consent.google.com Open in urlscan Pro
2a00:1450:4001:809::200e Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kodeksy.com.ua/
Effective URL:
https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdha...
Submission: On March 24 via api (March 24th 2022, 4:08:08 am UTC) from GB — Scanned from GB

Summary HTTP 129 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 24 IPs in 5 countries across 21 domains to perform 129 HTTP transactions. The main IP is 2a00:1450:4001:809::200e, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is consent.google.com. The Cisco Umbrella rank of the primary domain is 12136.
TLS certificate: Issued by GTS CA 1C3 on February 28th 2022. Valid for: 3 months.

This is the only time consent.google.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	2606:4700:303... 2606:4700:3035::ac43:c131	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
5	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
14	82.202.220.204 82.202.220.204	49505 (SELECTEL) (SELECTEL)
4	165.232.142.149 165.232.142.149	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
2 6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 10	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
5	82.202.220.203 82.202.220.203	49505 (SELECTEL) (SELECTEL)
14	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1 1	52.73.81.10 52.73.81.10	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:303... 2606:4700:3031::ac43:a76d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
129	24

10 2606:4700:3035::ac43:c131 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

kodeksy.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 82.202.220.204 (Russian Federation)

ASN49505 (SELECTEL, RU)

widget.info-static.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.widget.info-static.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 165.232.142.149 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

momad.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
korespodent.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 82.202.220.203 (Russian Federation)

ASN49505 (SELECTEL, RU)

geo-db.feedot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stat-feedot.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.73.81.10 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-81-10.compute-1.amazonaws.com

dionysia-phr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:a76d (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dkjfhuyd.fivetrafficroads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

chrome.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

consent.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
31	gstatic.com www.gstatic.com fonts.gstatic.com	683 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	333 KB
14	info-static.ru widget.info-static.ru — Cisco Umbrella Rank: 499357 config.widget.info-static.ru — Cisco Umbrella Rank: 589158	286 KB
13	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 stats.g.doubleclick.net — Cisco Umbrella Rank: 68	101 KB
11	google.com 3 redirects adservice.google.com — Cisco Umbrella Rank: 57 www.google.com — Cisco Umbrella Rank: 2 chrome.google.com — Cisco Umbrella Rank: 3544 consent.google.com — Cisco Umbrella Rank: 12136 play.google.com — Cisco Umbrella Rank: 32	65 KB
10	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2926	140 KB
10	kodeksy.com.ua 1 redirects kodeksy.com.ua	101 KB
4	stat-feedot.ru stat-feedot.ru — Cisco Umbrella Rank: 619542	940 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	109 KB
3	momad.ru momad.ru	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5368 www.google.co.uk — Cisco Umbrella Rank: 3345	1 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 31	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 124	85 KB
1	fivetrafficroads.com 1 redirects dkjfhuyd.fivetrafficroads.com	610 B
1	dionysia-phr.com 1 redirects dionysia-phr.com	788 B
1	korespodent.net korespodent.net	564 B
1	feedot.com geo-db.feedot.com — Cisco Umbrella Rank: 446610	599 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	645 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 54	37 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 588	30 KB
129	21

	Domain	Requested by
24	www.gstatic.com	googleads.g.doubleclick.net www.google.com www.gstatic.com consent.google.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net
13	widget.info-static.ru	kodeksy.com.ua widget.info-static.ru
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
10	mc.yandex.ru	1 redirects widget.info-static.ru kodeksy.com.ua mc.yandex.ru
10	kodeksy.com.ua	1 redirects kodeksy.com.ua
7	fonts.gstatic.com	fonts.googleapis.com www.google.com consent.google.com
6	www.google.com	2 redirects kodeksy.com.ua widget.info-static.ru www.gstatic.com www.google.com
5	pagead2.googlesyndication.com	kodeksy.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
4	stat-feedot.ru	widget.info-static.ru
3	www.googletagservices.com	googleads.g.doubleclick.net
3	momad.ru	kodeksy.com.ua widget.info-static.ru momad.ru
2	consent.google.com	kodeksy.com.ua
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	kodeksy.com.ua connect.facebook.net
1	play.google.com	www.gstatic.com
1	chrome.google.com	1 redirects
1	dkjfhuyd.fivetrafficroads.com	1 redirects
1	dionysia-phr.com	1 redirects
1	korespodent.net
1	geo-db.feedot.com	widget.info-static.ru
1	www.google.co.uk	kodeksy.com.ua
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	config.widget.info-static.ru	widget.info-static.ru
1	www.googletagmanager.com	kodeksy.com.ua
1	code.jquery.com	kodeksy.com.ua
129	30

This site contains links to these domains. Also see Links.

