wL80YizN2XE-lKM77Z2XjI_eh7T2fHWd9V0hSEdxe88jx8ilhN0I5OU1kDKzxRUyAx7xuokh-90yIfA3MK5eXlwsjHRdVYIfS7YK5ulEmtR31-TZab0UOql3qh0WlrHXZENOOxAeHZi9Nc0iMytn29N4PGtZ9EMI-s_m53SRXwCJyPsNB4o8i1aZv2p0fHGo8-S7S2C_WEF5AZCtguwFTha4smYj90zUTivHMwN3tpbhdD2tdMPd0_wqWYMulGjYo6BJDIXLB1ZjpzNMaNpvE3gwARil-GEAmUSDqHVNQfuno_CXND-G5ttiS9Nx-yPxU9SEOMBzXhmk-k1ZInyL2KewKfDxINqQdUa4dIEqS9HKq5AJdF3edmiJB2ztoE1Zd5HHXJnwlw9fB0td7wghgKIvTcDcnqfL27LxlQoJMuWucrm3PB7zBr7vx4wB2yGhcHm9mnMNw2z7jiEIF6BR6tyRiRXaMY5qXnztYkrGjW_dmjN385dnYvIZ4aDM_39LmyIjLItdXfkOom-wfFYwz113fyTikLl7rKX85499KSIdzDg6enGfNUq8iQom18yHfviap6zRHl5b54w_z85bJn-aMjWvIm7wn-AAolnEh3lvybL7IUbviq-xiI2nu6q9Igulzo8UBDwI2brJHCerv4Pq-bHqgeapCoHgh5CRkpYFBH4ui2K0sF7euK7YCjN_G4jsIv7aLuo_JCBui9x4KJJy_cPQ9aXbO-XXRYNVO34zLubnULExGe20_ZObTOG8va0WGDIR7m-VCb7eqHV6jnKswYYBEkKNCbjWwcOMFkC37RQUKAY0aa5H3GakNIFPgoYTdiHuPlte_FGMr2gbimMuqzDUbF09YC4PCR8xR5jyg8lzfBeWmQDpWHmgFTI4NAnpBt_5PQgp-tZy-PETgYqwW0JJemah_M-PlvZU_BvGIc8u1aE-_9G2msjcheuVJcIB5jTfUSGVYq3wJgUr1m0wkaphkkNA1KaP3-6lUvLEc3mHossVRt6RacZnXDErbZT1n0Bc6vjF9ex_66bodpIx7CDX6-KxlBRBVYCYviVQaNnVESNWV9wSrsGOAp4Cuzr3rYCBV2XJoidC2PBOl6MrWnzqkDSp7bf4Lxoh8CAIthEFi7141XTvUxNrqnF5T3EJZlJaUcgkQ3Mu109MBqBLMiA0NHA9t2oyKsfs6Tsng3ihN_1Mz4j4aF0opNhgN9bV6PrbGFT9z-opfFZCje9bhNVgQHH51MkTRrBRujmRwcem21vjltICnovpHh6rT1jF_Tt5rY29F5DH2w6N1Btm-Z-3GnVOFwDSrgNy_Eqa1e8-9FtsTS7rIk0ilElAZNHcwgXNSqlFjDuDGKC7qHXiJpV6DnrSYehGNFIUAeD-gqJVtoTGgVF4ZCIZGK6McsfXssenXwn-vsATy1MxKKbFMZQDPmohvgCQ-CpvjoIjteLuKEnXhGufsNbQrNyyLlk648-wSPyHuSPpQ9eYtsUx-XWN-r0cbM1xWjhnb79pLZ8P-0xwkfUu9UbMYuVcmyZ7b9sW72HTBJq-Fh4G0N7sVnhhe-wQdr-v0QzHwFzhIHCQ-nYSH15gG3wlGfNhxayFGOleHw9oW8CjDLzWG-ALxun6omhaT8Gku7d0kliUYq0VDu-8ygMQ1JeaV8-TI5xQZvX-uWaxBeaWOLOuLocUC0tvY3W8SCgb-Nj9NryHXloVjs6JUOmOUAr01TSXJhKURZCjciM5YeDDOksBP0kok3fjDExKjJqLCiJ0WQsePqpBlM6_NgH15fHpglDiHqskyCkEPZc3FMwtJ900v-y9DOx5Z7ImZEvN8dYgFT4JnlO-A1iPCP24oQZbuj_w-37ti4ceRsI98ESOZHAsDQmHVWODjxiwtJg&cid=CAASJORoRU5RYUfEefjAB-uC3qQ6-ZIayno04pPV9hM8MtrNc2erYA&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 19:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 19:13:50 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 169B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C76RvWmylYvWnOomCtwf0-4CICYfDh8tqrvT2tq8Pxe6pg80oEAEgxuCLeWC7BqABtYOU1wPIAQmpAsMM_VteqbQ-qAMByAPLBKoE7QFP0FSSjGLyDTDP58JZP6d9LEtG64ut64AzXVudUMhF4zoM2h7Brk9x29b5ZT0_v_TIyL25P3ZikaWUmVVFBoo8OTjUJjxlrJbgROghR17EY-og_Sw4_K9hcAMM9jZwcKrCoe6DtYOoiMxwwZtY9AcTHKtmED4lD07CmHcxMNKateva1i1_hlrzHm7Lt4NJmuoNzBm6Ayt0XarpuRL44soRRM-Lsyno4BMYSi8Mvl7picyqF_WPu-7VZQgiVlDSpRX5l6WfozjuxBf59XiOfqq1mMD8lXPpsVTQnNj-ullFHiEhqvGltGwKzrJUbenABJ6myK_MA6AGLoAH2vq0KKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YBwEAEYH7EJgKJLqtzv5FeACgGYCwHICwGADAG4DAG4E5wb2BMNiBQF0BUB-BYBgBcB&sigh=OO3_t6k2XXE&cid=CAQSGwCNIrLM7-BqkW_4jb8E3899UH7VKw5x2cXC7w&label=part2viewed
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/ Frame 4C87 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyQh-xUw5b6lUb1uph36GbpfYN2KUXlg13sAUWPEemezyfsR-9kLcFlQBg_-qwZFj_zhWfBg47R8P8T1xKDieUygUteFNEUMbPBVGLe5_NbqcH8lZK-7zTAgzutGnaM2oVDvSvZBfrpuqanraTS3-XBea0CQ&dbm_d=AKAmf-DKXCKeUT6E3nLu4HJ-n9NCXmBlkPEbiX2ogUlA4lpWfQk3jRUKHSNyZICst6CIDlXE0H74_FX8NcJ3D7WOglSUio4g4CzKVCNVb1hEHV4XWfLD3lJpqauGzHgaYIzWIZYuEmrqMJlFLmggGwjsWxycgIoVbzjo551jfmL0GCqgATDbYddiIOfCamh5hPV2Jq-zmYnLVfcfWXJA_R6zS03gyfi-BtCbO5ZjzscHdYnIUkydaDz91oghWXeM4iNwGfvn0mMMehLHWrD9GhJhPoHR9uZ8Q_ojz3Ry1cZ4Oy2CGdcbA89qjvIdhrbAkIKpv8GKrEorRS2o3btGjgTyBmqCRU9iCo4GZSLMpJH4USlXaK_f9-aGpg_w_6xQoN7IT1c8QLgShWFJhK-vk2pwm_6WHjklfla3RFiwA8kY43IGZVCeiQ6ue5Foandc8nVn9qThaPPO2whT9Z7G5V5zgAb9dbDhpQwTpWp2PBfIOGCyBS9rEgcGNPPPJzgl8h3bVFFN0KWX6mkumEZ7-N6uD2A0o5qwT0olOkGNbM7hW6LmD8cjBpKcW1-6OHc_AHdB_7vAorDAOzn_59eGmrOspBoyulmrQ92zwEtnheIRpz8bud3TCo9dI1CyYcPBs93_V_cMT4OMijxiiK8CoJPAjJ0DioOv4G5Fbtpp5WVCOgO858NBnRxMJxY4ksoUq-4jTlO0BRgZD5UqqNwTZlFzs4sWPwTbsWzNDdOaDOUqQpK6PLIZYaBhdu79Q_ozjcCXhVow7V9xr-ywY9JyRX12YptjURszQeDIT614zdC031PtXSWVcNovElJ-bP0u52dG6P2O9HM52NWZJqF_zqdZA0wfMZq76mrxIJB1H1sEnAqpol-gpe6No49O6jpN1EbAGdF2D0EaSqBc57lm16cDbAKfBS5uGJZmn2t6BGWrDtw8zY4YLF1-XTZ8nTIgRgemHBOTWtCNNUPhwaT2xUNr2vT8oXnS0Mq_iwmNbvp8JLvH2BrMh14CTW9gii-n_DHyMRvf2YT75hwCdLGVvmJFMRSQRHQMA2VAptPClidWph5LARGlTZywT6ngTJh7aA5elVUy9EM2KUEU3doS0WW0c72rjI11MiU38oxPaySDb3ncU_wK1wtbGWOCaW0QxDGAp5l1Wo9XOwpHZN9fuSYFVcJ5kvyCztBz1bT29exZub830bB6Z0m2Z5femk4u0qElyPT_ixG8VSU8EEsUtCWApsbP4JUT5hLNzwKOkEwg-xt8dABYZ8CLl-9HTah3xYbLlv1JixzxsCzQkchyOuXcP206IHrXFtnn92K7mM9J5jxkg7fCdmSzt98EcU7s3ssc49TTkk056dsB0vdWzsg8Szqj4gFdDWOu2PNc1xNSrJVrTcJyF4OInbpiR-Zv1ikmQp-UwlcGJNWoheGbgorzcs9val73JiITXVoQ3pIMvRpq9LqjakDCe1hm72j11oT6pwYdok5jBxkUn9VciPXHIFUuzoPSMfZl1Yue1dDrs2NfLtIsxicXlMM3ybtB_uMP_l_vWpHfmRlREA9hpBLQ3Z_SMv_jAB_fD3dxr5u4Iz9VzlMslkzNsqqYTgsy3ExJ4Agwrs9D8JdsAqjBT_g4MnvUiOU1aPO5w7as9RoDFDSdiQ5sk65nvAzmKaGv4JuAFcz9gRNMasqV1wwmLsfYHh8DeUYgX_H8OOgjFIJC08Kdd5susfjsZdaR5bfLe4lgfaHWQurSh0FM-1HMO4WZMdfY6ATOhBn9eGk1zTPMV7xQA3KEdBSjseLN_mltwCk5pjSI3C9OXnEOhYQYXxxc4hX0Zifa01dLKRXHONWB2IixJskJ8wE6uQavIqnayglS_hb-a_LnzSEMkUiC3Tz_biBVuDv020-dG3IoIT3kTl9DTXOaTo08BQKuvbU4U3vbC-sI_Nc6GvCY6YsCTf9ceXrodeNg8nNN-CZwmXs9KSVOKKTvuJsmdBlQm0IZKYX3DJ8uSZ-OMke07wiHUn1abYA5ny9af2-jkonPrnkV2ZSntbb4CbCFADBLW-4ofBDo1RHZalXVZx7rCMyqJCxOSIsqZJnr41LczBASFX5CRhKyngWQOX2v3v0ipgoCU_Or_vARkGUD-eeb3guj_McTb5jklfc8CCQTUC1EDcvcuvtU7QQ_Tx3b4zvK8ozfNLrpUw98LCwC9BI_Z7jitnFIiTVVIukcmme7Exxvhxy0vLvEdEeqUYQA7-Q7xrnhRy_2fPEtNxRx5NQGm8dTWTg5IdOgySFNe50MH27Q1hacEdFkaXwhGJzKa6ivRiAsIJ7v1ECML0QgMCyGD04bBrYEZ2PPDl-FRvBLGVMERIrQiHuxErUI9uxomto9q7F-2FXeMtqeH9bcyKSDD7UlmEo65bW1fk8DNqPPoYm4_CaoMsdURUB9WOrx-_44iSBgU7FG9ksK06wOsCse5kcUPj5UiUYrM1V5MSRTRLbNcqwHSLWWHtJPYYNXWwlcgtr1k5phu8iyO6KO5PxCg-thYBB1T6LgfesjaQszBQpnkVNaFEzKfb1864pE42CtVkgQwnnaE4dzOQMO6kRylCrtFbItTzI0aogFXCPP0Al2og_mVKX31IUqGWr5w6BsFHJFlwOmOqFZlaz_T2ok_dUhy18T9RCep0UvBW5FrYSpK9Agk_flCE5UBkYiRZAiBVMCkv9E6Klf9IFE7cS9gQrL4Jdp1LiSQdEB_uA4lWTqXkeB4NTNruHnkaSj7x7ml5aN7e34VMZz-Kv7pNUlZWNdsDyzqfaWhBSUdwuUzE1gMlo6Klvcn2EbXDnHXYM2_BTTZKSwagnPuwDChwYpSQ96vJw48pKaYWxlU1pBjzwvY59xE2-9HgVtTqwTYUBQCXDXHpbroOXCC042e68uDRKuIpOzYxHaJVUUZIPGGDI9tEPHZWRWsDMlHb1p9RUhGObmubdMUmXofn-fUQbR1xwepAgPAZsQG-lH4WiWlW0177sTeHoJLr7hdc6HsWlAfcgc5kO7GoCQqssM5JCeYIvJTgSW69wmqy1pTKNcJt2-ggiVv-zKe-GhRbkEmcFTBa5kUuX-esWP8PqW-UeZmvH27OiWNJ5suHuM2vlkbAkl2S8Lb4l3uOIixZ1k339GMYSIf4xFNmxSDT56eSLzb5awKIM3wVGcPVCEgkKfRGxUMo7GIAVgZP5UzRNZLNZxUvrynbxe2umdnSLYRi9jmfrrN-8-f8ZR9KHWlODq9vJkYEAnpFkzoaZEQREhHp4MOzO_ERWTborT67vzJeBvQc9wYWDHy-JsCoVEztL-b3B4BrxpwJDxVh9pByWIpR5VtjHKHc0BONHt2fE_fsXMjmKDZf_K5W48GdItm2GjLY2SKHeHMwwV2UiLi8KaCdI8lJnChaLfRWzEpb1tKOmRKz7rg2JlRb1_TUUCOg&cid=CAASJORo03UppxorbiWc0GZ2nvNe3XGjrJgtUdImkSp-PEWYG56K1A&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:28:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
244
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10548
x-xss-protection
0
server
cafe
etag
12800787445863738695
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:28:24 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/elements/html/ Frame 4C87 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyQh-xUw5b6lUb1uph36GbpfYN2KUXlg13sAUWPEemezyfsR-9kLcFlQBg_-qwZFj_zhWfBg47R8P8T1xKDieUygUteFNEUMbPBVGLe5_NbqcH8lZK-7zTAgzutGnaM2oVDvSvZBfrpuqanraTS3-XBea0CQ&dbm_d=AKAmf-DKXCKeUT6E3nLu4HJ-n9NCXmBlkPEbiX2ogUlA4lpWfQk3jRUKHSNyZICst6CIDlXE0H74_FX8NcJ3D7WOglSUio4g4CzKVCNVb1hEHV4XWfLD3lJpqauGzHgaYIzWIZYuEmrqMJlFLmggGwjsWxycgIoVbzjo551jfmL0GCqgATDbYddiIOfCamh5hPV2Jq-zmYnLVfcfWXJA_R6zS03gyfi-BtCbO5ZjzscHdYnIUkydaDz91oghWXeM4iNwGfvn0mMMehLHWrD9GhJhPoHR9uZ8Q_ojz3Ry1cZ4Oy2CGdcbA89qjvIdhrbAkIKpv8GKrEorRS2o3btGjgTyBmqCRU9iCo4GZSLMpJH4USlXaK_f9-aGpg_w_6xQoN7IT1c8QLgShWFJhK-vk2pwm_6WHjklfla3RFiwA8kY43IGZVCeiQ6ue5Foandc8nVn9qThaPPO2whT9Z7G5V5zgAb9dbDhpQwTpWp2PBfIOGCyBS9rEgcGNPPPJzgl8h3bVFFN0KWX6mkumEZ7-N6uD2A0o5qwT0olOkGNbM7hW6LmD8cjBpKcW1-6OHc_AHdB_7vAorDAOzn_59eGmrOspBoyulmrQ92zwEtnheIRpz8bud3TCo9dI1CyYcPBs93_V_cMT4OMijxiiK8CoJPAjJ0DioOv4G5Fbtpp5WVCOgO858NBnRxMJxY4ksoUq-4jTlO0BRgZD5UqqNwTZlFzs4sWPwTbsWzNDdOaDOUqQpK6PLIZYaBhdu79Q_ozjcCXhVow7V9xr-ywY9JyRX12YptjURszQeDIT614zdC031PtXSWVcNovElJ-bP0u52dG6P2O9HM52NWZJqF_zqdZA0wfMZq76mrxIJB1H1sEnAqpol-gpe6No49O6jpN1EbAGdF2D0EaSqBc57lm16cDbAKfBS5uGJZmn2t6BGWrDtw8zY4YLF1-XTZ8nTIgRgemHBOTWtCNNUPhwaT2xUNr2vT8oXnS0Mq_iwmNbvp8JLvH2BrMh14CTW9gii-n_DHyMRvf2YT75hwCdLGVvmJFMRSQRHQMA2VAptPClidWph5LARGlTZywT6ngTJh7aA5elVUy9EM2KUEU3doS0WW0c72rjI11MiU38oxPaySDb3ncU_wK1wtbGWOCaW0QxDGAp5l1Wo9XOwpHZN9fuSYFVcJ5kvyCztBz1bT29exZub830bB6Z0m2Z5femk4u0qElyPT_ixG8VSU8EEsUtCWApsbP4JUT5hLNzwKOkEwg-xt8dABYZ8CLl-9HTah3xYbLlv1JixzxsCzQkchyOuXcP206IHrXFtnn92K7mM9J5jxkg7fCdmSzt98EcU7s3ssc49TTkk056dsB0vdWzsg8Szqj4gFdDWOu2PNc1xNSrJVrTcJyF4OInbpiR-Zv1ikmQp-UwlcGJNWoheGbgorzcs9val73JiITXVoQ3pIMvRpq9LqjakDCe1hm72j11oT6pwYdok5jBxkUn9VciPXHIFUuzoPSMfZl1Yue1dDrs2NfLtIsxicXlMM3ybtB_uMP_l_vWpHfmRlREA9hpBLQ3Z_SMv_jAB_fD3dxr5u4Iz9VzlMslkzNsqqYTgsy3ExJ4Agwrs9D8JdsAqjBT_g4MnvUiOU1aPO5w7as9RoDFDSdiQ5sk65nvAzmKaGv4JuAFcz9gRNMasqV1wwmLsfYHh8DeUYgX_H8OOgjFIJC08Kdd5susfjsZdaR5bfLe4lgfaHWQurSh0FM-1HMO4WZMdfY6ATOhBn9eGk1zTPMV7xQA3KEdBSjseLN_mltwCk5pjSI3C9OXnEOhYQYXxxc4hX0Zifa01dLKRXHONWB2IixJskJ8wE6uQavIqnayglS_hb-a_LnzSEMkUiC3Tz_biBVuDv020-dG3IoIT3kTl9DTXOaTo08BQKuvbU4U3vbC-sI_Nc6GvCY6YsCTf9ceXrodeNg8nNN-CZwmXs9KSVOKKTvuJsmdBlQm0IZKYX3DJ8uSZ-OMke07wiHUn1abYA5ny9af2-jkonPrnkV2ZSntbb4CbCFADBLW-4ofBDo1RHZalXVZx7rCMyqJCxOSIsqZJnr41LczBASFX5CRhKyngWQOX2v3v0ipgoCU_Or_vARkGUD-eeb3guj_McTb5jklfc8CCQTUC1EDcvcuvtU7QQ_Tx3b4zvK8ozfNLrpUw98LCwC9BI_Z7jitnFIiTVVIukcmme7Exxvhxy0vLvEdEeqUYQA7-Q7xrnhRy_2fPEtNxRx5NQGm8dTWTg5IdOgySFNe50MH27Q1hacEdFkaXwhGJzKa6ivRiAsIJ7v1ECML0QgMCyGD04bBrYEZ2PPDl-FRvBLGVMERIrQiHuxErUI9uxomto9q7F-2FXeMtqeH9bcyKSDD7UlmEo65bW1fk8DNqPPoYm4_CaoMsdURUB9WOrx-_44iSBgU7FG9ksK06wOsCse5kcUPj5UiUYrM1V5MSRTRLbNcqwHSLWWHtJPYYNXWwlcgtr1k5phu8iyO6KO5PxCg-thYBB1T6LgfesjaQszBQpnkVNaFEzKfb1864pE42CtVkgQwnnaE4dzOQMO6kRylCrtFbItTzI0aogFXCPP0Al2og_mVKX31IUqGWr5w6BsFHJFlwOmOqFZlaz_T2ok_dUhy18T9RCep0UvBW5FrYSpK9Agk_flCE5UBkYiRZAiBVMCkv9E6Klf9IFE7cS9gQrL4Jdp1LiSQdEB_uA4lWTqXkeB4NTNruHnkaSj7x7ml5aN7e34VMZz-Kv7pNUlZWNdsDyzqfaWhBSUdwuUzE1gMlo6Klvcn2EbXDnHXYM2_BTTZKSwagnPuwDChwYpSQ96vJw48pKaYWxlU1pBjzwvY59xE2-9HgVtTqwTYUBQCXDXHpbroOXCC042e68uDRKuIpOzYxHaJVUUZIPGGDI9tEPHZWRWsDMlHb1p9RUhGObmubdMUmXofn-fUQbR1xwepAgPAZsQG-lH4WiWlW0177sTeHoJLr7hdc6HsWlAfcgc5kO7GoCQqssM5JCeYIvJTgSW69wmqy1pTKNcJt2-ggiVv-zKe-GhRbkEmcFTBa5kUuX-esWP8PqW-UeZmvH27OiWNJ5suHuM2vlkbAkl2S8Lb4l3uOIixZ1k339GMYSIf4xFNmxSDT56eSLzb5awKIM3wVGcPVCEgkKfRGxUMo7GIAVgZP5UzRNZLNZxUvrynbxe2umdnSLYRi9jmfrrN-8-f8ZR9KHWlODq9vJkYEAnpFkzoaZEQREhHp4MOzO_ERWTborT67vzJeBvQc9wYWDHy-JsCoVEztL-b3B4BrxpwJDxVh9pByWIpR5VtjHKHc0BONHt2fE_fsXMjmKDZf_K5W48GdItm2GjLY2SKHeHMwwV2UiLi8KaCdI8lJnChaLfRWzEpb1tKOmRKz7rg2JlRb1_TUUCOg&cid=CAASJORo03UppxorbiWc0GZ2nvNe3XGjrJgtUdImkSp-PEWYG56K1A&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
931