Domain
accounts.google.com
policies.google.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-05-20` - `2022-05-19`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-12-31` - `2022-03-31`	3 months	crt.sh
widget.my.feedot.com R3	`2022-03-13` - `2022-06-11`	3 months	crt.sh
momad.ru R3	`2022-02-15` - `2022-05-16`	3 months	crt.sh
config.widget.my.feedot.com R3	`2022-02-25` - `2022-05-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
geo-db.feedot.com R3	`2022-02-05` - `2022-05-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-17` - `2022-06-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
stat-feedot.ru R3	`2022-01-31` - `2022-05-01`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf&gl=GB&m=0&pc=cws&hl=en-GB&src=1
Frame ID: 7BE4C678024F764506C5E523C33F0414
Requests: 60 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html
Frame ID: 9335662F4E84B16214061A3B907F9057
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&adk=1812271804&adf=3025194257&lmt=1648094882&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkodeksy.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882034&bpp=3&bdt=329&idt=187&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6023263103422&frm=20&pv=2&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=204
Frame ID: 8B566B5F4E88F5F9A8BAF2A55877963A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882037&bpp=2&bdt=332&idt=206&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h8kzA8ue6M&p=https%3A//kodeksy.com.ua&dtd=214
Frame ID: 0FE55779654F52581630254E70AEF9F8
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1648094882&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882039&bpp=1&bdt=334&idt=219&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eYzRC2spls&p=https%3A//kodeksy.com.ua&dtd=222
Frame ID: 1716BD506A8C3524800E418D49935B17
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=8772215856&adk=2896405366&adf=2827832974&pi=t.ma~as.8772215856&w=1200&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882040&bpp=1&bdt=335&idt=222&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280%2C160x600&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=I2s0qoguni&p=https%3A//kodeksy.com.ua&dtd=225
Frame ID: 853EB6F5C8FA6DF8E530723BF80DD27A
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 028A0FDB2AB41FA61549E7E2746F9713
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FA92256F06BE8E7BECA8C508057FB240
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Frame ID: FA99D1D969F250E994D519D00A340BB5
Requests: 1 HTTP requests in this frame

Frame: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Frame ID: 388FDD11BAD75D883A48ECA09B0716AD
Requests: 18 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Frame ID: C2CA5E47020A006E606F6B10CF05BD4C
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js
Frame ID: D819AA527530EF25FFCF10C9EA045B20
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly93aWRnZXQuaW5mby1zdGF0aWMucnU6NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=nadsli4a9aqt
Frame ID: F943EF6136166DB7063FE24D5CA050A3
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Before you continue

Page URL History Show full URLs

http://kodeksy.com.ua/ HTTP 301
https://kodeksy.com.ua/ Page URL
https://momad.ru/s/stats Page URL
http://korespodent.net/ Page URL
http://dionysia-phr.com/zcvisitor/005a1d33-ab28-11ec-9872-12c336065217/e6eb32c0-57f0-11e6-9404-0aaf5... HTTP 302
https://dkjfhuyd.fivetrafficroads.com/?cid=4703&clkid=zr005a1d33ab2811ec987212c336065217c0d927a671ef40fabc096b55ea... HTTP 302
https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf HTTP 302
https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oa... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

129
Requests

96 %
HTTPS

81 %
IPv6

21
Domains

30
Subdomains

24
IPs

5
Countries

1997 kB
Transfer

5179 kB
Size

23
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://accounts.google.com/ServiceLogin?hl=en-GB&continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf&gae=cb-

Search URL Search Domain Scan URL

URL: https://policies.google.com/technologies/cookies?hl=en-GB&utm_source=ucb
Title: cookies

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=en-GB&utm_soure=ucb

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=en-GB&utm_soure=ucb

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy?hl=en-GB&utm_source=ucb

Search URL Search Domain Scan URL

URL: https://policies.google.com/terms?hl=en-GB&utm_source=ucb

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kodeksy.com.ua/ HTTP 301
https://kodeksy.com.ua/ Page URL
https://momad.ru/s/stats Page URL
http://korespodent.net/ Page URL
http://dionysia-phr.com/zcvisitor/005a1d33-ab28-11ec-9872-12c336065217/e6eb32c0-57f0-11e6-9404-0aaf54648f79?campaignid=51a84780-a90b-11ec-8724-12beee04f19b HTTP 302
https://dkjfhuyd.fivetrafficroads.com/?cid=4703&clkid=zr005a1d33ab2811ec987212c336065217c0d927a671ef40fabc096b55ead5785a063340cced63078b64&sid=lima-bit-q91uvfh64 HTTP 302
https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf HTTP 302
https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf&gl=GB&m=0&pc=cws&hl=en-GB&src=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://kodeksy.com.ua/ HTTP 301
https://kodeksy.com.ua/

Request Chain 62

https://mc.yandex.ru/watch/56501437?wmode=7&page-url=https%3A%2F%2Fkodeksy.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1014479948433%3Ahid%3A570613333%3Az%3A0%3Ai%3A20220324040802%3Aet%3A1648094883%3Ac%3A1%3Arn%3A629258818%3Arqn%3A1%3Au%3A1648094883654700993%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648094881443%3Ads%3A0%2C47%2C121%2C33%2C91%2C0%2C%2C120%2C0%2C%2C%2C%2C412%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648094883%3At%3A%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20-%20%D0%97%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%202019%20%D1%80%D1%96%D0%BA&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/56501437/1?wmode=7&page-url=https%3A%2F%2Fkodeksy.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1014479948433%3Ahid%3A570613333%3Az%3A0%3Ai%3A20220324040802%3Aet%3A1648094883%3Ac%3A1%3Arn%3A629258818%3Arqn%3A1%3Au%3A1648094883654700993%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648094881443%3Ads%3A0%2C47%2C121%2C33%2C91%2C0%2C%2C120%2C0%2C%2C%2C%2C412%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648094883%3At%3A%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20-%20%D0%97%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%202019%20%D1%80%D1%96%D0%BA&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 74

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 76

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

129 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
kodeksy.com.ua/
Redirect Chain

http://kodeksy.com.ua/
https://kodeksy.com.ua/

21 KB
6 KB

168ms
121ms

Document
text/html

2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c12f4d3943c8a81374ae586d265346a563866e7f612d067f79dec4f47475f303

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AeL9rgh493kqIC6iBAZ94JCqGVbiNDtulqXAasU8qEUwp8JThajfzC8Qxk2ijMIMJbXM%2FtTAKxOsFgUtU9QHuRE1CkoabQW67EnEZXNRsNTw62J%2FC7LNmGp7uOYyx3pJ6rj4kqj1FN44gFHVlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6f0c8b11ecc872a3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