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:16:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4C87 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNXGwMKzPlDFchxulkiZ_uL4OVo4ZQ8RZzO0XQlddEZIkGv_fMq0rWyQHKc59gTDk4o9LR1Z1inRi3Ucv9QtBW8NyxEVTOvDS3YrmoVdEW5Lgt8LHiKr9vTP-EuZooe53E-xVf109cw2tKk7tRCLMDzJTcH7IY-vvpLm8Wsmiy41YzqBtE6BxgxjcfK9jUQr4UXbZIL1DIbMYkhYiJzvf_CBW8aC7FyChiJ6eYTO58FlSz8gFUquangLZj5QHVwukQfx06u_dQ1GCDR4-_pZczm6a_0zSHI_3IhiixuZgAw2UuhmzAyxf-rSpHufBkVRyZzz8ivQo8tIWY78Ejs3y_RtsP18pDgBmqzUnqLIfqxBhn0ks8-V4-JJ2HPyoTBzl_I_PtbciLTY8QkxXMGvCwMqsNWZMCpvSXGaJcBDNgozTpeAcgjZZucia5QC9k0-fE3gIS3WYrakd87IVWzQOaNZxb243pPaJJ90xAIgB-fOu56xzFXDgDD1ek8WsSQHzM8yjektm5pna3DvLaZFX63tokywvGX0W5CYPMUypKnRgROiUFT8Szcvbr_6lkVGvjkLyQl1WRHZ4Go5PQbqAWQoWMdd1ukRchwaFx2rryvXanZaAz0fHu3jGGl45htIq18G8wrRZKkSLf5DC0J1YbwckjIm6wBtq48SzqKbE81FtSpKe57qJcec4pzo9WtTEGhR37ENm0xx2a33R8nNJNCoqrETr8IULL0QJ893uaQOdRkEBnBXvWVM9VIMggidyLs_MVKvoboiPsoSyer3AY83ucNDCvUWC-MjoxlYJY5wRn58KMgV6E2NZbVBS6_o3pcvXsl2QJh-ry8Y8I7AfR3KROZWDtVXyKrRB0VcpvIgHXomYGMxKKB1xZFy-rGm08bUO9hLuWFwq2kShO_Vc4cDPEy9sy83N6MnXBFNs_2aETgftO7X8e-yiXDJXrHZjSOueNbKr8PcyvFrLAPSJ-k_GDWpU-jgwwITJG6FTCuQ6kS2BvLm1J_nxAsP47Z394au8Z8wSPa0afd_xYum-yAWEGlzs7CGGVLFGw5qrLzPX23jpsXwsmPqJrE8bXujwnXCU__5CksORZdXqW2s-mjpXwx65QpiISfYSpmSJTBEhLUsMnZIVCJTSfikVK67H8PCQGgv82vx_HdXnekabqztkYfY2Gb4PKeAnzg60EPRQ_IXkuTHwH1qNrwI_adD1UVSCmugrl0lGNAmbzHHzcfWivHyccwL29O5MOP41_gFrRUkyQr1RsBpnoZZq_K_e_dL0JnSQg05bMGov7alG5DgvzryB5ssg549Lhbqxkql2YZw3ZAYCX0A9G0TAznedDYpY&sai=AMfl-YSY9eRZQwcTLzNo4GanUwLG5aGWSLeHTF11LJ2bMKATuL1bQoSEjDOsBDbnRY0iNKTn5OdBlGwLPOEc3i6E5pdCNkcAgi7zLP4cqKKOQY64gkBgK7aGGryyr_AT1CgWDA90Ug6-yp49I9hU0zGs2WzNtBo-g-M04WD8NeQT1gHR_aPBDqZNUm1AEmbiGOnPa8gifJwu3yoZA845_qZmMQ&sig=Cg0ArKJSzP1u3wrPPV4nEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220608.92484&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyQh-xUw5b6lUb1uph36GbpfYN2KUXlg13sAUWPEemezyfsR-9kLcFlQBg_-qwZFj_zhWfBg47R8P8T1xKDieUygUteFNEUMbPBVGLe5_NbqcH8lZK-7zTAgzutGnaM2oVDvSvZBfrpuqanraTS3-XBea0CQ&dbm_d=AKAmf-DKXCKeUT6E3nLu4HJ-n9NCXmBlkPEbiX2ogUlA4lpWfQk3jRUKHSNyZICst6CIDlXE0H74_FX8NcJ3D7WOglSUio4g4CzKVCNVb1hEHV4XWfLD3lJpqauGzHgaYIzWIZYuEmrqMJlFLmggGwjsWxycgIoVbzjo551jfmL0GCqgATDbYddiIOfCamh5hPV2Jq-zmYnLVfcfWXJA_R6zS03gyfi-BtCbO5ZjzscHdYnIUkydaDz91oghWXeM4iNwGfvn0mMMehLHWrD9GhJhPoHR9uZ8Q_ojz3Ry1cZ4Oy2CGdcbA89qjvIdhrbAkIKpv8GKrEorRS2o3btGjgTyBmqCRU9iCo4GZSLMpJH4USlXaK_f9-aGpg_w_6xQoN7IT1c8QLgShWFJhK-vk2pwm_6WHjklfla3RFiwA8kY43IGZVCeiQ6ue5Foandc8nVn9qThaPPO2whT9Z7G5V5zgAb9dbDhpQwTpWp2PBfIOGCyBS9rEgcGNPPPJzgl8h3bVFFN0KWX6mkumEZ7-N6uD2A0o5qwT0olOkGNbM7hW6LmD8cjBpKcW1-6OHc_AHdB_7vAorDAOzn_59eGmrOspBoyulmrQ92zwEtnheIRpz8bud3TCo9dI1CyYcPBs93_V_cMT4OMijxiiK8CoJPAjJ0DioOv4G5Fbtpp5WVCOgO858NBnRxMJxY4ksoUq-4jTlO0BRgZD5UqqNwTZlFzs4sWPwTbsWzNDdOaDOUqQpK6PLIZYaBhdu79Q_ozjcCXhVow7V9xr-ywY9JyRX12YptjURszQeDIT614zdC031PtXSWVcNovElJ-bP0u52dG6P2O9HM52NWZJqF_zqdZA0wfMZq76mrxIJB1H1sEnAqpol-gpe6No49O6jpN1EbAGdF2D0EaSqBc57lm16cDbAKfBS5uGJZmn2t6BGWrDtw8zY4YLF1-XTZ8nTIgRgemHBOTWtCNNUPhwaT2xUNr2vT8oXnS0Mq_iwmNbvp8JLvH2BrMh14CTW9gii-n_DHyMRvf2YT75hwCdLGVvmJFMRSQRHQMA2VAptPClidWph5LARGlTZywT6ngTJh7aA5elVUy9EM2KUEU3doS0WW0c72rjI11MiU38oxPaySDb3ncU_wK1wtbGWOCaW0QxDGAp5l1Wo9XOwpHZN9fuSYFVcJ5kvyCztBz1bT29exZub830bB6Z0m2Z5femk4u0qElyPT_ixG8VSU8EEsUtCWApsbP4JUT5hLNzwKOkEwg-xt8dABYZ8CLl-9HTah3xYbLlv1JixzxsCzQkchyOuXcP206IHrXFtnn92K7mM9J5jxkg7fCdmSzt98EcU7s3ssc49TTkk056dsB0vdWzsg8Szqj4gFdDWOu2PNc1xNSrJVrTcJyF4OInbpiR-Zv1ikmQp-UwlcGJNWoheGbgorzcs9val73JiITXVoQ3pIMvRpq9LqjakDCe1hm72j11oT6pwYdok5jBxkUn9VciPXHIFUuzoPSMfZl1Yue1dDrs2NfLtIsxicXlMM3ybtB_uMP_l_vWpHfmRlREA9hpBLQ3Z_SMv_jAB_fD3dxr5u4Iz9VzlMslkzNsqqYTgsy3ExJ4Agwrs9D8JdsAqjBT_g4MnvUiOU1aPO5w7as9RoDFDSdiQ5sk65nvAzmKaGv4JuAFcz9gRNMasqV1wwmLsfYHh8DeUYgX_H8OOgjFIJC08Kdd5susfjsZdaR5bfLe4lgfaHWQurSh0FM-1HMO4WZMdfY6ATOhBn9eGk1zTPMV7xQA3KEdBSjseLN_mltwCk5pjSI3C9OXnEOhYQYXxxc4hX0Zifa01dLKRXHONWB2IixJskJ8wE6uQavIqnayglS_hb-a_LnzSEMkUiC3Tz_biBVuDv020-dG3IoIT3kTl9DTXOaTo08BQKuvbU4U3vbC-sI_Nc6GvCY6YsCTf9ceXrodeNg8nNN-CZwmXs9KSVOKKTvuJsmdBlQm0IZKYX3DJ8uSZ-OMke07wiHUn1abYA5ny9af2-jkonPrnkV2ZSntbb4CbCFADBLW-4ofBDo1RHZalXVZx7rCMyqJCxOSIsqZJnr41LczBASFX5CRhKyngWQOX2v3v0ipgoCU_Or_vARkGUD-eeb3guj_McTb5jklfc8CCQTUC1EDcvcuvtU7QQ_Tx3b4zvK8ozfNLrpUw98LCwC9BI_Z7jitnFIiTVVIukcmme7Exxvhxy0vLvEdEeqUYQA7-Q7xrnhRy_2fPEtNxRx5NQGm8dTWTg5IdOgySFNe50MH27Q1hacEdFkaXwhGJzKa6ivRiAsIJ7v1ECML0QgMCyGD04bBrYEZ2PPDl-FRvBLGVMERIrQiHuxErUI9uxomto9q7F-2FXeMtqeH9bcyKSDD7UlmEo65bW1fk8DNqPPoYm4_CaoMsdURUB9WOrx-_44iSBgU7FG9ksK06wOsCse5kcUPj5UiUYrM1V5MSRTRLbNcqwHSLWWHtJPYYNXWwlcgtr1k5phu8iyO6KO5PxCg-thYBB1T6LgfesjaQszBQpnkVNaFEzKfb1864pE42CtVkgQwnnaE4dzOQMO6kRylCrtFbItTzI0aogFXCPP0Al2og_mVKX31IUqGWr5w6BsFHJFlwOmOqFZlaz_T2ok_dUhy18T9RCep0UvBW5FrYSpK9Agk_flCE5UBkYiRZAiBVMCkv9E6Klf9IFE7cS9gQrL4Jdp1LiSQdEB_uA4lWTqXkeB4NTNruHnkaSj7x7ml5aN7e34VMZz-Kv7pNUlZWNdsDyzqfaWhBSUdwuUzE1gMlo6Klvcn2EbXDnHXYM2_BTTZKSwagnPuwDChwYpSQ96vJw48pKaYWxlU1pBjzwvY59xE2-9HgVtTqwTYUBQCXDXHpbroOXCC042e68uDRKuIpOzYxHaJVUUZIPGGDI9tEPHZWRWsDMlHb1p9RUhGObmubdMUmXofn-fUQbR1xwepAgPAZsQG-lH4WiWlW0177sTeHoJLr7hdc6HsWlAfcgc5kO7GoCQqssM5JCeYIvJTgSW69wmqy1pTKNcJt2-ggiVv-zKe-GhRbkEmcFTBa5kUuX-esWP8PqW-UeZmvH27OiWNJ5suHuM2vlkbAkl2S8Lb4l3uOIixZ1k339GMYSIf4xFNmxSDT56eSLzb5awKIM3wVGcPVCEgkKfRGxUMo7GIAVgZP5UzRNZLNZxUvrynbxe2umdnSLYRi9jmfrrN-8-f8ZR9KHWlODq9vJkYEAnpFkzoaZEQREhHp4MOzO_ERWTborT67vzJeBvQc9wYWDHy-JsCoVEztL-b3B4BrxpwJDxVh9pByWIpR5VtjHKHc0BONHt2fE_fsXMjmKDZf_K5W48GdItm2GjLY2SKHeHMwwV2UiLi8KaCdI8lJnChaLfRWzEpb1tKOmRKz7rg2JlRb1_TUUCOg&cid=CAASJORo03UppxorbiWc0GZ2nvNe3XGjrJgtUdImkSp-PEWYG56K1A&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 12 Jun 2022 04:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4C87 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyQh-xUw5b6lUb1uph36GbpfYN2KUXlg13sAUWPEemezyfsR-9kLcFlQBg_-qwZFj_zhWfBg47R8P8T1xKDieUygUteFNEUMbPBVGLe5_NbqcH8lZK-7zTAgzutGnaM2oVDvSvZBfrpuqanraTS3-XBea0CQ&dbm_d=AKAmf-DKXCKeUT6E3nLu4HJ-n9NCXmBlkPEbiX2ogUlA4lpWfQk3jRUKHSNyZICst6CIDlXE0H74_FX8NcJ3D7WOglSUio4g4CzKVCNVb1hEHV4XWfLD3lJpqauGzHgaYIzWIZYuEmrqMJlFLmggGwjsWxycgIoVbzjo551jfmL0GCqgATDbYddiIOfCamh5hPV2Jq-zmYnLVfcfWXJA_R6zS03gyfi-BtCbO5ZjzscHdYnIUkydaDz91oghWXeM4iNwGfvn0mMMehLHWrD9GhJhPoHR9uZ8Q_ojz3Ry1cZ4Oy2CGdcbA89qjvIdhrbAkIKpv8GKrEorRS2o3btGjgTyBmqCRU9iCo4GZSLMpJH4USlXaK_f9-aGpg_w_6xQoN7IT1c8QLgShWFJhK-vk2pwm_6WHjklfla3RFiwA8kY43IGZVCeiQ6ue5Foandc8nVn9qThaPPO2whT9Z7G5V5zgAb9dbDhpQwTpWp2PBfIOGCyBS9rEgcGNPPPJzgl8h3bVFFN0KWX6mkumEZ7-N6uD2A0o5qwT0olOkGNbM7hW6LmD8cjBpKcW1-6OHc_AHdB_7vAorDAOzn_59eGmrOspBoyulmrQ92zwEtnheIRpz8bud3TCo9dI1CyYcPBs93_V_cMT4OMijxiiK8CoJPAjJ0DioOv4G5Fbtpp5WVCOgO858NBnRxMJxY4ksoUq-4jTlO0BRgZD5UqqNwTZlFzs4sWPwTbsWzNDdOaDOUqQpK6PLIZYaBhdu79Q_ozjcCXhVow7V9xr-ywY9JyRX12YptjURszQeDIT614zdC031PtXSWVcNovElJ-bP0u52dG6P2O9HM52NWZJqF_zqdZA0wfMZq76mrxIJB1H1sEnAqpol-gpe6No49O6jpN1EbAGdF2D0EaSqBc57lm16cDbAKfBS5uGJZmn2t6BGWrDtw8zY4YLF1-XTZ8nTIgRgemHBOTWtCNNUPhwaT2xUNr2vT8oXnS0Mq_iwmNbvp8JLvH2BrMh14CTW9gii-n_DHyMRvf2YT75hwCdLGVvmJFMRSQRHQMA2VAptPClidWph5LARGlTZywT6ngTJh7aA5elVUy9EM2KUEU3doS0WW0c72rjI11MiU38oxPaySDb3ncU_wK1wtbGWOCaW0QxDGAp5l1Wo9XOwpHZN9fuSYFVcJ5kvyCztBz1bT29exZub830bB6Z0m2Z5femk4u0qElyPT_ixG8VSU8EEsUtCWApsbP4JUT5hLNzwKOkEwg-xt8dABYZ8CLl-9HTah3xYbLlv1JixzxsCzQkchyOuXcP206IHrXFtnn92K7mM9J5jxkg7fCdmSzt98EcU7s3ssc49TTkk056dsB0vdWzsg8Szqj4gFdDWOu2PNc1xNSrJVrTcJyF4OInbpiR-Zv1ikmQp-UwlcGJNWoheGbgorzcs9val73JiITXVoQ3pIMvRpq9LqjakDCe1hm72j11oT6pwYdok5jBxkUn9VciPXHIFUuzoPSMfZl1Yue1dDrs2NfLtIsxicXlMM3ybtB_uMP_l_vWpHfmRlREA9hpBLQ3Z_SMv_jAB_fD3dxr5u4Iz9VzlMslkzNsqqYTgsy3ExJ4Agwrs9D8JdsAqjBT_g4MnvUiOU1aPO5w7as9RoDFDSdiQ5sk65nvAzmKaGv4JuAFcz9gRNMasqV1wwmLsfYHh8DeUYgX_H8OOgjFIJC08Kdd5susfjsZdaR5bfLe4lgfaHWQurSh0FM-1HMO4WZMdfY6ATOhBn9eGk1zTPMV7xQA3KEdBSjseLN_mltwCk5pjSI3C9OXnEOhYQYXxxc4hX0Zifa01dLKRXHONWB2IixJskJ8wE6uQavIqnayglS_hb-a_LnzSEMkUiC3Tz_biBVuDv020-dG3IoIT3kTl9DTXOaTo08BQKuvbU4U3vbC-sI_Nc6GvCY6YsCTf9ceXrodeNg8nNN-CZwmXs9KSVOKKTvuJsmdBlQm0IZKYX3DJ8uSZ-OMke07wiHUn1abYA5ny9af2-jkonPrnkV2ZSntbb4CbCFADBLW-4ofBDo1RHZalXVZx7rCMyqJCxOSIsqZJnr41LczBASFX5CRhKyngWQOX2v3v0ipgoCU_Or_vARkGUD-eeb3guj_McTb5jklfc8CCQTUC1EDcvcuvtU7QQ_Tx3b4zvK8ozfNLrpUw98LCwC9BI_Z7jitnFIiTVVIukcmme7Exxvhxy0vLvEdEeqUYQA7-Q7xrnhRy_2fPEtNxRx5NQGm8dTWTg5IdOgySFNe50MH27Q1hacEdFkaXwhGJzKa6ivRiAsIJ7v1ECML0QgMCyGD04bBrYEZ2PPDl-FRvBLGVMERIrQiHuxErUI9uxomto9q7F-2FXeMtqeH9bcyKSDD7UlmEo65bW1fk8DNqPPoYm4_CaoMsdURUB9WOrx-_44iSBgU7FG9ksK06wOsCse5kcUPj5UiUYrM1V5MSRTRLbNcqwHSLWWHtJPYYNXWwlcgtr1k5phu8iyO6KO5PxCg-thYBB1T6LgfesjaQszBQpnkVNaFEzKfb1864pE42CtVkgQwnnaE4dzOQMO6kRylCrtFbItTzI0aogFXCPP0Al2og_mVKX31IUqGWr5w6BsFHJFlwOmOqFZlaz_T2ok_dUhy18T9RCep0UvBW5FrYSpK9Agk_flCE5UBkYiRZAiBVMCkv9E6Klf9IFE7cS9gQrL4Jdp1LiSQdEB_uA4lWTqXkeB4NTNruHnkaSj7x7ml5aN7e34VMZz-Kv7pNUlZWNdsDyzqfaWhBSUdwuUzE1gMlo6Klvcn2EbXDnHXYM2_BTTZKSwagnPuwDChwYpSQ96vJw48pKaYWxlU1pBjzwvY59xE2-9HgVtTqwTYUBQCXDXHpbroOXCC042e68uDRKuIpOzYxHaJVUUZIPGGDI9tEPHZWRWsDMlHb1p9RUhGObmubdMUmXofn-fUQbR1xwepAgPAZsQG-lH4WiWlW0177sTeHoJLr7hdc6HsWlAfcgc5kO7GoCQqssM5JCeYIvJTgSW69wmqy1pTKNcJt2-ggiVv-zKe-GhRbkEmcFTBa5kUuX-esWP8PqW-UeZmvH27OiWNJ5suHuM2vlkbAkl2S8Lb4l3uOIixZ1k339GMYSIf4xFNmxSDT56eSLzb5awKIM3wVGcPVCEgkKfRGxUMo7GIAVgZP5UzRNZLNZxUvrynbxe2umdnSLYRi9jmfrrN-8-f8ZR9KHWlODq9vJkYEAnpFkzoaZEQREhHp4MOzO_ERWTborT67vzJeBvQc9wYWDHy-JsCoVEztL-b3B4BrxpwJDxVh9pByWIpR5VtjHKHc0BONHt2fE_fsXMjmKDZf_K5W48GdItm2GjLY2SKHeHMwwV2UiLi8KaCdI8lJnChaLfRWzEpb1tKOmRKz7rg2JlRb1_TUUCOg&cid=CAASJORo03UppxorbiWc0GZ2nvNe3XGjrJgtUdImkSp-PEWYG56K1A&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 19:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 19:13:50 GMT
3648567437855393992
s0.2mdn.net/simgad/ Frame 4C87 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/3648567437855393992
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
90540c79478c5e9059a21793f04ddb40a7e56f584aae4bad745409e1dba2ebf5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 03:14:27 GMT
x-content-type-options
nosniff
age
91081
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15462
x-xss-protection
0
last-modified
Thu, 02 Jun 2022 01:33:26 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 11 Jun 2023 03:14:27 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame CADA 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
2786
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 03:46:02 GMT
server
cafe
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 5F00 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54376
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 12 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EAD9 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4cda1bafe66385095e95719137b01639124ec3e199aeddf2915924935fe1dd8

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4475 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 19:13:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
206318
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 09 Jun 2023 19:13:50 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3DE0 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54376
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 12 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4475 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
55b33ff1c8ee84d7b8c643d617a95a9bfcdc50f4dbf38306a7ae3b6297f8148d

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame AA85 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
22157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 22:23:11 GMT
expires
Sun, 11 Jun 2023 22:23:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9EE7 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54376
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 12 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame EE66 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
22157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 22:23:11 GMT
expires
Sun, 11 Jun 2023 22:23:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dvbs_src_internal107.js
cdn.doubleverify.com/ Frame CBEB 		55 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115739&plc=5207946&sid=18330&dvregion=0&unit=300x250&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jaYmIDW4cIQt2QqH4P-lBK&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=46959267&DVP_DBM_4=347820102&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=34173461753&turl=https://dengi.ua/&DVP_PP_BUNDLE_ID=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:df:3ac::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 04:32:28 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 14:27:50 GMT
Server
Microsoft-IIS/10.0
ETag
"0f7cd18d7cd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18120
truncated
/ Frame 4C87 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b0eb9a943ec716370528d1157fe3e0f03613ad971e1b42c0ca24fd4a4cdccbff

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
logcz.aspx
inv-nets.admixer.net/ 		0
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://inv-nets.admixer.net/logcz.aspx?zone=b1a45f41-c850-4c1a-99ab-f9f20ac940a8
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
146.0.227.109 , Ascension Island, ASN20773 (GODADDY, DE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://dengi.ua/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 12 Jun 2022 04:32:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Keep-Alive
timeout=25
X-Xss-Protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D14D 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
22157
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 22:23:11 GMT
expires
Sun, 11 Jun 2023 22:23:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4C87 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssNXGwMKzPlDFchxulkiZ_uL4OVo4ZQ8RZzO0XQlddEZIkGv_fMq0rWyQHKc59gTDk4o9LR1Z1inRi3Ucv9QtBW8NyxEVTOvDS3YrmoVdEW5Lgt8LHiKr9vTP-EuZooe53E-xVf109cw2tKk7tRCLMDzJTcH7IY-vvpLm8Wsmiy41YzqBtE6BxgxjcfK9jUQr4UXbZIL1DIbMYkhYiJzvf_CBW8aC7FyChiJ6eYTO58FlSz8gFUquangLZj5QHVwukQfx06u_dQ1GCDR4-_pZczm6a_0zSHI_3IhiixuZgAw2UuhmzAyxf-rSpHufBkVRyZzz8ivQo8tIWY78Ejs3y_RtsP18pDgBmqzUnqLIfqxBhn0ks8-V4-JJ2HPyoTBzl_I_PtbciLTY8QkxXMGvCwMqsNWZMCpvSXGaJcBDNgozTpeAcgjZZucia5QC9k0-fE3gIS3WYrakd87IVWzQOaNZxb243pPaJJ90xAIgB-fOu56xzFXDgDD1ek8WsSQHzM8yjektm5pna3DvLaZFX63tokywvGX0W5CYPMUypKnRgROiUFT8Szcvbr_6lkVGvjkLyQl1WRHZ4Go5PQbqAWQoWMdd1ukRchwaFx2rryvXanZaAz0fHu3jGGl45htIq18G8wrRZKkSLf5DC0J1YbwckjIm6wBtq48SzqKbE81FtSpKe57qJcec4pzo9WtTEGhR37ENm0xx2a33R8nNJNCoqrETr8IULL0QJ893uaQOdRkEBnBXvWVM9VIMggidyLs_MVKvoboiPsoSyer3AY83ucNDCvUWC-MjoxlYJY5wRn58KMgV6E2NZbVBS6_o3pcvXsl2QJh-ry8Y8I7AfR3KROZWDtVXyKrRB0VcpvIgHXomYGMxKKB1xZFy-rGm08bUO9hLuWFwq2kShO_Vc4cDPEy9sy83N6MnXBFNs_2aETgftO7X8e-yiXDJXrHZjSOueNbKr8PcyvFrLAPSJ-k_GDWpU-jgwwITJG6FTCuQ6kS2BvLm1J_nxAsP47Z394au8Z8wSPa0afd_xYum-yAWEGlzs7CGGVLFGw5qrLzPX23jpsXwsmPqJrE8bXujwnXCU__5CksORZdXqW2s-mjpXwx65QpiISfYSpmSJTBEhLUsMnZIVCJTSfikVK67H8PCQGgv82vx_HdXnekabqztkYfY2Gb4PKeAnzg60EPRQ_IXkuTHwH1qNrwI_adD1UVSCmugrl0lGNAmbzHHzcfWivHyccwL29O5MOP41_gFrRUkyQr1RsBpnoZZq_K_e_dL0JnSQg05bMGov7alG5DgvzryB5ssg549Lhbqxkql2YZw3ZAYCX0A9G0TAznedDYpY&sai=AMfl-YSY9eRZQwcTLzNo4GanUwLG5aGWSLeHTF11LJ2bMKATuL1bQoSEjDOsBDbnRY0iNKTn5OdBlGwLPOEc3i6E5pdCNkcAgi7zLP4cqKKOQY64gkBgK7aGGryyr_AT1CgWDA90Ug6-yp49I9hU0zGs2WzNtBo-g-M04WD8NeQT1gHR_aPBDqZNUm1AEmbiGOnPa8gifJwu3yoZA845_qZmMQ&sig=Cg0ArKJSzP1u3wrPPV4nEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&vt=11&dtpt=157&dett=2&cstd=0&cisv=r20220608.92484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AyQh-xUw5b6lUb1uph36GbpfYN2KUXlg13sAUWPEemezyfsR-9kLcFlQBg_-qwZFj_zhWfBg47R8P8T1xKDieUygUteFNEUMbPBVGLe5_NbqcH8lZK-7zTAgzutGnaM2oVDvSvZBfrpuqanraTS3-XBea0CQ&dbm_d=AKAmf-DKXCKeUT6E3nLu4HJ-n9NCXmBlkPEbiX2ogUlA4lpWfQk3jRUKHSNyZICst6CIDlXE0H74_FX8NcJ3D7WOglSUio4g4CzKVCNVb1hEHV4XWfLD3lJpqauGzHgaYIzWIZYuEmrqMJlFLmggGwjsWxycgIoVbzjo551jfmL0GCqgATDbYddiIOfCamh5hPV2Jq-zmYnLVfcfWXJA_R6zS03gyfi-BtCbO5ZjzscHdYnIUkydaDz91oghWXeM4iNwGfvn0mMMehLHWrD9GhJhPoHR9uZ8Q_ojz3Ry1cZ4Oy2CGdcbA89qjvIdhrbAkIKpv8GKrEorRS2o3btGjgTyBmqCRU9iCo4GZSLMpJH4USlXaK_f9-aGpg_w_6xQoN7IT1c8QLgShWFJhK-vk2pwm_6WHjklfla3RFiwA8kY43IGZVCeiQ6ue5Foandc8nVn9qThaPPO2whT9Z7G5V5zgAb9dbDhpQwTpWp2PBfIOGCyBS9rEgcGNPPPJzgl8h3bVFFN0KWX6mkumEZ7-N6uD2A0o5qwT0olOkGNbM7hW6LmD8cjBpKcW1-6OHc_AHdB_7vAorDAOzn_59eGmrOspBoyulmrQ92zwEtnheIRpz8bud3TCo9dI1CyYcPBs93_V_cMT4OMijxiiK8CoJPAjJ0DioOv4G5Fbtpp5WVCOgO858NBnRxMJxY4ksoUq-4jTlO0BRgZD5UqqNwTZlFzs4sWPwTbsWzNDdOaDOUqQpK6PLIZYaBhdu79Q_ozjcCXhVow7V9xr-ywY9JyRX12YptjURszQeDIT614zdC031PtXSWVcNovElJ-bP0u52dG6P2O9HM52NWZJqF_zqdZA0wfMZq76mrxIJB1H1sEnAqpol-gpe6No49O6jpN1EbAGdF2D0EaSqBc57lm16cDbAKfBS5uGJZmn2t6BGWrDtw8zY4YLF1-XTZ8nTIgRgemHBOTWtCNNUPhwaT2xUNr2vT8oXnS0Mq_iwmNbvp8JLvH2BrMh14CTW9gii-n_DHyMRvf2YT75hwCdLGVvmJFMRSQRHQMA2VAptPClidWph5LARGlTZywT6ngTJh7aA5elVUy9EM2KUEU3doS0WW0c72rjI11MiU38oxPaySDb3ncU_wK1wtbGWOCaW0QxDGAp5l1Wo9XOwpHZN9fuSYFVcJ5kvyCztBz1bT29exZub830bB6Z0m2Z5femk4u0qElyPT_ixG8VSU8EEsUtCWApsbP4JUT5hLNzwKOkEwg-xt8dABYZ8CLl-9HTah3xYbLlv1JixzxsCzQkchyOuXcP206IHrXFtnn92K7mM9J5jxkg7fCdmSzt98EcU7s3ssc49TTkk056dsB0vdWzsg8Szqj4gFdDWOu2PNc1xNSrJVrTcJyF4OInbpiR-Zv1ikmQp-UwlcGJNWoheGbgorzcs9val73JiITXVoQ3pIMvRpq9LqjakDCe1hm72j11oT6pwYdok5jBxkUn9VciPXHIFUuzoPSMfZl1Yue1dDrs2NfLtIsxicXlMM3ybtB_uMP_l_vWpHfmRlREA9hpBLQ3Z_SMv_jAB_fD3dxr5u4Iz9VzlMslkzNsqqYTgsy3ExJ4Agwrs9D8JdsAqjBT_g4MnvUiOU1aPO5w7as9RoDFDSdiQ5sk65nvAzmKaGv4JuAFcz9gRNMasqV1wwmLsfYHh8DeUYgX_H8OOgjFIJC08Kdd5susfjsZdaR5bfLe4lgfaHWQurSh0FM-1HMO4WZMdfY6ATOhBn9eGk1zTPMV7xQA3KEdBSjseLN_mltwCk5pjSI3C9OXnEOhYQYXxxc4hX0Zifa01dLKRXHONWB2IixJskJ8wE6uQavIqnayglS_hb-a_LnzSEMkUiC3Tz_biBVuDv020-dG3IoIT3kTl9DTXOaTo08BQKuvbU4U3vbC-sI_Nc6GvCY6YsCTf9ceXrodeNg8nNN-CZwmXs9KSVOKKTvuJsmdBlQm0IZKYX3DJ8uSZ-OMke07wiHUn1abYA5ny9af2-jkonPrnkV2ZSntbb4CbCFADBLW-4ofBDo1RHZalXVZx7rCMyqJCxOSIsqZJnr41LczBASFX5CRhKyngWQOX2v3v0ipgoCU_Or_vARkGUD-eeb3guj_McTb5jklfc8CCQTUC1EDcvcuvtU7QQ_Tx3b4zvK8ozfNLrpUw98LCwC9BI_Z7jitnFIiTVVIukcmme7Exxvhxy0vLvEdEeqUYQA7-Q7xrnhRy_2fPEtNxRx5NQGm8dTWTg5IdOgySFNe50MH27Q1hacEdFkaXwhGJzKa6ivRiAsIJ7v1ECML0QgMCyGD04bBrYEZ2PPDl-FRvBLGVMERIrQiHuxErUI9uxomto9q7F-2FXeMtqeH9bcyKSDD7UlmEo65bW1fk8DNqPPoYm4_CaoMsdURUB9WOrx-_44iSBgU7FG9ksK06wOsCse5kcUPj5UiUYrM1V5MSRTRLbNcqwHSLWWHtJPYYNXWwlcgtr1k5phu8iyO6KO5PxCg-thYBB1T6LgfesjaQszBQpnkVNaFEzKfb1864pE42CtVkgQwnnaE4dzOQMO6kRylCrtFbItTzI0aogFXCPP0Al2og_mVKX31IUqGWr5w6BsFHJFlwOmOqFZlaz_T2ok_dUhy18T9RCep0UvBW5FrYSpK9Agk_flCE5UBkYiRZAiBVMCkv9E6Klf9IFE7cS9gQrL4Jdp1LiSQdEB_uA4lWTqXkeB4NTNruHnkaSj7x7ml5aN7e34VMZz-Kv7pNUlZWNdsDyzqfaWhBSUdwuUzE1gMlo6Klvcn2EbXDnHXYM2_BTTZKSwagnPuwDChwYpSQ96vJw48pKaYWxlU1pBjzwvY59xE2-9HgVtTqwTYUBQCXDXHpbroOXCC042e68uDRKuIpOzYxHaJVUUZIPGGDI9tEPHZWRWsDMlHb1p9RUhGObmubdMUmXofn-fUQbR1xwepAgPAZsQG-lH4WiWlW0177sTeHoJLr7hdc6HsWlAfcgc5kO7GoCQqssM5JCeYIvJTgSW69wmqy1pTKNcJt2-ggiVv-zKe-GhRbkEmcFTBa5kUuX-esWP8PqW-UeZmvH27OiWNJ5suHuM2vlkbAkl2S8Lb4l3uOIixZ1k339GMYSIf4xFNmxSDT56eSLzb5awKIM3wVGcPVCEgkKfRGxUMo7GIAVgZP5UzRNZLNZxUvrynbxe2umdnSLYRi9jmfrrN-8-f8ZR9KHWlODq9vJkYEAnpFkzoaZEQREhHp4MOzO_ERWTborT67vzJeBvQc9wYWDHy-JsCoVEztL-b3B4BrxpwJDxVh9pByWIpR5VtjHKHc0BONHt2fE_fsXMjmKDZf_K5W48GdItm2GjLY2SKHeHMwwV2UiLi8KaCdI8lJnChaLfRWzEpb1tKOmRKz7rg2JlRb1_TUUCOg&cid=CAASJORo03UppxorbiWc0GZ2nvNe3XGjrJgtUdImkSp-PEWYG56K1A&rfl=1%2Chttps%253A%252F%252Fdengi.ua%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 5F00
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMEfH1Y7faKWvh5Uuihiu60&google_cver=1&google_push=ARnp8GCK3ntf4hM1lOop-vCGXSP9l4v879jjI1XO70SEjtovidQd74OqwGwotagmNqRSWidwsxLPnVnAyWAKiN1J8NEKkSAjmi1m
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzgxNDQyMzczOTI1MDAxMDI2OQ==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMEfH1Y7faKWvh5Uuihiu60&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMEfH1Y7faKWvh5Uuihiu60&google_cver=1
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEMEfH1Y7faKWvh5Uuihiu60&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F00
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGCPFWzck3USd2P9qDx7DJ8&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGCPFWzck3USd2P9qDx7DJ8&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WlBOdzFFeWMxTzBmaDI1&google_gid=CAESEGCPFWzck3USd2P9qDx7DJ8&google_cver=1&google_push=ARnp8GC4XDxUo6zm2I-1siRGWoH_AJTcLuXHP80IB2IKtw8...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WlBOdzFFeWMxTzBmaDI1&google_gid=CAESEGCPFWzck3USd2P9qDx7DJ8&google_cver=1&google_push=ARnp8GC4XDxUo6zm2I-1siRGWoH_AJTcLuXHP80IB2IKtw8mHSiDtD_afkjD5oubXcQdvsTjm2nIjR_e6cwt2w4WWk0yDHfTsrsr
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-0f466b0102beed6b9@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=WlBOdzFFeWMxTzBmaDI1&google_gid=CAESEGCPFWzck3USd2P9qDx7DJ8&google_cver=1&google_push=ARnp8GC4XDxUo6zm2I-1siRGWoH_AJTcLuXHP80IB2IKtw8mHSiDtD_afkjD5oubXcQdvsTjm2nIjR_e6cwt2w4WWk0yDHfTsrsr
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5F00
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_push=ARnp8GDeUekDtg14NHxEHWEzZTU5mymgOpV7dtSR8lDdf9muXbhPT6tRYg...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_push=ARnp8GDeUekDtg14NHxEHWEzZTU5mymgOpV7dtSR8lDdf9muXbhPT6tRYgS7E5HPvmvbW8DyUn570BtGfMN4B7_bP0E_YHqR-kGs
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1655008349.538510,VS0,VE76
x-served-by
cache-lcy19251-LCY
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_push=ARnp8GDeUekDtg14NHxEHWEzZTU5mymgOpV7dtSR8lDdf9muXbhPT6tRYgS7E5HPvmvbW8DyUn570BtGfMN4B7_bP0E_YHqR-kGs
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 5F00 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGGAqQipFE7FIcM5njzl_94&google_cver=1&google_push=ARnp8GBWqk_qS48MgtIHTuj4VLDvlRmP4ltFVK9bG-27Sv6Olt4xQYw-gEW5V7cbJ5h8A4PC8C59WUptrWS3KlZ3V8NAOpquEQMe
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 5F00