Date: Thu, 24 Mar 2022 04:08:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 24 Mar 2022 05:08:01 GMT
Location: https://kodeksy.com.ua/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a68%2FCibMIPyGPny1dz03jbKG92rNMau5RjICS614%2Fl1h70tDBJhwUWv%2Ft1lNuBJf9Duge5G1NVF46ECq3AdfCkAeQ8Mxrhn54fH6Qe%2FVK%2BT4KXogLXA%2FYIk08hfY1YocCHutX%2FY9KAsyXFoAGg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6f0c8b117802759d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
kodeksy.com.ua/css/ 11 KB
3 KB 105ms
103ms Stylesheet
text/css 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/style.css
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4158f3737728c018c669913cb03f5f306370e8cd4d6869dd0aa493f42bcf29a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Nov 2019 13:47:56 GMT
server: cloudflare
etag: W/"5dc17d8c-2bae"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kb1LiS40j5aDcQDhOUHqIGqSWFcw4geFfF6SO%2BkQi%2F1WowlTT8M896V8u2H6UNn9tiDqJKT9MH%2Fj2P2r7PHiEDfCGiOxlsTJa6mogKgF2T5EyBzqvt0bDni0c6ivCIgG81vPhJbhcw7uVGyy1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f0c8b12dd5372a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 site_custom.css
kodeksy.com.ua/css/ 1 KB
781 B 103ms
102ms Stylesheet
text/css 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/site_custom.css
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efd605e1c67722f8fbdb6a2bf7f5b7b6abe5e22b572d8b995ea3055af306048d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Tue, 05 Nov 2019 13:46:18 GMT
server: cloudflare
etag: W/"5dc17d2a-565"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OhOdRRL%2B5Ubuf1XleZAHm94PP0Djn1hSz2G9pPfz25%2FzfSUVutpDPyZTy1FJC0Jo75BzonJ40O7XHm78806eYdYjTucR0lePJzTYRTZiXUlkwcgq8u7e7LOEKS7zIE17qZotwzQsJGKsknzRcg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f0c8b12dd5472a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 font-awesome.min.css
kodeksy.com.ua/css/font-awesome/css/ 30 KB
7 KB 103ms
103ms Stylesheet
text/css 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/font-awesome/css/font-awesome.min.css
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
etag: W/"5d2c5ad5-791c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BgfTB%2FjDqFjg%2BEDPZXSsfU5DEnF0iRQrxh26gaHTS6%2FPXG7S2JTXfyb9dXMXp5i3tldsfx21ZcgaZMVqVml%2FdBS6iV3l5YoFVKdviCEfLeHXiTiBOX1hKJEhrnxeIqzmwlyykPfcFi2XPaz%2FpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f0c8b12dd5572a3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 jquery-3.2.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 64ms
22ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.2.1.min.js
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15283"
vary: Accept-Encoding
x-hw: 1648094881.dop241.lo4.t,1648094881.cds215.lo4.hn,1648094881.cds253.lo4.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30125

GET
H3 200 ua.js Show response
kodeksy.com.ua/js/lang/ 270 B
712 B 97ms
97ms Script
application/javascript 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/js/lang/ua.js
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4bec998e1b05cf23bc04e91b2e7123e6fa366e33bb9ba36b326a86b16785d97c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
etag: W/"5d2c5ad5-10e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FjcfRkvRzlFQUKs4c9Alh4qgUJEE25bDeuh5WzWqUHMeQusnUPxo0MeBkawn7UT1qtgJ947xU9zyfoLYcByk95wT%2BJpjGbK6k6p3HO3rUQAftVDUcnyEBtSQo2UY8%2FPot9EtAbwa1%2B38OOywYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f0c8b137a5688b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 common.js Show response
kodeksy.com.ua/js/ 2 KB
2 KB 97ms
97ms Script
application/javascript 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/js/common.js?1
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a20c98f2f22e3734c9aed251f226676e977492c50c5949cc892c2fe60eafb78a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 23 Jul 2019 11:35:26 GMT
server: cloudflare
etag: W/"5d36f0fe-9a3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w986RcIItW6EaQqWLq04uGasft8aFfq5j79gQiphOQvXaPd%2BIQpg3wwhsdhSts8l0nLicnnrwtBUanSNuQzhd17vsQUtm0RfP%2F0NmcTf6pvD%2BjfOsj7XFPUXADGGvbS1oDEzJ7uI21IALEvlOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f0c8b137a5788b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 128ms
55ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b71a8416df17291a2e8190d9e6f4a7b74812073985c8bc324179a9ec6416fcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54759
x-xss-protection: 0
server: cafe
etag: 15251303151888862503
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 04:08:01 GMT

GET
H3 200 print.css
kodeksy.com.ua/css/ 1 KB
1005 B 25ms
25ms Stylesheet
text/css 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/print.css
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 088e7de337a0203dae7173ef90488c347769c601b61014939ab520a32c432201