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA3Msybsv2VXgn4MUEHwr44&google_cver=1&google_push=ARnp8GBOjPtXv-k9WDDWwFH-m_sHhlls311axYgQNzi2yUho3M6WHqC19sgBaBuJ-3utkoPbEd8X_9BY1Wz_TRNX...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CqWMhyjIQtGxyT7XkdIUXw2&google_push=ARnp8GBOjPtXv-k9WDDWwFH-m_sHhlls311axYgQNzi2yUho3M6WHqC19sgBaBuJ-3utkoPbEd8X_9BY1Wz_TRNXD97rEfxUa9A0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CqWMhyjIQtGxyT7XkdIUXw2&google_push=ARnp8GBOjPtXv-k9WDDWwFH-m_sHhlls311axYgQNzi2yUho3M6WHqC19sgBaBuJ-3utkoPbEd8X_9BY1Wz_TRNXD97rEfxUa9A0
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Jun 2022 04:32:28 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=CqWMhyjIQtGxyT7XkdIUXw2&google_push=ARnp8GBOjPtXv-k9WDDWwFH-m_sHhlls311axYgQNzi2yUho3M6WHqC19sgBaBuJ-3utkoPbEd8X_9BY1Wz_TRNXD97rEfxUa9A0
x-host
tde-deliveryengine-production-6dd6c7c9d8-br8qr
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dds
rtb.openx.net/sync/ Frame 5F00 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELSzropkfktw1MFwAQ65MwM&google_cver=1&google_push=ARnp8GCemEd-7UjlzAmAo4Wh44zG4hZZuZ_0dxIYlXaU-RochGS2S-YCB6lDjgZF_ERieC1W4nFW82qOyoMoLPo_2ttYB_AuqBFb
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
e2fvg26g2ggdrrnrj9213dkm0aican13
pixel
cm.g.doubleclick.net/ Frame 5F00
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGtYxKMJko2rXcP5umY-p7A&google_cver=1&google_push=ARnp8GAY_HJh107L7StaAAYL42mA6uNGX663Hw1O5XU5hd3D9NQoQL6AbcDO1ZyOBDM80WR0Gxux4yKuqaFOFRzQIqMCEoBRRD-K
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GAY_HJh107L7StaAAYL42mA6uNGX663Hw1O5XU5hd3D9NQoQL6AbcDO1ZyOBDM80WR0Gxux4yKuqaFOFRzQIqMCEoBRRD-...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY1MTIxMTE3ODU3MzI2Njc5NDg1OA%3D%3D&google_push=ARnp8GAY_HJh107L7StaAAYL42mA6uNGX663Hw1O5XU5hd3D9NQoQL6A...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY1MTIxMTE3ODU3MzI2Njc5NDg1OA%3D%3D&google_push=ARnp8GAY_HJh107L7StaAAYL42mA6uNGX663Hw1O5XU5hd3D9NQoQL6AbcDO1ZyOBDM80WR0Gxux4yKuqaFOFRzQIqMCEoBRRD-K
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY1MTIxMTE3ODU3MzI2Njc5NDg1OA%3D%3D&google_push=ARnp8GAY_HJh107L7StaAAYL42mA6uNGX663Hw1O5XU5hd3D9NQoQL6AbcDO1ZyOBDM80WR0Gxux4yKuqaFOFRzQIqMCEoBRRD-K
date
Sun, 12 Jun 2022 04:32:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 5F00 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKQosHA-agk42JDE5AIeyfDa_wND83hCXPyu-mKFhCMuoWiBt-yKRX8PFpnqscFmKsssBh
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
si
googleads.g.doubleclick.net/pagead/drt/ Frame CADA
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Sun, 12 Jun 2022 04:32:28 GMT
expires
Sun, 12 Jun 2022 04:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 12 Jun 2022 04:32:28 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
google2waycm.netmng.com/cm/ Frame 3DE0 		0
0
pixel
cm.g.doubleclick.net/ Frame 3DE0
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_push=ARnp8GAzFruLYzNib4eHIhK-GYmasnjibmYTRHRkT0KikTcl4fE0tXCAff...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_push=ARnp8GAzFruLYzNib4eHIhK-GYmasnjibmYTRHRkT0KikTcl4fE0tXCAffyYDOiYeHRsvhZWvjxk9bHe4MGwWe13G0s9iYTyKba-YQ
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1655008349.538447,VS0,VE77
x-served-by
cache-lcy19251-LCY
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEIpgHaKOPhEI_ccapbWRRis&google_push=ARnp8GAzFruLYzNib4eHIhK-GYmasnjibmYTRHRkT0KikTcl4fE0tXCAffyYDOiYeHRsvhZWvjxk9bHe4MGwWe13G0s9iYTyKba-YQ
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 3DE0 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEGGAqQipFE7FIcM5njzl_94&google_cver=1&google_push=ARnp8GDIBy1etpfFzsgHC3bnei6X4IsPzyW_9Cz2kYU-MR93l1VtvHXV36vvsCZGWfQqgxeln6ZNX990pWqgvFiztdHdLMNxL0QsTw
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
pixel
cm.g.doubleclick.net/ Frame 3DE0
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF7WoeUnqCMeKJXOn7M13Zw&google_cver=1&google_push=ARnp8GCBGTog7YSj4tEQ9KlKCKaVc_CXaS2W384dhjjDwfqBA6HlLKfu6EG4C6Chywzlk0D4M2VgSDvf...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF7WoeUnqCMeKJXOn7M13Zw&google_cver=1&google_push=ARnp8GCBGTog7YSj4tEQ9KlKCKaVc_CXaS2W384dhjjDwfqBA6HlLKfu6EG4C6Chywzlk0D4M2V...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM2MjI4Njk2MzIxODI0ODE5OA&google_push=ARnp8GCBGTog7YSj4tEQ9KlKCKaVc_CXaS2W384dhjjDwfqBA6HlLKfu6EG4C6Chywzlk0D4M2VgSD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM2MjI4Njk2MzIxODI0ODE5OA&google_push=ARnp8GCBGTog7YSj4tEQ9KlKCKaVc_CXaS2W384dhjjDwfqBA6HlLKfu6EG4C6Chywzlk0D4M2VgSDvfuOHyr_nGvLoi5nDRCvBu
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
nginx
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzM2MjI4Njk2MzIxODI0ODE5OA&google_push=ARnp8GCBGTog7YSj4tEQ9KlKCKaVc_CXaS2W384dhjjDwfqBA6HlLKfu6EG4C6Chywzlk0D4M2VgSDvfuOHyr_nGvLoi5nDRCvBu
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 3DE0
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGtYxKMJko2rXcP5umY-p7A&google_cver=1&google_push=ARnp8GDfqCCeqht0VkLwaVDGiCHH8eWxjvw_Gxazl6xQ9KMadcJxvhugdT_YkcnXAsrSA90IMw5Jvvqg0ecMVeKGE3wxA8GXYG...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GDfqCCeqht0VkLwaVDGiCHH8eWxjvw_Gxazl6xQ9KMadcJxvhugdT_YkcnXAsrSA90IMw5Jvvqg0ecMVeKGE3wxA8GXYGb...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY1MTIxMTE3ODU3MzI2Njc5NDg1OA%3D%3D&google_push=ARnp8GDfqCCeqht0VkLwaVDGiCHH8eWxjvw_Gxazl6xQ9KMadcJxvhug...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY1MTIxMTE3ODU3MzI2Njc5NDg1OA%3D%3D&google_push=ARnp8GDfqCCeqht0VkLwaVDGiCHH8eWxjvw_Gxazl6xQ9KMadcJxvhugdT_YkcnXAsrSA90IMw5Jvvqg0ecMVeKGE3wxA8GXYGbnig
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjY1MTIxMTE3ODU3MzI2Njc5NDg1OA%3D%3D&google_push=ARnp8GDfqCCeqht0VkLwaVDGiCHH8eWxjvw_Gxazl6xQ9KMadcJxvhugdT_YkcnXAsrSA90IMw5Jvvqg0ecMVeKGE3wxA8GXYGbnig
date
Sun, 12 Jun 2022 04:32:28 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ssbsync.smartadserver.com/api/ Frame 3DE0 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESENlY5khRO0dRuUAemc38jrI&google_cver=1&google_push=ARnp8GDt4--MjzdeNxEL3jnEqb9ClagtNgwS_2BjtEr-u3fSfW0REQJJQZTWkbO22VFz4lJuXRdkPi5ULpYVaB3xPx9vXjnOxhJxeg
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:27 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3DE0
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECm2An-f74SsEdz5lxhCzBc&google_cver=1&google_push=ARnp8GBvwx0lLoc22gqE__JNtD8yXojkENe4GX7OIZxL8s5vhHfzqnX3PJivOhrgMGQhYYLu7k...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECm2An-f74SsEdz5lxhCzBc&google_cver=1&google_push=ARnp8GBvwx0lLoc22gqE__JNtD8yXojkENe4GX7OIZxL8s5vhHfzqnX3PJivOhrgMGQhYYLu7k...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KbDRDdzlKRTJ1R1VkQmp4c2Q2M3dlV1FRYlg3dDlhUH5B&google_push=ARnp8GBvwx0lLoc22gqE__JNtD8yXojkENe4GX7OIZxL8s5vhHfzqnX3P...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KbDRDdzlKRTJ1R1VkQmp4c2Q2M3dlV1FRYlg3dDlhUH5B&google_push=ARnp8GBvwx0lLoc22gqE__JNtD8yXojkENe4GX7OIZxL8s5vhHfzqnX3PJivOhrgMGQhYYLu7kv6mRGfwYCHQLKQFe7c379K3Z0vgro
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KbDRDdzlKRTJ1R1VkQmp4c2Q2M3dlV1FRYlg3dDlhUH5B&google_push=ARnp8GBvwx0lLoc22gqE__JNtD8yXojkENe4GX7OIZxL8s5vhHfzqnX3PJivOhrgMGQhYYLu7kv6mRGfwYCHQLKQFe7c379K3Z0vgro
date
Sun, 12 Jun 2022 04:32:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 3DE0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Khc6lV-XtRULTBta_v_OQZnjridDM6eq_rqosGWQLIZmW3kaGOqud0t88XVmP9i_089cTT1w
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9EE7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEDsF9Q_6aK7Xw6MVAEfIvEs&google_cver=1&google_push=ARnp8GAm7YVH2ymZ4T884oX3R3JpSpB8lV54yVw80xia4lKFK0L-w1IJAmk0wpNfIchJbvQ6U4QumdDPAVlBO0fK...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GAm7YVH2ymZ4T884oX3R3JpSpB8lV54yVw80xia4lKFK0L-w1IJAmk0wpNfIchJbvQ6U4QumdDPAVlBO0fKyV4As0TWZd2GJA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GAm7YVH2ymZ4T884oX3R3JpSpB8lV54yVw80xia4lKFK0L-w1IJAmk0wpNfIchJbvQ6U4QumdDPAVlBO0fKyV4As0TWZd2GJA
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GAm7YVH2ymZ4T884oX3R3JpSpB8lV54yVw80xia4lKFK0L-w1IJAmk0wpNfIchJbvQ6U4QumdDPAVlBO0fKyV4As0TWZd2GJA
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 12 Jun 2022 04:32:27 GMT
google
match.adsrvr.org/track/cmf/ Frame 9EE7 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESENUgTwELKJDa3y130qMGnu4&google_cver=1&google_push=ARnp8GAcd-Sx1YsqODqMzSKBIQ2pyjDjqz18-xIGHzOUEd2sXkp4gc4BfpohxZqe1UrAZwGuTDAnwdZrsCUSi3BCGsUjoSNbsWpgzA
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 9EE7
Redirect Chain
  • https://ads.travelaudience.com/google_pixel?google_gid=CAESEA3Msybsv2VXgn4MUEHwr44&google_cver=1&google_push=ARnp8GADeqZ4SSJ8_dsvPb0Swt2N75erYQ-cs0DYvzxIsJ910Y8c0mrXyavR9MCXybYmpQi9RPHr2MhxcbUaIYxV...
  • https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eHm_0_8lTWeVVcRDJ6_9gw2&google_push=ARnp8GADeqZ4SSJ8_dsvPb0Swt2N75erYQ-cs0DYvzxIsJ910Y8c0mrXyavR9MCXybYmpQi9RPHr2MhxcbUaIYxVWorbHAZ2s4kisg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eHm_0_8lTWeVVcRDJ6_9gw2&google_push=ARnp8GADeqZ4SSJ8_dsvPb0Swt2N75erYQ-cs0DYvzxIsJ910Y8c0mrXyavR9MCXybYmpQi9RPHr2MhxcbUaIYxVWorbHAZ2s4kisg
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 12 Jun 2022 04:32:28 GMT
via
1.1 google
x-engine-version
0.0.0
server
nginx/1.21.6
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=eHm_0_8lTWeVVcRDJ6_9gw2&google_push=ARnp8GADeqZ4SSJ8_dsvPb0Swt2N75erYQ-cs0DYvzxIsJ910Y8c0mrXyavR9MCXybYmpQi9RPHr2MhxcbUaIYxVWorbHAZ2s4kisg
x-host
tde-deliveryengine-production-6dd6c7c9d8-fprf2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 9EE7
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEFjnPlJ8t7kM2RV_YtVqvMQ&google_cver=1&google_push=ARnp8GBsqAzR906N5K1OGlvVdjligRFBG7YK5I__Vlq5pySXdcsXIEGxuYhgZyrWPl-R8G6t-ux8ZImJd8GggvUNjYaU...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GBsqAzR906N5K1OGlvVdjligRFBG7YK5I__Vlq5pySXdcsXIEGxuYhgZyrWPl-R8G6t-ux8ZImJd8GggvUNjYaUp5a3aZPk&google_hm=QqkiBKcUS6Gw1bkVvVqfBA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GBsqAzR906N5K1OGlvVdjligRFBG7YK5I__Vlq5pySXdcsXIEGxuYhgZyrWPl-R8G6t-ux8ZImJd8GggvUNjYaUp5a3aZPk&google_hm=QqkiBKcUS6Gw1bkVvVqfBA==
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=ARnp8GBsqAzR906N5K1OGlvVdjligRFBG7YK5I__Vlq5pySXdcsXIEGxuYhgZyrWPl-R8G6t-ux8ZImJd8GggvUNjYaUp5a3aZPk&google_hm=QqkiBKcUS6Gw1bkVvVqfBA==
Date
Sun, 12 Jun 2022 04:32:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
dds
rtb.openx.net/sync/ Frame 9EE7 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELSzropkfktw1MFwAQ65MwM&google_cver=1&google_push=ARnp8GDu6I0QLgMlRoGLq_b5tiquTSInEGusCtbn5QMMqyjo3ejFkyexweSNivSDOxwRtMM7RT2jibzTT_WnfllKovSkFZ_jCjYT2w
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:27 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
3m9hplt886ejv90adaksk21q4dhi7keg
pixel
cm.g.doubleclick.net/ Frame 9EE7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEAi15LYLnnx4Fu2ckfI7tmo&google_cver=1&googl...
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEAi15LYLnnx4Fu2ckfI7tmo&google_push=AR...
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqVsXI01Y2O0CroaZEGelwAAAq0AAAIB&google_push=ARnp8GCVbKv62-mVUb8IDZk9krD3XGbhQu2Ehqy9EaslsqAuFzckNlHfFdTaRi7SjxL5-OZ-nWjIVVtudNovQQEqo2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqVsXI01Y2O0CroaZEGelwAAAq0AAAIB&google_push=ARnp8GCVbKv62-mVUb8IDZk9krD3XGbhQu2Ehqy9EaslsqAuFzckNlHfFdTaRi7SjxL5-OZ-nWjIVVtudNovQQEqo24R_qVeDV34&google_cver=1&google_gid=CAESEAi15LYLnnx4Fu2ckfI7tmo
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YqVsXI01Y2O0CroaZEGelwAAAq0AAAIB&google_push=ARnp8GCVbKv62-mVUb8IDZk9krD3XGbhQu2Ehqy9EaslsqAuFzckNlHfFdTaRi7SjxL5-OZ-nWjIVVtudNovQQEqo24R_qVeDV34&google_cver=1&google_gid=CAESEAi15LYLnnx4Fu2ckfI7tmo
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
460
Expires
Sun, 12 Jun 2022 04:32:28 GMT
pixel
cm.g.doubleclick.net/ Frame 9EE7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECm2An-f74SsEdz5lxhCzBc&google_cver=1&google_push=ARnp8GCxgYdeFiQSOpJ9rvRKMRA617FvokjsGb_O_BhNs5APYlZLObYIK1KVzM0FYb3FtfT8xb...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESECm2An-f74SsEdz5lxhCzBc&google_cver=1&google_push=ARnp8GCxgYdeFiQSOpJ9rvRKMRA617FvokjsGb_O_BhNs5APYlZLObYIK1KVzM0FYb3FtfT8xb...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KbDRDdzlKRTJ1R1VkQmp4c2Q2M3dlV1FRYlg3dDlhUH5B&google_push=ARnp8GCxgYdeFiQSOpJ9rvRKMRA617FvokjsGb_O_BhNs5APYlZLObYIK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KbDRDdzlKRTJ1R1VkQmp4c2Q2M3dlV1FRYlg3dDlhUH5B&google_push=ARnp8GCxgYdeFiQSOpJ9rvRKMRA617FvokjsGb_O_BhNs5APYlZLObYIK1KVzM0FYb3FtfT8xbotGVoG38qtEQ6YPiqakRQ5pq1gR34
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1KbDRDdzlKRTJ1R1VkQmp4c2Q2M3dlV1FRYlg3dDlhUH5B&google_push=ARnp8GCxgYdeFiQSOpJ9rvRKMRA617FvokjsGb_O_BhNs5APYlZLObYIK1KVzM0FYb3FtfT8xbotGVoG38qtEQ6YPiqakRQ5pq1gR34
date
Sun, 12 Jun 2022 04:32:28 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
attr
cm.g.doubleclick.net/pixel/ Frame 9EE7 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K44qAIrqO3k9oGkRzZw6VulKsO_Sdjc4XXGFGXRbMePFk33nkn20v3b4oQmco5U7pa_Fiaxw
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame AA85 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 21:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
199500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 21:07:28 GMT
index.html
s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/ Frame BFCF 		150 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b9a51e1e667ac4fdf8774deeb20009085881daa399e94700fab1246a9cb8498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
307331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
25717
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 08 Jun 2022 15:10:17 GMT
expires
Thu, 08 Jun 2023 15:10:17 GMT
last-modified
Thu, 15 Jul 2021 02:29:15 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4475 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdidaiOwBsqunda_STl4PHG4S9szQmixAwb24JMr2deV7vU_aT2kEDyLFGlT6ZZhYQOFXy-wYALF2LaT1v74QFe6MT2yohc5Yw1QgbJwnsn0JkIyx1kRNltwmz8-dwir73ckJbcsEMN1zpt96cuy5kC5_9IY0DiY47vFa0SaEeswTFDtewGGnvd3xZwi-WdVMNF_npCRKHV5rNg_-KmESfGvVDU0xdPSU6fyLBGfDLdEQpiP1MqFYCtGR8gxsDsOeWr4BS_11j8i05WtHfAd9_qihodANmp6jl77MLDHAwuve0XiwLyXbpjMslxK3Vr_Jx2mDYMiXfQa3KPGrBBKMZUs7Kefqvtf40sTwLhSMd2LgfA7FjhTLiVJtJwpwR_SoDTJ4pFyp5jenh9DaVBwrPQ1IlD7SZ13QCup9n7gCpQuPElvvBGTzeb9I46yVusM6TKZ0Ig8GYdRw24vWLTwWfmKjGYUvvEhlsoyfcwNEseHXDwJX67Ztr6Nn6i8vOAZ7OSAinCCBTH0q56zrCWWMkex5km6COLiNeDWmGFw0EpZ1LFJPG-Zq8wWVLFIs4OexntcQPqgYl059UE6tmq0_uj9xrGe4mQkfA_8qnUvQqQ6xpw2K2cAZ9ISQ7WkU3EgveMf9PEEZ0HZFHr1NemTWSq1_Eyz3jxPA_mCBPOa3IswDqDCM0B6De_l2jFDw2_I4vF-TcZHLOflKz5WzA2Bv-vcca1qeCKVCWX_lu0fa3_TfE-Cjw717fmXqcyzN__vjjVlbTyQ4PbyPI60-FUt0dWqKGIFKMDiuxnQR1tjBFp2pGKcFgB--hTF-2O2elFmEiskqT3OKA1LY0RQ7ZfdMYEocbiiNPR3YwuXnjSEnn4MIqSmWl6Ysx1P9G5aOOpMIYP-x-MTwLTIC8MZ5WR2qqDzQ2gq_1F3rvmCcBcffSrpsnB_EensjyBkZb8d0v4k4WWMdd0uXJehS96ls7GunsKmt_ivsd9hXqNN8WBK8vNJO-pk3tZZWv2N80EXneVmB6BtlgAYIVUPTsa-SzlBAqSL5zC615_KgLwYJLlHJZrWk59DtCnLCO260YSweIsm0XuhuHwdEQGLjhQ2X5YGCFNdRiRi-08cLjH4eHED2VpNPr71j0BdOkSPG1hpQx946eGw1L0yx5XTsjpCoTX8ERrG0-MTq5GJmRD5GvPwWcDY4vvc6sOdXmqr214hH5gwX1XkOVDtvP0R8&sai=AMfl-YSVx-LEu1hZ6YtirxFLEOSvC81hBEkGXpavLmXl9VNwfIAXBfdZjfNyFjuS1grBq4r3iz7ORJwZfDbPXOBeslfM5YuZvFChET6mx2NZkRw-x8rYcywaktLpVHQ0CQflA-l4Dlng8cjAWg1Dr54gvnGgmaw_oMzpy3hHq_B6695ttS0AtYyokDZKfxSobKdjexrD3lxhqFm7-pwN74cm6g&sig=Cg0ArKJSzLlUxXgIlqQyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=214&cbvp=1&cstd=211&cisv=r20220608.18362&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sun, 12 Jun 2022 04:32:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
verify.js
rtb0.doubleverify.com/ Frame CBEB 		1 KB
903 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_892567755490&jsTagObjCallback=__tagObject_callback_892567755490&num=6&ctx=1828362&cmp=115739&plc=5207946&sid=18330&advid=&adsrv=&unit=300x250&isdvvid=&uid=892567755490&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.50&dvpx_strhd=0.50&brid=3&brver=99&bridua=3&dup=null&turl=https://dengi.ua/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0jaYmIDW4cIQt2QqH4P-lBK&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=46959267&DVP_DBM_4=347820102&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=34173461753&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=20&brh=3&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTau56%3F8%3A%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau56%3F8%3A%5DF2Tar9EEADTbpTauTauce5g45edec%603_d2fe_f2%6027%607%60%60a336a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=7.60&callbackName=__verify_callback_892567755490
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
8d511f247f512f43e218ae88406573f7a16b1173763bf73597615740be39f24d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:28 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
X-DV-Response
1
Connection
keep-alive
Expires
06/11/2022 04:32:28
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame EE66 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 21:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
199500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 21:07:28 GMT
t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
pagead2.googlesyndication.com/bg/ Frame D14D 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/t2HguO2j65-YuLkPO9saWESmMQOi1UewO3XwUl1-OG4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Thu, 09 Jun 2022 21:07:28 GMT
content-encoding
br
x-content-type-options
nosniff
age
199500
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13815
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Jun 2023 21:07:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BD05 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQj9EQFxFPt7qRWx-z02yk7MMIakj4Sf3qYL-qcThSukkzCxsifmQGSGctWJqWsCxTH5Ay3z6pEWrWBi19wdVkc7LyGk9OgDIMS8q-VCl9eMJF-EPeSrbmq_7q&sai=AMfl-YSSs5Tl4kUcdYnFbxtefDN5BUTeLWDILbhlnJUEHfw-0t6IvYaMgrhkn3Dm2cmOH9cQPclURU6zY90L&sig=Cg0ArKJSzMNAtnLe9InuEAE&id=lidar2&mcvt=1018&p=0,0,90,728&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1130233035&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655008346849&rpt=701&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_246.js
s0.2mdn.net/879366/ Frame BFCF 		28 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_246.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 16:38:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42857
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10121
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 20:54:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 12 Jun 2022 16:38:11 GMT
dcmads.js
www.googletagservices.com/dcm/ Frame CBEB 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c2b1348622fc97e3f0f6e0272b5707fd75af7bd22e5996b6337c233b94cca504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 03:52:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2414
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8772
x-xss-protection
0
last-modified
Thu, 09 Jun 2022 18:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sun, 12 Jun 2022 04:52:14 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 4475 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstdidaiOwBsqunda_STl4PHG4S9szQmixAwb24JMr2deV7vU_aT2kEDyLFGlT6ZZhYQOFXy-wYALF2LaT1v74QFe6MT2yohc5Yw1QgbJwnsn0JkIyx1kRNltwmz8-dwir73ckJbcsEMN1zpt96cuy5kC5_9IY0DiY47vFa0SaEeswTFDtewGGnvd3xZwi-WdVMNF_npCRKHV5rNg_-KmESfGvVDU0xdPSU6fyLBGfDLdEQpiP1MqFYCtGR8gxsDsOeWr4BS_11j8i05WtHfAd9_qihodANmp6jl77MLDHAwuve0XiwLyXbpjMslxK3Vr_Jx2mDYMiXfQa3KPGrBBKMZUs7Kefqvtf40sTwLhSMd2LgfA7FjhTLiVJtJwpwR_SoDTJ4pFyp5jenh9DaVBwrPQ1IlD7SZ13QCup9n7gCpQuPElvvBGTzeb9I46yVusM6TKZ0Ig8GYdRw24vWLTwWfmKjGYUvvEhlsoyfcwNEseHXDwJX67Ztr6Nn6i8vOAZ7OSAinCCBTH0q56zrCWWMkex5km6COLiNeDWmGFw0EpZ1LFJPG-Zq8wWVLFIs4OexntcQPqgYl059UE6tmq0_uj9xrGe4mQkfA_8qnUvQqQ6xpw2K2cAZ9ISQ7WkU3EgveMf9PEEZ0HZFHr1NemTWSq1_Eyz3jxPA_mCBPOa3IswDqDCM0B6De_l2jFDw2_I4vF-TcZHLOflKz5WzA2Bv-vcca1qeCKVCWX_lu0fa3_TfE-Cjw717fmXqcyzN__vjjVlbTyQ4PbyPI60-FUt0dWqKGIFKMDiuxnQR1tjBFp2pGKcFgB--hTF-2O2elFmEiskqT3OKA1LY0RQ7ZfdMYEocbiiNPR3YwuXnjSEnn4MIqSmWl6Ysx1P9G5aOOpMIYP-x-MTwLTIC8MZ5WR2qqDzQ2gq_1F3rvmCcBcffSrpsnB_EensjyBkZb8d0v4k4WWMdd0uXJehS96ls7GunsKmt_ivsd9hXqNN8WBK8vNJO-pk3tZZWv2N80EXneVmB6BtlgAYIVUPTsa-SzlBAqSL5zC615_KgLwYJLlHJZrWk59DtCnLCO260YSweIsm0XuhuHwdEQGLjhQ2X5YGCFNdRiRi-08cLjH4eHED2VpNPr71j0BdOkSPG1hpQx946eGw1L0yx5XTsjpCoTX8ERrG0-MTq5GJmRD5GvPwWcDY4vvc6sOdXmqr214hH5gwX1XkOVDtvP0R8&sai=AMfl-YSVx-LEu1hZ6YtirxFLEOSvC81hBEkGXpavLmXl9VNwfIAXBfdZjfNyFjuS1grBq4r3iz7ORJwZfDbPXOBeslfM5YuZvFChET6mx2NZkRw-x8rYcywaktLpVHQ0CQflA-l4Dlng8cjAWg1Dr54gvnGgmaw_oMzpy3hHq_B6695ttS0AtYyokDZKfxSobKdjexrD3lxhqFm7-pwN74cm6g&sig=Cg0ArKJSzLlUxXgIlqQyEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=504&vt=11&dtpt=290&dett=3&cstd=211&cisv=r20220608.18362&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
impl_v89.js
www.googletagservices.com/dcm/ Frame CBEB 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v89.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5c074fe7caed85285ceec6f5a877867b78a4af8f1ef0b0adc9a2200da2112d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 11:08:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
408259
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21503
x-xss-protection
0
last-modified
Tue, 07 Jun 2022 10:59:23 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Jun 2023 11:08:09 GMT
Text.svg
s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/ Frame BFCF 		27 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/Text.svg
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4eb317f258ace95f998f90b36a9cc7fa5b69ace6596d72a8549a450ccf48104e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 15:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5732
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 02:29:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Jun 2023 15:10:19 GMT
Text_1.svg
s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/ Frame BFCF 		24 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/Text_1.svg
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2371a81fefa3ba5bafa82e5fc7a7d7ee0f698b94e9f8dedb13ccd1f41cfd38f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 15:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
307329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5534
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 02:29:15 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Jun 2023 15:10:19 GMT
Capsule.png
s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/ Frame BFCF 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/Capsule.png
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
71d26713113c28ff56c1a79764047ad2d2718c30c54f03bd7c26578d60d9b114
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 15:10:19 GMT
x-content-type-options
nosniff
age
307329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11332
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 02:29:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Jun 2023 15:10:19 GMT
Fr2_bg.jpg
s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/ Frame BFCF 		71 KB
71 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/Fr2_bg.jpg
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
565a9be79a72a97755b6d5c0a9d9251a4c8a8cb2353a83895accaabdde76fd09
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 15:10:19 GMT
x-content-type-options
nosniff
age
307329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72361
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 02:29:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Jun 2023 15:10:19 GMT
Fr3_bg.jpg
s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/ Frame BFCF 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/Fr3_bg.jpg
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
901779fb571088b6f91626465fe5ce07586bd70fcd5a969cc7d54a34a2ded234
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 15:10:19 GMT
x-content-type-options
nosniff
age
307329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36317
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 02:29:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Jun 2023 15:10:19 GMT
Machine.png
s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/ Frame BFCF 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/Machine.png
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4bc10f17a5884a3f3884284232158ff33ae3b6b0bd3897ffd6e85e921d27eb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 15:10:19 GMT
x-content-type-options
nosniff
age
307329
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9730
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 02:29:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 08 Jun 2023 15:10:19 GMT
Fr1_bg.jpg
s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/ Frame BFCF 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/Fr1_bg.jpg
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55c5b265ae3dcc65af3388ef9ef9d955d85235fbf03268320036fb440639af35
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7073604426832573050/HTML5_Media_Banner_300x250_OL_Subscription_2021/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 14:38:45 GMT
x-content-type-options
nosniff
age
136423
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17316
x-xss-protection
0
last-modified
Thu, 15 Jul 2021 02:29:15 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 10 Jun 2023 14:38:45 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame AA85 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BbS_8XGylYtjTDMPk7gPGzprIDAAAAAA4AeAEAg&bg=!nJ-ln9vNAAaJfvByqX47ACkAdvg8WgTp1FEHbD9v61Oo8P04Y_sZ6hpMB10Rc_ACGz1Y9n-N4vP_XQIAAAD8UgAAAAFoAQeZAuHeE80oDgQ_j0FMkMsfVb5VK14Xfery1ds2ZsKL_55efQjStyB1I0Y8jgN8MlJ_qSUERG18E9viLHZW8ggqxoC8lHG8j6L3UzBJzxLp9T0mSOrPFNRHRcQLPaM11hVPkcOstzjldbVG7LxQ4P6FTcWr9cj3y7LdXSHy-pZ2wD2EPkvI0CfuLuvTH8FSDsaInXf0H6eYS7SSyAlBMAIvrEpR6C1lnTRX-Kla-eIvn4giHlXSP-n_D5kUPjVzmZb9DAzzfMTMT-AaSRqySIQqp_hFkaP18DnzmP3hQTIqtgnRHhnuHiIYteNhRLOVcxw0UbU3nIlcxLrxuavnQF_f-wK4AhLfs-U4sFU88rJfhFh93DvBiELxzlZL0zZ2muJJ6kSl9yP7oqGd2vzQo77rYnYrcz0NLfANnEolJbDLk2bzpJla85zBhz5sODz2FOu8dcWnl3hr_qZQLpSsy8SyRVR_nlPHSWaK7W3isUdhfxX9UrwqFjWDB8P68k1ykzJyYzusAqLRpDuAotxQc2R1aJEGt0UHGV7-uLz-IHy_iAEdCbvmE6n8ilp4cd9CuVbagEGhJxQGk9gmFWqcSEBzjFqsQK9QDcD2gYM5tt3OWloI1LO8stb6qAZsXyHK_45lODo6YCkwcoKD7xfE4_JZM_GvTVtorNgPfrERNsphOPM3p5clSYQcjp0AH1xsyQZSh1cZJUWFaadQBB8H5Nk42--kXTrh3XzKSvQWVYh1CE4DO9MxJDmJwdVdIJF1BIotLKhP-Xzt_hWG2DBB20IWX5IMssWwliCne07jY2iDG2e5P5NHlhVi8kU4clZNHnkJKptexEOa6n3PjRYy-7qkAMZwcmWI8LC1jdCIngTid09GiOjPt1Qua8_FKPzsE__4ZSi1ik7ljYFJn25fNqTstFvzUuTmZ9z7BVPc9Djp0PlFHmfo3En8K935KMxOCcIKuoicXIWZd3uzsG_8tFUb4lkuPA
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
B9689862.280410797;dc_ver=89.262;sz=300x250;u_sd=1;dc_adk=2265872556;ord=9125ct;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fdengi.ua%2F$0;xdt=1;crlt=6jmCHYm...