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
age: 1507
etag: W/"5d2c5ad5-4f9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rTdhdOjlML%2Bua%2BTw3LZ4IXHzVfVUg7ZUDFEM04y1tpHqePZpiTt0SsZFrmhZE7j4TuAV932ZKSjAT75VGmunbGUdqUIZPEm4eeSBXbLit9TyK9PPp%2Fn4RNXEiejMejqZjEaW9b56TPFqtC%2BWeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f0c8b138a6d88b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 93 KB
37 KB 121ms
47ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-17274968-3

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c71eda6e9ebe8a146f9ee526becef5cd9986305be443235b1cbd1c2e2fa08da1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37166
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 24 Mar 2022 04:08:01 GMT

GET
H3 200 logo.svg
kodeksy.com.ua/images/ 11 KB
4 KB 26ms
26ms Image
image/svg+xml 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kodeksy.com.ua/images/logo.svg
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/css/style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a18d27b1d95940d8d4569678359bc81a23763330a938f3843b64e5d9d719957d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
age: 1507
etag: W/"5d2c5ad5-2bda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddTorlt2U1Rp9npkVTshS934j%2FX1dUJVQ5c9g2lt2uWhTc4pHjtXbNW2gHHcvbj4VxAikUNpuSexLG1%2Bj1l5KUVxDyOhBzbLjZUFFLUtd2R6674H6MJ3A%2FdVA71CGSHxqbMF%2Bu5jeyxkRBbItg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6f0c8b139a6e88b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 fontawesome-webfont.woff2
kodeksy.com.ua/css/font-awesome/fonts/ 75 KB
76 KB 97ms
97ms Font
font/woff2 2606:4700:3035::ac43:c131
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kodeksy.com.ua/css/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/css/font-awesome/css/font-awesome.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:c131 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://kodeksy.com.ua/css/font-awesome/css/font-awesome.min.css
Origin: https://kodeksy.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:01 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 15 Jul 2019 10:52:05 GMT
server: cloudflare
etag: "5d2c5ad5-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bF1lGVOhKXqShEglL2nFdnmntIS2Mm4bxW2F%2BLipY0GAbkCvn4gbJgay61jvgVtkLf6Galbm4FMb34ZjZH1pW4r4VpM1EeehdRc5QBvUf4KFmQ5QBfXBbD%2FNctIR16ZMhwBgljgyASX9fWCNDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6f0c8b139a7088b0-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160

GET
H2 200 sdk.js Show response
connect.facebook.net/uk_UA/ 3 KB
2 KB 97ms
32ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1153a9b753f8da554cc728c8c3430cb194c346e6d07bcdee9f7b3bbbdd5bfbc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: ePyn8nt+r8FrlGSN1//t1w==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1685
x-fb-rlafr: 0
x-fb-debug: xYb8HQe1EIKcWDsvncsjPwQoC5X0SKqe/Nz1qgl14gkkNpWwfUjVCiEg+UD31hsdvGDANSgPhLZpbcvOYHJThg==
x-fb-trip-id: 2050670934
x-fb-content-md5: e5e56d1074100ef9f35e483ed4f02e5a
x-frame-options: DENY
date: Thu, 24 Mar 2022 04:08:01 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "479cb341826fc51d08b80d24a8d5703b"
timing-allow-origin: *
priority: u=1,i
expires: Thu, 24 Mar 2022 04:09:14 GMT

GET
H2 200 init.js Show response
widget.info-static.ru/js/ 4 KB
2 KB 199ms
58ms Script
application/javascript 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/js/init.js?t=1648094881854
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 8c5ac53f510d53f32e3042df2fd35bab3b918b6daa8beb0c43f80b928242ea57

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 14:38:47 GMT
etag: W/"621cde77-10aa"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H/1.1 200
OK bbqcode Show response
momad.ru/ 4 KB
5 KB 770ms
158ms Script
application/javascript 165.232.142.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://momad.ru/bbqcode?saitDomain=kodeksy.com.ua&clientWidth=1600&referrer=
Requested by: Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/js/common.js?1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.232.142.149 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 677dbbf8ff43e504782de9868bb7426c81b3679879be9f18402e62563e42576e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Thu, 24 Mar 2022 04:08:02 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"1153-IlH0+jphdjN1vWKBRIxYwz5gTXs"
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 4435