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame CBEB 		47 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=89.262;sz=300x250;u_sd=1;dc_adk=2265872556;ord=9125ct;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fdengi.ua%2F$0;xdt=1;crlt=6jmCHYmqfv;stc=1;chaa=1;sttr=54;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v89.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.134 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f134.1e100.net
Software
cafe /
Resource Hash
fb28bd83a521860e318ae2804716dc4961836ca72b13c310d9549931eeebaa1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23366
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EE66 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BUAaaXGylYsbuDIWm3gP54Yf4AQAAAAA4AeAEAg&bg=!SUqlSg7NAAaJfvByqX47ACkAdvg8Wp2DQ_u4wELnIiwW90rJ9sMWPWUDlQv6xleEgsIPU1SNuFv2xgIAAADcUgAAAAJoAQeZAtyevdVhYYKERCBHL6qoeBS-p2FV2QqHXHKIusHdQTX-xzQ-IZwZImQyQvirfaUrA2fg6FH1eFlioCR6mFIULWCMiZP5Q3lBg8ojnhx69uei05T0GoSWRVHfY5MqD5G0Xy9Xldm2i8uYZNTGSmj3ETXoZX57UGAndx00ycN4dB1pDGNhhLfVDU1-edJNuAcN8sFu3eDLFbvZPypLKL3zvQ6zl_21OtW2mJkFVB3q3m5OmMwaN7IkMMh1lS_S-ufBwB4SXr-aoko8rqBlPerwnsjRTl4uCUm-Nrtk8xv-hVvlFUgfEaGM2D_OXfvwHtRX9gXRKs9mPjBFZH6JRzQDFOWCtVwMNFWq8GreQGK2hFVKsbAYfPRiOl61XFN8eMIsZ1DFGtnMpsbyGPNXsaHSujEkuPblZbn3elKrqYRs-8WRO2my68Hz-XxBDCElxdrQo83SXEPJEh0FMinAnoT-m9tJnMOCpVGmtvWTVvmwS2YV2M0uQgomll_d24gEwWdBCTfuZc-1MNUdAeKGSmkER7P56v_NWkyGS_YWroUyti8A_l-caMexYZ5kUrqivLusI9gRBo7ycZwroUcyLyfx1lUnVMixMhmRJa4lLgf56fb598z8THkvb5ylI_WXW1ya9BE2HLllvUy08oLgVzAAbeyN8rE-p7rthorlpp6R1-yPAacpHaKS7txEUBx5HCoqhhRxi2aUzTkxR5qoq4A8iZFP6JpreGwDwQpm8X-s4rT9KCQaQFQDnosFgdZXu2C1tCYypcOgDoUzPwNm5sfZlpvJmjcrEzxkkSqr4ZmVyEdPtI11HkVOyKC5mn_yn2GNG4i1TGXZuDiJtvnoHrgDo2Exkhgsxzw4xf-IIPczNZkcRZBENOzcSAtR4Jm3uuqGxxJU79LbAMlXyZUNQ8-yEaxccAhQh2VzxwFT6HP2ME-nCI_0FWeMOqSSGxVN_wk0kkt84VPPyPpZuzt8Q-I
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D14D 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfpmkXGylYv6aDK_Vx_APoPK8mAEAAAAAOAHgBAI&bg=!8POl87fNAAaJfvByqX47ACkAdvg8WtO_7Nt3rFvSeIcmqivd7W-dqYdhaG-aKOPlNfIcNPAt7HDsNwIAAAC5UgAAAAJoAQeZAtia2uB0fixA51PFIAlPdPXi-sdrrwNFT5_ZWnvFuaZjnMKxsWEOsHnk3pLghxBgeB9XevqFXxxWdY7O3z6GVcDQTsU8FE183YpPtlQL44eoqHkPcso6XSfUiqx9uX_2QEnwk24iga963E7Dedf-8UNRMb2vlEFq7kBlEGkMuuPR0TcZ08w9YP_6EmN6gtflpzGcM4Q4KgEuCMbSW74d-Q5tad0x5a-dF7Ig8z69KapXqVEPvYdG3v55ZjP3NfTOs0_Ea69T0kEsjrmAY9omIeX4dbvUCHEC7G6WLQdxe_zJkVzcKxAqm8oBw-BtDeCys-6al5Pl3K-7iTYHQt3up_2QFrgMqtsQMV2YgOs8Wnjqxb63nvw_w4gJ9eePcsImDuLxeYW7fNTm8-SlVI9qvIl2TwgpOKxFtAUfUsLyZdX8COtGJeiKWYME1xUwNbYNH-0ppA09jyhew0PA-qXze2z7RiBJCHJc9rFkXYpNSNeWmDuxURSbJ2US0tB3QdrM0jmbcC8B-rTJ6N5Xa5_QX0SuptvN-CFeKtCSWZmyr1UYZmE1X6nBj5LACpOvyJ_mp3G0I7O6IU-cMZf5w_-n0vCK6g2uSOji5U6G6iU75TFA-5tUWol2HHpo1JPKnU1YzvkdqkOk4W-X-2vnc1zIXfeYuW6IStETI9dmNKI_zsIOlxcIv8-vFxdfw35kHpMvhkZO-D8y_H3Wk6_nm-GYe_e39ZCm8JoEGqyWgYmClol3N2vpo43Mh6TPwzqR25FH7zx81T87TFkJMe4H0Gr1HEjtxCQnZcxmxTPAbkMikI_Jf7Ecw2hh2dor73Oo73vZzqPmyHnO2xfbd48PuJDnFyCo31ITj8WR1jn7QZv1NIFKG378br3A2n2SCE-T4ZjE9lMujIfWcpGk2mw_7xtpzSM4nHd0beTUM-Ts_HqBj_GhkNAqTAhQFOob5tOPL4S-3YmXf_koB-nFVw
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 169B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss59_RYu2M1DfXqta2cjqPVHke0DxZ7BQHT0Ke0w-Nw6LfrNC1pGw7eulLPjwluukYE4RGzWRvOAxPgclgEpqSVa7s89u9gw6PslT46eKfv9wGgTa8CUkGMfLW3&sai=AMfl-YSayNh9w2xIxyB8XTzPIkO_0fZ6lzrKb0QUYbEExSTzL-X1QP1J1XqijEm_RNZMRXWcHKHCwSplJ_NZ&sig=Cg0ArKJSzPMRRFUyfVGhEAE&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4259256516&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655008346870&rpt=1145&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/elements/html/ Frame CBEB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220608/r20110914/elements/html/omrhp.js
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=89.262;sz=300x250;u_sd=1;dc_adk=2265872556;ord=9125ct;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fdengi.ua%2F$0;xdt=1;crlt=6jmCHYmqfv;stc=1;chaa=1;sttr=54;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
932
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 04:16:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CBEB 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuretaw66NIAHEFaic0VKCV0VNzLZyULHgvKKkFYj4jamJAuyJHWX5-lHnGg-WU1IZC-WbKZdZ8UENjGLVPY69NIFEddwwv1-dfsV4noVndsxcu2EYJW67m8NI8wcPnvKoPrbFOHf_b-CQ&sig=Cg0ArKJSzOmhp0llqP9REAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=4&cbvp=1&cstd=0&cisv=r20220608.79517&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=89.262;sz=300x250;u_sd=1;dc_adk=2265872556;ord=9125ct;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fdengi.ua%2F$0;xdt=1;crlt=6jmCHYmqfv;stc=1;chaa=1;sttr=54;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
17862569576457544911
s0.2mdn.net/simgad/ Frame CBEB 		111 KB
111 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/17862569576457544911?sqp=-oaymwEOCKwCEPoBIAFIZFABWAE&rs=AOga4qkph_sA_MDAKhJ3iyswgQudh1Ou0w
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
269c184626186808b798a470a60c05cabea8a167d42439619d22596ee1cffafd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 17:12:01 GMT
x-content-type-options
nosniff
age
472828
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113157
x-xss-protection
0
last-modified
Mon, 16 May 2022 16:38:10 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 06 Jun 2023 17:12:01 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame D9F5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

accept-ranges
bytes
age
22158
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 22:23:11 GMT
expires
Sun, 11 Jun 2023 22:23:11 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
dv-measurements2815.js
cdn.doubleverify.com/ Frame E616 		531 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dv-measurements2815.js
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:df:3ac::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8107b80022ba84501f49a6a4c6160c50ca6cdb7f5923a2b7736343a55914714d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date
Sun, 12 Jun 2022 04:32:29 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 08:18:27 GMT
Server
Microsoft-IIS/10.0
ETag
"808ba07ed97bd81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080900
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
100292
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F016 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

age
54377
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 11 Jun 2022 13:26:12 GMT
etag
48472445140208031
expires
Sun, 12 Jun 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame CBEB 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f6982b2bc13f1264468ce3533789bdbd2e0a365846a3545674bb167b88940df2

Request headers

accept-language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type
image/png
csi
csi.gstatic.com/ Frame 169B 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~l4at8lxd&c=6249739935192&slotId=3124869967596&qqid=CPW8-8SKp_gCFQnB7Qod9D0AkQ&dm=18000&event_name=first_play&asset_bytes=24813&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=3&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.l4at8mf2
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/327a2f53e8b7ae59adc1a35b4c015d49.js?tag=video_mra/web_raspberry
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c2c::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:29 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame CBEB 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuretaw66NIAHEFaic0VKCV0VNzLZyULHgvKKkFYj4jamJAuyJHWX5-lHnGg-WU1IZC-WbKZdZ8UENjGLVPY69NIFEddwwv1-dfsV4noVndsxcu2EYJW67m8NI8wcPnvKoPrbFOHf_b-CQ&sig=Cg0ArKJSzOmhp0llqP9REAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=86&vt=11&dtpt=82&dett=2&cstd=0&cisv=r20220608.79517&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280410797;dc_ver=89.262;sz=300x250;u_sd=1;dc_adk=2265872556;ord=9125ct;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Fdengi.ua%2F$0;xdt=1;crlt=6jmCHYmqfv;stc=1;chaa=1;sttr=54;prcl=s
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin
*
date
Sun, 12 Jun 2022 04:32:29 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
pagead2.googlesyndication.com/bg/ Frame D9F5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sat, 11 Jun 2022 21:32:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
25225
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13776
x-xss-protection
0
last-modified
Wed, 01 Jun 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 11 Jun 2023 21:32:04 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame F016 		0
173 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEJjujZHarrAx896FhJt_oU0&google_cver=1&google_push=ARnp8GDkNovA7B3LbI2y-g_o332_gjDrBmjq_M822CwJhK1AkefSLxaAV8sNNbsG0u7fu6X-mBdRKq2XPxnfgxkWklOY6i6FcOLoPg
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:29 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dds
rtb.openx.net/sync/ Frame F016 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESELSzropkfktw1MFwAQ65MwM&google_cver=1&google_push=ARnp8GDQoLYVO9qJwEgr94IyqOz6Zrqiw58VlJWXL0hqJpguxAToRSt46w7GHLECq6UApixdmeCDMwNo8FeB4KY-Oih1iOJgeUpxIQ
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:28 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
7e16c8l1se02e13m0f923onk7tob4216
pixel
cm.g.doubleclick.net/ Frame F016
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d6uF59_3TbOnlh3biELiPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d6uF59_3TbOnlh3biELiPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBEilLSNqwnkF1YYNuF01y7Rx2Qmb83jwEPCUB0WTWDaL4f3DaJ0Wk-vbo_3BYmw1byNsBYVTd_lHQKV65HdEfQFrv-Fa2uPA
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=d6uF59_3TbOnlh3biELiPQ%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ARnp8GBEilLSNqwnkF1YYNuF01y7Rx2Qmb83jwEPCUB0WTWDaL4f3DaJ0Wk-vbo_3BYmw1byNsBYVTd_lHQKV65HdEfQFrv-Fa2uPA
date
Sun, 12 Jun 2022 04:32:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
us
sync.go.sonobi.com/ Frame F016 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DARnp8GDucGZi7vCuJhgemWUUPMhvFLi45RfS1mOPSf371dkoLpu7K0-y3q6OyxFNNnF7wlyNW_ECBphnsKLsQEd-Q6vUeCuh9rqzdg%26google_hm%3D%5BUID%5D&google_gid=CAESEJhf5KhP8R9UUcLdDZUaBxM&google_cver=1
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.34.250.75 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:29 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-21
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F016
Redirect Chain
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEONg7uX6J0myASMOHzzOoDY&google_cver=1&google_push=ARnp8GAnF__XlKGf4BgemlN2ERu_TlgkTIlBiHqzYeTXrOwuJx0s9CZy32Xa6a7HH7DOlpKZqdtvnRdrTz4tlYVXq...
  • https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEONg7uX6J0myASMOHzzOoDY&google_cver=1&google_push=ARnp8GAnF__XlKGf4BgemlN2ERu_TlgkTIlBiHqzYeTXrOwuJx0s9CZy32Xa6a7HH7DOlpKZqdtvnRdrTz4tlYVXq...
  • https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GAnF__XlKGf4BgemlN2ERu_TlgkTIlBiHqzYeTXrOwuJx0s9CZy32Xa6a7HH7DOlpKZqdtvnRdrTz4tlYVXq5swJwNgFNvKqg&google_hm=Ey-wrGZHSv4MOw5AR7yC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GAnF__XlKGf4BgemlN2ERu_TlgkTIlBiHqzYeTXrOwuJx0s9CZy32Xa6a7HH7DOlpKZqdtvnRdrTz4tlYVXq5swJwNgFNvKqg&google_hm=Ey-wrGZHSv4MOw5AR7yCtSUB
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 12 Jun 2022 04:32:29 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GAnF__XlKGf4BgemlN2ERu_TlgkTIlBiHqzYeTXrOwuJx0s9CZy32Xa6a7HH7DOlpKZqdtvnRdrTz4tlYVXq5swJwNgFNvKqg&google_hm=Ey-wrGZHSv4MOw5AR7yCtSUB
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
pixel
cm.g.doubleclick.net/ Frame F016
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEM-XOlWWLxVTUVoYVoxrjcw&google_cver=1&google_push=ARnp8GAlhaHJ8BifbqFNCGEZig73AMq9LOqe-4Nj_A7SxEDfL8pCgQdRhzoWCCB3V0r4l9jUCRBc4kqAE4eCV9rbSAJpY0...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEM-XOlWWLxVTUVoYVoxrjcw&google_cver=1&google_push=ARnp8GAlhaHJ8BifbqFNCGEZig73AMq9LOqe-4Nj_A7SxEDfL8pCgQdRhzoWCCB3V0r4l9jUCRBc4kqAE4eCV9rb...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=G9fL7hMRRPSW6MhJ9c4Qxg&google_push=ARnp8GAlhaHJ8BifbqFNCGEZig73AMq9LOqe-4Nj_A7SxEDfL8pCgQdRhzoWCCB3V0r4l9jUCRBc4kqAE4eCV9r...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=G9fL7hMRRPSW6MhJ9c4Qxg&google_push=ARnp8GAlhaHJ8BifbqFNCGEZig73AMq9LOqe-4Nj_A7SxEDfL8pCgQdRhzoWCCB3V0r4l9jUCRBc4kqAE4eCV9rbSAJpY0wiiyf-hQ
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:29 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=G9fL7hMRRPSW6MhJ9c4Qxg&google_push=ARnp8GAlhaHJ8BifbqFNCGEZig73AMq9LOqe-4Nj_A7SxEDfL8pCgQdRhzoWCCB3V0r4l9jUCRBc4kqAE4eCV9rbSAJpY0wiiyf-hQ
date
Sun, 12 Jun 2022 04:32:29 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
onetag-sys.com/match/ Frame F016
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEGHj0AoWjI8wBmvQxQUVnHE&google_cver=1&google_push=ARnp8GAPhq_8X7jANN_YXgf8J_F6aMprglrwwG06xTksW7-iNv23T3sDW44V_U9SCwM47uxfB66bzZNxxIO...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GAPhq_8X7jANN_YXgf8J_F6aMprglrwwG06xTksW7-iNv23T3sDW44V_U9SCwM47uxfB66bzZNxxIOkAtf0QCwWiXmNvscab_E
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
51.38.120.206 , France, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:29 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame F016 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxXc3803dlqcdt95Q3PaKaLs0huqBQLbC89deF5hVc737TwOpET4zBOhFsXKli-KSwJUEBhA
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Sun, 12 Jun 2022 04:32:29 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
visit.js
tps.doubleverify.com/ Frame E616 		694 B
685 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=181&ttfrms=35&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau56%3F8%3A%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau56%3F8%3A%5DF2Tar9EEADTbpTauTauce5g45edec%603_d2fe_f2%6027%607%60%60a336a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1655008349320848&jsCallback=dvCallback_1655008349320530&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=3&winh=250&winw=300&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2815&tgjsver=2815&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2F46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=20&brh=3&sdf=2&dvp_epl=203&noc=4&nav_pltfrm=Win32&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://dengi.ua/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0jaYmIDW4cIQt2QqH4P-lBK&DVP_DBM_1=3060631&DVP_DBM_2=11796640&DVP_DBM_3=46959267&DVP_DBM_4=347820102&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=34173461753&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=377193266242.45386&dvp_tukv=18093708121.03699&dvp_uuid=470630542130.233&dvp_strhd=0.5&dvpx_strhd=0.5&dvp_tuid=784528008365
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2815.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.25 Surbiton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
786701cae424f784fcc33a34c5d14b30fe681684d333af86def7080cdafdc5e1

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 12 Jun 2022 04:32:29 GMT
Content-Encoding
br
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Transfer-Encoding
chunked
Expires
06/11/2022 04:32:29
gen_204