GET
H3 200 sdk.js Show response
connect.facebook.net/uk_UA/ 288 KB
82 KB 66ms
32ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/uk_UA/sdk.js?hash=af9c34eaffaaa00d4cb44393ff71e416

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/uk_UA/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf54609e418b0573c7a537e5b9ad28ac05f0ea7fcef23a0880435b53d4f12d0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://kodeksy.com.ua/
Origin: https://kodeksy.com.ua
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: Iyc9qX5Os+VADZi775m5rA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84303
x-fb-rlafr: 0
x-fb-debug: 3FTwMiZpJ5/lvFHFMFv07eAWkN6a3Ia350UQruMW2IUOulq2qjO3kubIfu4HkanflTc0Hkb6amKEHQhP/TYa1g==
x-fb-content-md5: d80993c939abcad6dbd286e9ac3b08b1
x-frame-options: DENY
date: Thu, 24 Mar 2022 04:08:02 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "a456449f04fa70871225afbc8c15a7f2"
timing-allow-origin: *
priority: u=3,i
expires: Fri, 24 Mar 2023 02:49:12 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 104ms
31ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-17274968-3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 196
date: Thu, 24 Mar 2022 04:04:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Thu, 24 Mar 2022 06:04:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/ 297 KB
107 KB 104ms
63ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0714085022877139&plah=kodeksy.com.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2dc803ec47747817fefdfa2975d563583c60e2a689537a38ee2215ec39ce88af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109611
x-xss-protection: 0
server: cafe
etag: 4768526202674967532
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 24 Mar 2022 04:08:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/ Frame 9335 10 KB
5 KB 104ms
31ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220317/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Wed, 23 Mar 2022 23:16:13 GMT
expires: Wed, 06 Apr 2022 23:16:13 GMT
cache-control: public, max-age=1209600
age: 17509
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 settings.js Show response
config.widget.info-static.ru/ 591 B
672 B 186ms
61ms Script
application/javascript 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://config.widget.info-static.ru/settings.js?pid=e34be95c5eeaa413e3f23377209de882&t=1648094882074
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/init.js?t=1648094881854
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 4b13da96a6ed68cd6af2fc3840e8412cf0f164568578874ffd77dafbed230e1a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 79ms
39ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1899906859&t=pageview&_s=1&dl=https%3A%2F%2Fkodeksy.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20-%20%D0%97%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%202019%20%D1%80%D1%96%D0%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1678093078&gjid=173072703&cid=2126350178.1648094882&tid=UA-17274968-3&_gid=444522347.1648094882&_r=1&gtm=2ou3e0&z=712841726

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kodeksy.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kodeksy.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
645 B 111ms
39ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kodeksy.com.ua&callback=_gfp_s_&client=ca-pub-0714085022877139

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-0714085022877139&plah=kodeksy.com.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

fe1a2c376db6f38f7c729c47fbd45414641b0e3e22015a26334ea4f57fd5ad35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 110ms
39ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kodeksy.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 114ms
42ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kodeksy.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8B56 3 KB
578 B 128ms
88ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&adk=1812271804&adf=3025194257&lmt=1648094882&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fkodeksy.com.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882034&bpp=3&bdt=329&idt=187&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6023263103422&frm=20&pv=2&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=204

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d83dacb1d7c78c7fc41af51f2c3577443904fb35de08069cc8aa216594bbfd2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Mar 2022 04:08:02 GMT
server: cafe
content-length: 555
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Mar 2022 04:08:02 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
444 B 79ms
25ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-17274968-3&cid=2126350178.1648094882&jid=1678093078&gjid=173072703&_gid=444522347.1648094882&_u=YEBAAUAAAAAAAC~&z=1351751549

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://kodeksy.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 24 Mar 2022 04:08:02 GMT
content-type: text/plain
access-control-allow-origin: https://kodeksy.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0FE5 94 KB
33 KB 374ms
348ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882037&bpp=2&bdt=332&idt=206&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h8kzA8ue6M&p=https%3A//kodeksy.com.ua&dtd=214

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1cbb4ee5a64838a9790c083276ab3c55600b93cdcccc95ad3e7daa61a21e4f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Mar 2022 04:08:02 GMT
server: cafe
content-length: 33730
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Mar 2022 04:08:02 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1716 74 KB
29 KB 272ms
254ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1648094882&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882039&bpp=1&bdt=334&idt=219&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eYzRC2spls&p=https%3A//kodeksy.com.ua&dtd=222

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe7c8405e37004d602afbe6206d9854a060a7dc88894356b62fac9a20fa1e898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Mar 2022 04:08:02 GMT
server: cafe
content-length: 29911
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Mar 2022 04:08:02 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 853E 98 KB
33 KB 308ms
295ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=8772215856&adk=2896405366&adf=2827832974&pi=t.ma~as.8772215856&w=1200&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882040&bpp=1&bdt=335&idt=222&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280%2C160x600&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=I2s0qoguni&p=https%3A//kodeksy.com.ua&dtd=225

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e4ecc1285834741dcbb12a01850237023ca5f23b149faff5781247e699197ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 24 Mar 2022 04:08:02 GMT
server: cafe
content-length: 33552
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Mar 2022 04:08:02 GMT
cache-control: private

GET
H2 200 main.77fcb608.js Show response
widget.info-static.ru/js/ 93 KB
29 KB 63ms
63ms Script
application/javascript 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/js/main.77fcb608.js
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/init.js?t=1648094881854
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 2a3046a9ebd763470ad803a76bbcc050024483900a4500b265620c6a2a8b20ec

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 14:38:47 GMT
etag: W/"621cde77-17343"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 116ms
44ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17274968-3&cid=2126350178.1648094882&jid=1678093078&_u=YEBAAUAAAAAAAC~&z=159152551

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 114ms
42ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-17274968-3&cid=2126350178.1648094882&jid=1678093078&_u=YEBAAUAAAAAAAC~&z=159152551

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 200 KB
69 KB 229ms
110ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/main.77fcb608.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

c4ce821a6b36fd4c50dd004fd0a5f183f2a57109f0697d7cb45a41a426dcde68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: br
last-modified: Wed, 23 Mar 2022 13:19:15 GMT
etag: "623af423-110f1"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69873
expires: Thu, 24 Mar 2022 05:08:02 GMT

GET
H2 200 / Show response
geo-db.feedot.com/detected-cities/ 617 B
599 B 353ms
194ms XHR
application/json 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://geo-db.feedot.com/detected-cities/?useIp=1&preload=1
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/main.77fcb608.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 495ab245361570d78d65fb2345947fb30427fae08d8614262c524eaf446c0302

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 3489836621999405294
tpc.googlesyndication.com/simgad/ Frame 1716 46 KB
46 KB 156ms
84ms Image
image/png 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3489836621999405294?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qkgWiNlRSvghwJPAKyMD4wc0BU0yw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1648094882&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882039&bpp=1&bdt=334&idt=219&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eYzRC2spls&p=https%3A//kodeksy.com.ua&dtd=222