pagead2.googlesyndication.com/pagead/ Frame D9F5 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B98yEXGylYoahO5PAx_AP6pmemA0AAAAAOAHgBAI&bg=!HxylHFjNAAaJfvByqX47ACkAdvg8Wh7oTN7BeAB5OyhiYhh0n7dyhaOCN5EyWawjqq_sL37XjcjNoAIAAACaUgAAAAdoAQeZAtaYPse3-D-cfBYCRL7n_lC77oNkyhLo5heJGSJTDP7w7LyIFfwO3Y4jCSzeqAW3SA5Faj08h-DMxZYGjlwE-ukIHSjc2zw-r5NH30ru6kGCqM1Sih5qZblYjWadCcHiYTHhcH7f64RSTmK9gWky9gw7y0SCt4W7AEYhuTGMn5NnplsekY5jjNxbpas6_HRQPz-RuLjjqcdnFI0_Nj8rHSyByjTrN1iw31p-3hfZV4tXtkPaOhislM6Qxk6FEDNO0890DNkUv4Beq4kBLlcTfAjqDKg5z7RxC1KdbcVq97bJX4knOZeiMWY4aKZX7Ebzdsza4ksUNQGVA-BVeJYWWo1iP1S8WkwAaDeLtNOJyhbd2LFkGKffe-kTZ11dLlN1dC5psWHYMvf9t7sF8zDqJMrOJroKkYUF1PDiLS4wCfN3UDFW6wA1nPT0-VmZmjR4tWPV-4X-FL1xrQPJ0y6Vih9B4JH8-BgPcJjC1efJLe4qlet-SRT8bbgvwrbrT4R_I2TuH2gUQQpGlOdTsTOKV8AmVR-fnWwllg9Vjer65aOUwS_JqMxvcF5wZO5h5XpRV52JEv9Nc-LluvBftZYu80Rj4In3XxCgoFEi-qRenFYSoxV5OkQSLnWvuN8vfLSYx3bdcQLgK4kvdWsddJ8dFssq4g7nK7-8sfYIdU6ux1pxPDZXqdllf1s180YTK3thWUJqHY-Wt5aHLPGCgG21v107sTBlnMQDxSCCaMityOeTFEmB5vhAe-GxTXKbwabeMYk3FQlkF9TDybZvxSkD-1Ck-6QGIsBdzpZ3ojKmpZF5-twbKFMtgEd-iAOMah7FA-AUrYHqKtnbxtozLPPA6Lu8vrPgbxy7fWYdDhrQ5mcaiPLD9XbW80huHERxolUxszg2z6XAuPkDyDQEl8dft4vS43emKnGyTyzu7s-_tpIPmDLADnkGVUerq6dsmJNHS4bJOKzY6sM
Requested by
Host: 46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
URL: https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4C87 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszWIi3B0-SxqZPE6jqK02vEAfwPW-yiGsFZKSYJgBXnwjjeQ7I3jF6ApgvuG0lyxrQhS7KV6Bk7_5tYS10pL_u0Wx0bH0EAqFYNCMpocUtw3At59HM-VwlFvlj&sai=AMfl-YT6Yi1jyzRyjX06ddUuTXWE6ERhlmGEywVRZh8w5wECjaBGq5xF9wxfbuKnjJ5z2a_1_hLTF178DKKI6FtRhQ1MIZdRYqF2_Qqer0kKnQpLfpQMcy7YbY5j0QE&sig=Cg0ArKJSzBWICZThCbotEAE&cid=CAASJORo03UppxorbiWc0GZ2nvNe3XGjrJgtUdImkSp-PEWYG56K1A&id=lidar2&mcvt=1004&p=950,0,1200,300&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20220608&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2108943474&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655008347969&rpt=481&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
event.png
tpsc-frc.doubleverify.com/ Frame E616 		0
295 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://tpsc-frc.doubleverify.com/event.png?impid=9ccf1b8964244357b4caf196eaeb0e99&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&dvp_atali=1&vdur=220&eoid=10&msrjs=2815&sdf=2&vit=2&isvelg=1&rmi=16&tltms=0&tetms=9&msltms=147&vltms=220&sei=289&vetms=15&engms=1&engisel=1&msrcanlm=392&msrcannum=3&ismms=43&isumms=43&nvr=2&isgmmims=43&isgmv4mims=43&elmtp=6&isbxdms=2343&b0=2402&adhgt=250&adwdth=300&norwdth=300&norhgt=250&dvp_vsosnmr=1&lftb=2402&sftb=2402&msrdp=4&naral=128&vct=512&vphgt=1200&vpwdth=1600&chgt=250&cwdth=300&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&engalms=42&dvp_dpr=1&ttfurm=3260&cbust=1655008352548835
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2815.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.254.244.25 Surbiton, United Kingdom, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
Pragma
no-cache
Date
Sun, 12 Jun 2022 04:31:56 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Vary
Origin
Expires
06/11/2022 04:32:32
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 169B 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=C76RvWmylYvWnOomCtwf0-4CICYfDh8tqrvT2tq8Pxe6pg80oEAEgxuCLeWC7BqABtYOU1wPIAQmpAsMM_VteqbQ-qAMByAPLBKoE7QFP0FSSjGLyDTDP58JZP6d9LEtG64ut64AzXVudUMhF4zoM2h7Brk9x29b5ZT0_v_TIyL25P3ZikaWUmVVFBoo8OTjUJjxlrJbgROghR17EY-og_Sw4_K9hcAMM9jZwcKrCoe6DtYOoiMxwwZtY9AcTHKtmED4lD07CmHcxMNKateva1i1_hlrzHm7Lt4NJmuoNzBm6Ayt0XarpuRL44soRRM-Lsyno4BMYSi8Mvl7picyqF_WPu-7VZQgiVlDSpRX5l6WfozjuxBf59XiOfqq1mMD8lXPpsVTQnNj-ullFHiEhqvGltGwKzrJUbenABJ6myK_MA6AGLoAH2vq0KKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YBwEAEYH7EJgKJLqtzv5FeACgGYCwHICwGADAG4DAG4E5wb2BMNiBQF0BUB-BYBgBcB&sigh=OO3_t6k2XXE&cid=CAQSGwCNIrLM7-BqkW_4jb8E3899UH7VKw5x2cXC7w&label=videoplaytime25
Requested by
Host: dengi.ua
URL: https://dengi.ua/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3755662197386269&output=html&h=600&slotname=6375025521&adk=4259256516&adf=162540587&pi=t.ma~as.6375025521&w=300&lmt=1655008346&psa=0&format=300x600&url=https%3A%2F%2Fdengi.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1655008346784&bpp=1&bdt=713&idt=80&shv=r20220608&mjsv=m202206070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=828244554574&frm=20&pv=1&ga_vid=799306086.1655008346&ga_sid=1655008347&ga_hid=1520728734&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1080&ady=316&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31067934%2C44760912%2C31067487&oid=2&pvsid=1136083849959437&pem=627&tmod=1270453311&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=TjbcFeaI1M&p=https%3A//dengi.ua&dtd=84
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 12 Jun 2022 04:32:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.outstream.today
URL
https://ad.outstream.today/delivery/sync?userid=42a92204-a714-4ba1-b0d5-b915bd5a9f04&inner_redirect=1&inner_uuid=f13a082a-a43e-43a5-98a6-55ed0aa2404e&redirect_host_list=YWQuYWRvcHgubmV0LGFkLmludmFtaWEuY29tLGFkLnZpZHZlcnRvLmlvLGFkLnZpZHZlci50bw==
Domain
www.facebook.com
URL
https://www.facebook.com/platform/plugin/tab/renderer/?key=timeline&config_json=%7B%22app_id%22%3A%22212599602674838%22%2C%22href%22%3A%22https%3A%2F%2Fwww.facebook.com%2FDengiUA%2F%22%2C%22width%22%3A320%2C%22height%22%3A600%2C%22has_cta%22%3Atrue%2C%22has_small_header%22%3Afalse%2C%22has_adapt_container_width%22%3Atrue%2C%22has_cover%22%3Atrue%2C%22has_posts%22%3Afalse%2C%22tabs%22%3A%22timeline%22%2C%22can_personalize%22%3Afalse%2C%22is_xfbml%22%3Afalse%2C%22referer_uri%22%3A%22https%3A%2F%2Fdengi.ua%2F%22%7D&fb_dtsg_ag&__user=0&__a=1&__dyn=7xeUmxa13xu1syUbAihwRwqo98nwgU5Gex-ewSwMwNw8OdwJwvE3vx61cw9y0Ko2_CwjE3awbG782Cwooa85ufw5ZKdwnU6K3a1PwBgK7o1yEfo2IzUuw9O0RE5a1qw8W1uwa-7U1bo6iazo11E2ZwiU8U&__csr=&__req=1&__hs=19155.BP%3Aplugin_default_pkg.2.0.0.0.&dpr=1&__ccg=EXCELLENT&__rev=1005671700&__s=%3A%3A41fnq8&__hsi=7108206722185471782&__comet_req=0&__sp=1
Domain
www.facebook.com
URL
https://www.facebook.com/login/?next=https%3A%2F%2Fwww.facebook.com%2Fplugins%2Fpage.php%3Fhref%3Dhttps%253A%252F%252Fwww.facebook.com%252FDengiUA%252F%26tabs%3Dtimeline%26width%3D320%26height%3D600%26small_header%3Dfalse%26adapt_container_width%3Dtrue%26hide_cover%3Dfalse%26show_facepile%3Dtrue%26appId%3D212599602674838
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEG-wYox9ACvluh0ii7qaAnU&google_cver=1&google_push=ARnp8GC08j80HPlsDHA-9-pur6OLLHJ-6uOrQIfwMfXN2dwRyjbO6cLff3HeOJcaepL4u5dCb1oqOSEcXAsQLyvp_z34M0m5_jAn0Q

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga number| H_DEV object| holderPlaces function| holder string| phnx_lang_target_key string| pp_gemius_identifier function| gemius_pending function| gemius_hit function| gemius_event function| pp_gemius_hit function| pp_gemius_event function| ABNS string| ABNSh object| ABNSl function| $ function| jQuery object| bootstrap function| phnx_onready_after_load_currency_calc_data function| updateTable function| initInputsValues function| updateAllFields function| parseFieldOnChange function| updateUAHField function| updateUSDField function| updateEURField function| updateRUBField function| setCurrencies function| phnx_frontend_get_var function| phnx_onready_load_html_template function| phnx_article_stat_view_complete function| phnx_article_stat_view_add function| md5 object| toastr function| phnx_set_data_message function| phnx_notice function| phnx_notice_session_save function| phnx_notice_session_start function| phnx_scroll_to function| phnx_onready_clicks_unauth_message number| f string| x object| bmN object| bmD object| bs object| bm object| bmS string| r function| setUMHBibbCode function| loadUMHBranding function| admixerLisBrndMsg function| runZoneJS object| UMH function| ABN object| pr number| pos string| k number| v object| e object| b object| gaplugins object| gaGlobal object| gaData object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| admixerJSONP function| HELPER object| __core-js_shared__ object| core object| admixerML object| globalAml object| admixerAds object| globalAmlAds object| admixerLoad object| globalAmlLoad object| timeout object| gemius_cmpclient object| gemius_hcconn function| gemius_init function| pp_gemius_init number| pp_gemius_cnt boolean| admixerLisBrndMsgSet number| google_lpabyc object| BM_STAT object| hb_dmx_res function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| regeneratorRuntime object| mwayss string| iS object| iD object| iP string| iR string| iT string| iH number| iI object| name298now object| googletag function| setImmediate function| clearImmediate function| Achernar object| _mgIntExchangeNews object| IdealmediaInfC1296110 boolean| mg_loaded_466734_1296110 object| pbjsChunk object| pbjs object| _pbjsGlobals function| Swiper object| onClickExcludes function| mgReject1296110 function| mgLoadAds1296110_02e43 function| IdealmediaCReject1296110 function| IdealmediaLoadGoods1296110_02e43 function| mgReject1296171 function| mgLoadAds1296171_02e43 function| IdealmediaCReject1296171 function| IdealmediaLoadGoods1296171_02e43 object| _mgq function| _mgqp number| _mgqt number| _mgqi object| _mgPageViewEndPoint466734 string| _mgCanonicalUri object| _mgPageView466734 string| _mgPvid function| html2canvas function| _open boolean| i.js.loaded boolean| i-noref.js.loaded object| _mgRequests

82 Cookies

Domain/Path Name / Value
dengi.ua/ Name: b
Value: b
.dengi.ua/ Name: _ga
Value: GA1.2.799306086.1655008346
.dengi.ua/ Name: _gid
Value: GA1.2.982554339.1655008346
.dengi.ua/ Name: _gat_gtag_UA_11903997_1
Value: 1
.cdn.umh.ua/ Name: AU
Value: fd24684c61a5f9ea
dengi.ua/ Name:
Value: store.test
.dengi.ua/ Name: __gfp_64b
Value: fl4l_XPAYNuNu9sqQvCG8YipSYWjAV2i08AR4aJf5mb.t7|1655008346
ad.mox.tv/ Name: moxuuid
Value: f13a082a-a43e-43a5-98a6-55ed0aa2404e
ad.mox.tv/ Name: _mwayss_zone_imp[1557][count]
Value: 0
ad.mox.tv/ Name: _mwayss_zone_imp[1557][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_imp[15334][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15334][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_camp_imp[4400][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4400][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_imp[15153][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15153][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_camp_imp[3875][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3875][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_imp[15218][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15218][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_camp_imp[4402][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[4402][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_imp[15162][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15162][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_camp_imp[3963][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[3963][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_imp[15172][count]
Value: 0
ad.mox.tv/ Name: _mwayss_imp[15172][frequencyPeriodEnd]
Value: 1655094746
ad.mox.tv/ Name: _mwayss_camp_imp[1959][count]
Value: 0
ad.mox.tv/ Name: _mwayss_camp_imp[1959][frequencyPeriodEnd]
Value: 1655094746
.hit.gemius.pl/ Name: Gtest
Value: KlQPsMMGQMGGvjiiOKrQgg8issGMXP8c25nSG4FiLkD5XBG.
.i.ua/ Name: __cf_bm
Value: IjmfMxsDVtXpEeV1AbxWQcXhItiTPgx_73Wx3MxmRng-1655008347-0-AQs5/9vQxCVv/IxsjIJtG7MHnZr/nBpTVDZSQ34aCryBSWcucdjeJ9Fk1M9ThfX0hOVQRrImp3qujyv4dXYMwio=
.go.rcvlink.com/ Name: cache
Value: tp3b6dLavWv92Bo
dengi.ua/ Name: PHPSESSID
Value: 65t5ij8skg3o6pk3l6e34nra0h
.admixer.net/ Name: am-uid
Value: 4626aafe546848ce8524507772a6dda4
.quantserve.com/ Name: mc
Value: 62a56c5b-0ff93-fbd79-e8131
.hit.gemius.pl/ Name: Gdyn
Value: KlxwGRMGQMGGvjiiOKrQgg8issGMXP8c25nSG4FiLkD5FRxSG7RrGS6GkgoBFlM2xgGPo1RGF8CBI8l8MG..
dengi.ua/ Name: am-uid
Value: 4626aafe546848ce8524507772a6dda4
dengi.ua/ Name: cbtYmTName
Value: p9yFzsOFnYXCn8WSwpeVkZbDl5WTn8SWhdqv
.doubleclick.net/ Name: IDE
Value: AHWqTUkWlwtHiS-auNffb8Nfb58wtMRUaSWAX8jG0uf4J0oQgPhzOdl5H52VxtwO0Ns
.facebook.com/ Name: sb
Value: W2ylYr-BzA8Qd6MpRNztz2YD
.facebook.com/ Name: fr
Value: 0R6eVdCfmnnn9ig7S..BipWxb.Vn.AAA.0.0.BipWxb.AWU8w0j7ePg
loadercdn.net/ Name: vui
Value: 4ab12d23c43c4b539027a5cca4ee5918
.bidswitch.net/ Name: tuuid
Value: 42a92204-a714-4ba1-b0d5-b915bd5a9f04
.bidswitch.net/ Name: c
Value: 1655008347
.bidswitch.net/ Name: tuuid_lu
Value: 1655008347
dengi.ua/ Name: IdealmediaStorage
Value: %7B%220%22%3A%7B%22svspr%22%3A%22%22%2C%22svsds%22%3A1%7D%2C%22C1296110%22%3A%7B%22page%22%3A1%2C%22time%22%3A1655008347650%7D%7D
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: dafbd3a2-4f3b-52a3-99ba-b5f4fb1fd9af
.betweendigital.com/ Name: ss
Value: 1
.betweendigital.com/ Name: ut
Value: YqVsWwAMd2joS6zglKDngqhT3Ps4opK8RuZX6Q==
.doubleclick.net/ Name: DSID
Value: NO_DATA
.dengi.ua/ Name: __gads
Value: ID=6a3ca5a42aeef7ad:T=1655008346:S=ALNI_MbdZNfiXHWDwkjuQgkgCn5pZ7UEwA
ad.mox.tv/ Name: bdswtch_sync
Value: 42a92204-a714-4ba1-b0d5-b915bd5a9f04
ad.mediawayss.com/ Name: bdswtch_sync
Value: 42a92204-a714-4ba1-b0d5-b915bd5a9f04
ad.mediawayss.com/ Name: moxuuid
Value: f13a082a-a43e-43a5-98a6-55ed0aa2404e
.adnxs.com/ Name: uuid2
Value: 8681684172436142893
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GTuo9F[/!]tbPl1M>e)ZlrFUfJ+tGXvWBIk!E#<[(=mHP1.QLHyT[Sa*.w^NCaN?qCtr3If)y3KL9D3I?+*X/%Tn
.casalemedia.com/ Name: CMPS
Value: 685
.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%227879BFD3-FF25-4D67-9555-C44327AFFD83%22%7D
.turn.com/ Name: uid
Value: 3814423739250010269
.bidswitch.net/ Name: google_push
Value: ARnp8GBsqAzR906N5K1OGlvVdjligRFBG7YK5I__Vlq5pySXdcsXIEGxuYhgZyrWPl-R8G6t-ux8ZImJd8GggvUNjYaUp5a3aZPk
.3lift.com/ Name: tluid
Value: 2651211178573266794858
.yahoo.com/ Name: A3
Value: d=AQABBFxspWICEJE0sW2NSox5dTfkegW8bDMFEgEBAQG9pmKvYgAAAAAA_eMAAA&S=AQAAAmJ704Yv7Lo10JnzxTm4u4A
.w55c.net/ Name: wfivefivec
Value: ZPNw1Eyc1O0fh25
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YqVsXAAISZGibQAo
.casalemedia.com/ Name: CMST
Value: YqVsXGKlbFwA
.adform.net/ Name: C
Value: 1
.analytics.yahoo.com/ Name: IDSYNC
Value: 18yx~25es
.casalemedia.com/ Name: CMPRO
Value: 685
.w55c.net/ Name: matchgoogle
Value: 5
.casalemedia.com/ Name: CMID
Value: YqVsXI01Y2O0CroaZEGelwAA
.adform.net/ Name: uid
Value: 7362286963218248198
.mathtag.com/ Name: uuid
Value: ac7e62a5-6c5c-4e00-a000-7c8020d5cc0f
.mathtag.com/ Name: mt_mop
Value: 4:1655008348
.casalemedia.com/ Name: CMRUM3
Value: 2d62a56c5c2760CAESEI-Dva6LRMxxyDgxKPg5KXo
.blismedia.com/ Name: b
Value: 62A56C5D166B3C74EA9EAE22BLIS
.lijit.com/ Name: ljt_reader
Value: Ey-wrGZHSv4MOw5AR7yCtSUB
.360yield.com/ Name: tuuid
Value: 1bd7cbee-1311-44f4-96e8-c849f5ce10c6
.360yield.com/ Name: tuuid_lu
Value: 1655008349
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 77AB85E7-DFF7-4DB3-A796-1DDB8842E23D

8 Console Messages

Source Level URL
Text
javascript warning URL: https://dengi.ua/(Line 1364)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v147337&s145856&t6&c1&n948208&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dengi.ua/(Line 1364)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v147337&s145856&t6&c1&n948208&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dengi.ua/(Line 1380)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v1630&s23&t6&c1&n490990&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://dengi.ua/(Line 1380)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.bigmir.net/?o1&v1630&s23&t6&c1&n490990&w0&y0&d24&r1600, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://ad.mox.tv/mox/mwayss_invocation.min.js?pzoneid=1557&height=300&width=400&tld=dengi.ua&ctype=div
Message:
Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network error URL: https://h.holder.com.ua/s?ta&bholder_300x100_4379&c1&r99046556&dholder1390205423&hhttps%3A//dengi.ua/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://www.facebook.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
other warning URL: https://www.googletagservices.com/dcm/impl_v89.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

46d8cd65641b05a7607a1af1f112bbe2.safeframe.googlesyndication.com
ad.doubleclick.net
ad.mox.tv
ad.outstream.today
ad.turn.com
ads.travelaudience.com
adservice.google.co.uk
adservice.google.com
ap.lijit.com
autocounter.idealmedia.io
bgstats.mox.tv
c.bigmir.net
c.idealmedia.io
c1.adform.net
cdn.admixer.net
cdn.doubleverify.com
cdn.idealmedia.io
cdn.umh.ua
cdnjs.cloudflare.com
cm.g.doubleclick.net
cm.idealmedia.io
csi.gstatic.com
dengi.ua
dsum-sec.casalemedia.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
gaua.hit.gemius.pl
go.rcvlink.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
h.holder.com.ua
i.holder.com.ua
ib.adnxs.com
image6.pubmatic.com
inv-nets.admixer.net
jsc.idealmedia.io
lh3.googleusercontent.com
loadercdn.net
ls.hit.gemius.pl
match.360yield.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.quantserve.com
pm.w55c.net
r.i.ua
r.turn.com
r2---sn-aigl6ner.gvt1.com
redirector.gvt1.com
rtb.openx.net
rtb0.doubleverify.com
s-img.idealmedia.io
s.zmctrack.net
s0.2mdn.net
scontent-lhr8-1.xx.fbcdn.net
scontent-lhr8-2.xx.fbcdn.net
securepubads.g.doubleclick.net
servicer.idealmedia.io
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
st11.rcvlink.com
static.xx.fbcdn.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.teads.tv
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
tr.blismedia.com
unpkg.com
upload.wikimedia.org
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
z.cdn.umh.ua
ad.outstream.today
google2waycm.netmng.com
www.facebook.com
104.111.242.245
104.16.199.73
104.16.221.74
104.18.2.81
104.36.113.23
13.248.245.213
136.243.84.74
142.250.181.226
142.250.185.194
142.250.186.162
146.0.227.109
146.59.30.104
151.101.66.49
167.71.9.19
172.217.16.134
185.165.240.175
185.187.81.41
185.29.132.245
185.33.221.88
185.86.137.122
193.239.68.97
193.29.200.162
2.20.157.55
2001:678:cb4:bbbb::11
213.254.244.25
2606:4700::6810:7eaf
2606:4700::6811:180e
2607:f8b0:4002:c2c::5e
2620:0:862:ed1a::2:b
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:800::2001
2a00:1450:4001:800::200e
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:80e::2006
2a00:1450:4001:811::2002
2a00:1450:4001:811::200e
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4009:10::7
2a00:1450:400c:c0c::9d
2a02:26f0:df:3ac::4469
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f058:10c:face:b00c:0:3
2a03:2880:f058:f:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a03:90c0:41:2801::254
3.126.56.137
34.149.12.213
34.96.105.8
35.186.253.211
35.190.0.66
35.211.178.172
35.244.159.8
37.157.6.245
51.38.120.206
52.223.40.198
52.59.94.57
54.37.238.28
66.155.71.149
72.251.249.9
72.34.250.75
78.159.118.240
91.198.36.26
91.198.36.35
99.81.70.153
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
02941d91e3f073e57f92b5dfe77e775bdb9ed4e758f8b6a5d065872f3e0290a5
03ffc29a68e1c4207ab272ec060bad389531d61570b818225b5d3b3c11eb93eb
04edcd41ffda0b3b0a8753e57b1a72e1bbf97c08a593cfb7edd52face2a249f3
073b0cfc02449936eab14f8c823605a4e663708982c598b5903625e6fefca440
09189199be93439c613190e75224b268784cf154b7ba7409fd7a73babc9326da
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09f5778d15738612633f19a1adc6170deecbee0888bc00d0983d9dbf015a6f20
0a790017591866b91ce60f012035ec6ade2b5e7e3e2e431942b88eb9faf89b62
0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a
0b56e0113d0a725b0b305d8a3793eef2cc5be19fde3d6da9ab4b5b2a2c555cd1
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bdd41f689eb4e425bf3eff8db44c60932c88999e4f00a9b05309e5ae68adb10
0d5e52464ee54b8a22b01c2a1ccb8478b84a43b1c4011c54ae4e658ec2078534
0dee9ee1e3fadddcff22c8ad6285cc143ec22265d77ddf21af873cfe2f0a8284
0e44326c286ef32df56cea8c85a13af6188c7412a5df61e3362e5d13879af45f
1083eef8b7598af7e021ae80d04890c3d02220b616f472acc64656ab024ba484
10c5dd1eaabf5bbf1cbee087b83d068915e9d17bd19b0ae79f3786e035a6c09b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1306abec4b8ee8a93b580fe6c9aad3599a865964a352e7f4e7d7e4400c8c1c6d
13d656898e959646a49bbfaf5cd6215e9f0ab394977529da6776010220d9b2eb
14d56b0bb498f3ea550d0c97baffe43bb61175733e503c1a31dd4e6f744e736d
159c24eb0b9d044c0507e36e693d0ff23bbb990ae90523cc25f3683253ee43d6
16089cad50034af52ebca1e2e7c310f76b4b6f625b89ad07d5b59ff377f332b0
172f66a0708a6906c02fcd59a990a9643746a3fe2e73a9c57df89591a39bfa9c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1a24f9f143d2c56917f3cec2bc1d6dc5e901f4a14dc0325253a262c9cbb16821
1b62b90bf18ec7c74f6f0e3712c716454d923ade4cc50406b60e5e996a1e3a11
1c8ee67c6c8104fb420447f3d36a1217e0753259119e6b0f65b11d62b40d634e
229378c3a3e277ca91542f035d4386df50f091126b2acfd9bda191e8bf5368a8
2371a81fefa3ba5bafa82e5fc7a7d7ee0f698b94e9f8dedb13ccd1f41cfd38f8
23e739a09c5e219f456d566f49e7ac215b36ae369ddc5a2dcfcb12dd817b91da
269c184626186808b798a470a60c05cabea8a167d42439619d22596ee1cffafd
27d221be42096f476245524ecaef8d76d838d5189b16417c79a03ad23763b41f
284fca6023cb68ce085674ec5a7d8d14788f52e042000ab78bcbfa574e74b6c7
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2966fd929f6ef5ac5b30eb42f2eff08724c7f2a0b7a653dea0aa0d6995d6ab85
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e3ea9e61dec4d6189aa75f3573d460bd3f21678d0aa7f0fdfce1f480b2a9af7
2f171236738e4cdf2a1a5eb473b4994a6ed7bb9adf443112319c9210cb818380
314349e78d72853d2c7b322d616e9a29b53957cf702ddc99766495fbb258d31d
31f7622533f4575eccab5d8e11b6455a4e2382381569b46be4932a5b1a300356
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
333995b70417ec38d16685c96ec46940268e94bb541e8db03df756472c4e800c
340f96ed644a3582903f60243f227986c8983b63d1188addad8b85a8a430f8a7
35f0efc96c93811d2a7d7371c836715904b78b865494fab6bd7d892eb1b0de56
363832ce22d752de90a8074c063a729895ac3cf4c5650e1a5b82cfe2f5ee7674
368a2461c53469cd62503b1d18328789dcacc73c91cf66c4b591ac9fe3b3bd03
36d600aec9e60e144e591c50d184930cecd8769dfda478c74fd5e8631b936bb8
37482bf53f20a4a3b4a0205db37705d268a94e442e5ea79429c4f5f8fa2a608a
3b9a51e1e667ac4fdf8774deeb20009085881daa399e94700fab1246a9cb8498
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ec771a9ca62a8731ad8253fa47d45cbbea257100700a3d28ef69b0690b0c997
4061dec87adea054ba444c2f712a9ecae9bec9fc597aa7b1e2b17c6b906ec59d
436c54643e77538c94951f6f91083ac11f8b194a8855c05de5ae0aaa93983842
4385ce68ba65a6c2764beb260a537b22f9e9757433721b4ae06bbab7a3cb4809
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
472da821a9382665bbc3e14b8b15326045957bb473ee08cb2f89eeecb2ad70e1
47dd690f8f315bea076e92581a7e7147443bb4c847e313ab5a7d50a8c44836d0
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49e9e192ab60c9a1e688bfab9b66da3a48f84d5d7bee9341e5e4055abe9d51fd
4a5b48ed7b8daaad88b07cb7438c3a080025b5ccb98b3e08df5b094efeeede0f
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bc10f17a5884a3f3884284232158ff33ae3b6b0bd3897ffd6e85e921d27eb1a
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d1f56b3032e5c392c0a0e812c52d5fcc3da8d9f157d1e21d78434196f58495e
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb317f258ace95f998f90b36a9cc7fa5b69ace6596d72a8549a450ccf48104e
4f980628109c4616e0c245be9b45aa44233f40ca4f396a58a9e298cf51744e43
4fde05972e07818972ca37acd5fe202b748135be03d11ca6a8242769bd186bcb
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
51c4526f6ab88ff68a7dd2400ed53f87949f63afe5a0a8694ad8cc082eef3805
51ef3f0d3aa0c792d07079a705896f28d5ed2cda748c154e3a9a1d41b7502209
521410e1fc44780061e09adc980275fb5ea277fd5d9e538454214ec4379ff4bc
53f04d9ce71520a466e682e4331b8e3f0e35fcb4e545d8c3c2d6c271515d4fd2
544065a7094cf577d4764748933705a38ace16f55b6359cbdb088d185dd84bd4
55b33ff1c8ee84d7b8c643d617a95a9bfcdc50f4dbf38306a7ae3b6297f8148d
55c5b265ae3dcc65af3388ef9ef9d955d85235fbf03268320036fb440639af35
565a9be79a72a97755b6d5c0a9d9251a4c8a8cb2353a83895accaabdde76fd09
56c24961aedbef6e5c5a17d918a7cf838d75ed2cadb67493d4aaaeaca9c18f78
56d1f1f3e5b1add4f774ea6c58dbb722abd040454ccc1cc1ce38e9fe98e9021d
5b79c21d8f1c4efd78aa32cbcbc42fa0709305b7a75637af7f3cafa03dbfc174
5bfa84358f99c44e11d55d795bf0556e94b380d92e23f5a437629803905060da
5c25eca2c9ee0f6ed606606919360617107fa0b5c9b98ede8b7dee95f4bf86d2
5e3e0fc042bdd302311be0df77a4f867b0c256fc4bfaed2e88990c652ff5485a
5edbb8dcaa1f00e81f3bf02059f7156d1c670a8d488e119c2a4842f4734b1734
5f71fcc2d00d22ffd4d9a07b64c435f88de80893f838fa64a45c386cbba0c601
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
6226df8c5bdf6ffda14992098c849dc8033db63fffd71d912056908385b3ba99
64fbc7f830625ecd6ff3293b96665aebec2a9be9336f02fd47508eb59f7ec23a
66336f7f92959c90b96bb60b1c09415cccc7923e52a41ee9fe23a5aa98397d8d
66af5d85560f25b8857229580d11c023509c32793df28162eca34790f007ea48
680f6e9a0e9f9d8c145e11d6937f688ff4299215d44bf0a54368ffc6acdbfc51
6939ea70c8ba34d1291f1c0469d399533f0b090a5078ceea7f317e06a1b1bf09
6ca8fddb17d96df80923b284c7e07888f947eb3dd03974cd31e85f4d5e9dc6dc
6cec0e38347b38f35dc946f2d2b435d9227e38b225ddec57e62261aced6bdb79
6d15cb059fde6785b76e5613e4ee4407a1f07e339d40f1a1383b60eaec13ec92
71d26713113c28ff56c1a79764047ad2d2718c30c54f03bd7c26578d60d9b114
72ec618723da6d0be7eeda72a1842f3b6925229960b5b31aa54f38b10041dda7
734b1760dd6b1371613bc5f380dc18f0d17ef81c0edf4622d5a1400c7ad9518a
74fbf16c0b988914f7ea8895c1b76dda91354c0ed469fa3a82555307d3b98500
76447fe8ff6df5d9d075114334e78173dcb981493db8b1b91f20dad7dfc15c1a
7683702fa7b021af2839f5ed4c2c009956332805b0c4e2c054346993fa2ec07b
786701cae424f784fcc33a34c5d14b30fe681684d333af86def7080cdafdc5e1
7d880e63c31985db774019cf0f0673c7b0d6dda6ec7a20d2f8c8f33bf5227850
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c
8107b80022ba84501f49a6a4c6160c50ca6cdb7f5923a2b7736343a55914714d
818ce38e548c8222a2d3d31e6739658683964f9233ae770d41a918ead12001bd
81cacd6b187878c8eb795e61e66c648ee76c410dafc63852de35290c1e56f9f1
83799217ef99e7dd2a260797d72bc087bedbd70db679ec2982f8bb33709e706f
856795643b973b1d7e95c37aed1ade368b7460d01ec634cb5b0822949df8b01e
8750955dc9849aa1f13a62c862aadd2ee900157be523740d6914a5a599182af3
89bc864825d33292d943d11957b9f3f987ac048786033e60ac6ac0c2bbe7b19c
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cc177e504f9571fc54fea8da366f3b5a256ad74106ca42b3bdd70becb483543
8d511f247f512f43e218ae88406573f7a16b1173763bf73597615740be39f24d
8d5ca564f18e0916139730d4e6050f8033f978ba7e8b73d895b5551a4b185d77
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dc83426e406cb4fc70fe4d2f1a6dd08ce8b0f238776795f65c2db82f1c89156
8e2127b461c250d955b16c153856303a62fd79f5bbf874cff3491ea56b9a948a
8eb7856729dbbbdd64360d7ce70d675003da8851aab963941e4efeab976d49b7
8fc4de112cb05f02f61d7856ee3b9ca6a8cd68ea5397520120c5183b99bffc17
901779fb571088b6f91626465fe5ce07586bd70fcd5a969cc7d54a34a2ded234
90540c79478c5e9059a21793f04ddb40a7e56f584aae4bad745409e1dba2ebf5
90fc0d4d2666d3f5b0ce950a759f03f7755f52012ba11c5d68bad84ab0ea9a3d
912f911aa605e91352bc8fe84466d20b3e4d95f40b57a6f4503344c85d541931
928c814bc3528a780ef25713f15d7e8d4a865bea41e6511c1670c87cbbbdceaf
941f1ecf42c551dd763d5ef5659b0d909b847027177639855bc27dbe4d065662
95b166d852a0fd03a64692102ff4b4394f073226ee30258364435789864f08ea
967ec01b5256007b0fb5264c11b70511d047e8302d4dcc03122de7ec07ffde8c
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dc5eaf0ee09be94e860c4a570dbaf10aee89bd0c7480b59037f21aac62c1aee
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a26edf2c20a8992eecf0ac4132c7cfd9870ffa9c03c06a31ec2582cf4507a794
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b9e9ead2fa2e2326506b52b3f253b19ab9aa2bfe0b2c276dfbecfb4baf12cc
a4cda1bafe66385095e95719137b01639124ec3e199aeddf2915924935fe1dd8
a53c43f834b32309b084ea9314df8307e9c78cee2202c6e07f216ae4ae5b704d
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acf0a7f4b2e838f23bb55dd85a45a62a30800810da73c2c8383d3380de227e2e
ad7bd9459f51c23d6e7fcb980f8b5d858d7f8a9f806ff7d53e3004a33ae137fb
ae09df7643bb2e32c88e43fe55ea0da47ecec7e54e6fb7625f6ef9637a310e00
b09f1ccac5b541c51d8d3cfaf003baba9bd0ecb1ede1444057dd41d0d43ad58a
b0eb9a943ec716370528d1157fe3e0f03613ad971e1b42c0ca24fd4a4cdccbff
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4a3c394a66ae400250772cb60ad2794de6dc3245464cf3d4a62e952c14ed13f
b52949cdd5d89e9e1c83151516f7a8f896d82c36c5596a95cffa34ccde699c1c
b68a1ba91deb32619434087b6672ff157e24654bc1285d5a70ea9eeb01726e91
b73900ea2fb9b750544387e38add0288419f409b72b13493a4f0b1f8023838fc
b761e0b8eda3eb9f98b8b90f3bdb1a5844a63103a2d547b03b75f0525d7e386e
bafde1230d814d2f7c3f90f1965eb27f53648151f379ac15df6b6cba855d56f3
bd6189087cad9d19fb214c8200364606a5dd73a4f8dc8690726ff774473b9cd4
bd6a24b5328c614c56e68f1b24651d1b6d2c42bec0631fca940dac479bbfa4c3
be24c76c10d275ac9effe38b7c5ea6fec9bfd640160be2e694e65867fdc9078d
c044db77dade79fbe5542f231444b3988107e8378a2f0f3396bf821b87ea3d19
c2b1348622fc97e3f0f6e0272b5707fd75af7bd22e5996b6337c233b94cca504
c2e61c2eb88cf5835fc891abe01edba9e030cd46881ebda43a7a141ed989d1f7
c3a7a12965f8992407c9c9062d75f838e53ab899f3948dc3bbbf04d0688d4996
c68f78ab5b36309b244041c15ef4163aac66ede31ee53b2d4271b1f7aae1a6cc
c7c468ebd599fb308718ce261b9a872bfe691a7abe0a057f04224516da96b070
c7f42fd7e961148cbacb3643b669d55768ded74e587cd30d429a4e8112c05a5c
c8d6ca635cba876adb55c42d7f46fc96ae1afb1a64b7215cde9498a06018d6a4
c95ad475c23b93d9c06ae8a4c3e22132c596a1eb807521631f272aad5323bfcf
c979ffd70003be58ccc574778b78d9303e8b5b3494a6cdeb01449d65a5a815e6
c9c12bf825586b20d8d3a094904f30c21576cdb8f48f23b36da75a55f45efb90
c9cc991deb5d27f267830a19f2301eb164d9e61ec08669c1a1a291c5620ff40a
ca05a5113a7ec2a54dcb1a96c42e0e3dd5c46a8e513027cfe45a20385d2679d9
cc9eafa7791d211884b9a4704ca63f14483a0b822e9fde213fde06c97de7fc8b
cd12dd695fefd532396b9788fc6caf3ba4230accd5d0a25db9593b6043c533f6
cd2f1ba0d7f8a1b8578ff48ba73a2fedcf70b35a299c0dbec436f13e05801479
cd7bc24a08b2361d483dcfbc5a43bdc996854768269f9ff0396ca3f846eb719a
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2640fecdfb8b06e73db37af4bc387e2682b550067a98451a480bb2400cc2eb5
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d47d037df7ce60259bada68116ab3d22195043a77ac538a9ae6accb7f21f03d2
d56b00efef714c4d203408b73c79d820dcb60774bd41cb88f299537acd1d7912
d68edf3c87c6a6d87223649e8162ef1584ea6faad6f20e80fdd5f72c21b16a17
da5a6aaf22887d6be1d6aaf85b1bf31db6372817faeef47bd9f21b89fcb78109
daf10bd3b413af46baf9f5ae42fa60e9d95f04ead18b0bc75f2973395ccd5035
dbd30986b6727d3c7e30d14d2cb4e23ef7c42348cd418f5891a1bd778b89df46
dc7af645ced73024fc89f84cbb8c72a3eacd05a5daaa50c2b64f9091d5cdf18b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8ce29198b569ea76e3b8387be1097823b082f4287ef11c4fe6a41e004ea062
dec8ea19893b373b23080fa544d141695707332cffa296f85ea827435bbeaeed
df54910144f36c8adaea680ebf82cd4f3a39147edaa8eb4a2650b2996da8acf1
e15c28e87c2788be5a6558d64cd0d6c577aab0e2cf60ee3411a42c03d649b980
e26a7168ec7721ec10f77c7a20c48a23d9d403cab828bdb91e1405728e8a81af
e35252aa3dc2e84e9d7211586fee9aede2a426d3230c8b131881d985f16ff836
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b5d759ff9d75be634664fc1ae80f63318195ad6e7e40c0df9fd9e3e0ba43be
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888
e57b9f97ceb4368f7b2a4193e239d87984fa99da9d6cee4eabe2259091b2bfb5
e58c753d0a3db639d4a0ba7f7f354994cc17633fe0d8f5da3220ca95d952309d
e8dcdf5dff373850306ae1bb9c886dbeb76540e57163f2124a52408fad73ec2f
ecd2e45fcd6ed0f17eaefccd72cdb8253be8673636adcbf3f8902aeeed654fe2
ed2079967b7d579afa74ee197566a111c379b79d90f73a5292e0284b1bfa8110
ed9c3d0762bd9e96a20addb3f1f04a9b10e3808ce44837778c6e76e8b97a3cb0
edb5379e249cf88c2f9d413d197e87ea8b220aabf07a88807eba32512d235bcc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d2d5c0d8373ea3e787c353abefebde3a345b06f99751afe27697519d3afc15
f3aa6b021bc45554639438646953173347b1d881478b50ca862d5d7700088a60
f40ae6bbd84e3b0b59e32bc9eb753db443fe9c703af036b3d43495426558c319
f5c074fe7caed85285ceec6f5a877867b78a4af8f1ef0b0adc9a2200da2112d1
f6247007e2b6a2b034c5ac6bb537e9451f7b5ed1dd8a23979068cd4e9160e72b
f6982b2bc13f1264468ce3533789bdbd2e0a365846a3545674bb167b88940df2
fb28bd83a521860e318ae2804716dc4961836ca72b13c310d9549931eeebaa1a
fc78b4c3d938e87a4619af8a647e9fde47fca3f9dcc4afb8935cb0725401f639
fce742d7814055a224b9e7b2a36bccfba4547644a968e838bf0b9d2f730866dc
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
fdc446c15558e671571a26396c92f03bac7a21e8d49b0f37beafa52d9d3a6767