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d76745ce0acb397a4d3928b989b2084d63f28147fc9de734bd3378d33ac30e81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 05:16:45 GMT
x-content-type-options: nosniff
age: 168677
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46612
x-xss-protection: 0
last-modified: Thu, 22 Jul 2021 02:55:21 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Mar 2023 05:16:45 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame 1716 19 KB
8 KB 111ms
39ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:50:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 1716 2 KB
1 KB 181ms
113ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:44:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1716 119 KB
36 KB 148ms
78ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 04:08:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 1716 15 KB
6 KB 130ms
61ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:46:01 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 1716 28 KB
12 KB 182ms
113ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b32e2a199c3c9352689ae64546f5d70094b7208f0188067d7f583982f9886ef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 21:15:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24778
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11790
x-xss-protection: 0
server: cafe
etag: 15946466291951677483
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 06 Apr 2022 21:15:04 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1716 0
0 50ms
49ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuIfXou47YrrtEofX-gaiiLf4DfmR8_Vo_u_EnMUOqtyPmaUjEAEgoKTTDGC7BqABrZaa2QPIAQKoAwHIA8kEqgTAAU_Qo74gh9fQRYfWdH79q131Qmzpr8iPS3uHEERk85vrMUcIiimXWMyOqvXKvHus8aiVyyvg6Y45ouNRM7ab75kn1R7TvRmBPQFYBa2x9fAwHpSk_G92LAnjErl41HMshqO5ZOS89rpevxUCGNJdkX8hvn_7dPbDljdyekfnyDpyX__dNUvm2Ympgz5fJi2MpXIQc2wqTSu5wOWlrwYPBRj51_uvzAauwc0VNv-3pX_-DHGNuh9iw6hFPiZPldGjOsAE8OyiqeEDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7vp5SaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDZlQHSCAkIgOGAEBABGB-ACgHICwHYEwLQFQGYFgGAFwGyFxwKGggAEhRwdWItMDcxNDA4NTAyMjg3NzEzORgA&sigh=XcNTwUf4324&uach_m=[UACH]&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1648094882&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882039&bpp=1&bdt=334&idt=219&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eYzRC2spls&p=https%3A//kodeksy.com.ua&dtd=222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 24 Mar 2022 04:08:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Mar 2022 04:08:02 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 853E 8 KB
1 KB 117ms
44ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=8772215856&adk=2896405366&adf=2827832974&pi=t.ma~as.8772215856&w=1200&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882040&bpp=1&bdt=335&idt=222&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280%2C160x600&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=I2s0qoguni&p=https%3A//kodeksy.com.ua&dtd=225

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 03:07:58 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 04:08:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 04:08:02 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 853E 2 KB
983 B 95ms
66ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 04:06:19 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 853E 0
0 51ms
51ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxPxnou47YvDoEpS27gOslbPACrrAhYhp5c-nzrEPncHGlo0OEAEgoKTTDGC7BqAB7-3LtwPIAQmoAwHIA8sEqgTAAU_QrZynr_idgc1LfiC5wyhU-ni63Y3ACseIv5C2KwrfPgynyoM--3skUydeQIE0Emh54rKKltPKkpK4IHTZw5oS3zHJCA69z1ZzK8GD-gn7BQWEFupvZBGPvNRS6RDrBtPoYxhxoOgyzn4nTyjCH_v4NNzSNzfco7M1XSTsBpq-BgaL8MBX0vJ6BHi6SXoZ9h0p7qeutcBakQLMT-VRlXlxuD4QawFnxWTmQqWF9bKmUVYj7NSb0i0V4oyjg_cBlsAEhu6QyfEDkgUECAQYAZIFBAgFGASgBi6AB_mRtEioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHAxC3etIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFALQFQGAFwGyFxwKGggAEhRwdWItMDcxNDA4NTAyMjg3NzEzORgA&sigh=c2nsNPgkSgM&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=8772215856&adk=2896405366&adf=2827832974&pi=t.ma~as.8772215856&w=1200&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882040&bpp=1&bdt=335&idt=222&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280%2C160x600&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1931&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=I2s0qoguni&p=https%3A//kodeksy.com.ua&dtd=225
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 24 Mar 2022 04:08:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 24 Mar 2022 04:08:02 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame 853E 19 KB
8 KB 59ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:50:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 853E 2 KB
1 KB 93ms
65ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:44:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 853E 119 KB
37 KB 69ms
40ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 04:08:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 853E 15 KB
6 KB 63ms
35ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:46:01 GMT

GET
H2 200 c5c2d0ec538305d3144caccb9e9ba20c.js Show response
www.gstatic.com/mysidia/ Frame 853E 28 KB
12 KB 106ms
35ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 03:20:34 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/11787009824116433641/ Frame 853E 25 KB
25 KB 89ms
66ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11787009824116433641/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623b7045e8d685e2b2d2491159acfcdc5766eb1637b7c998af08551124038401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 04:33:24 GMT
x-content-type-options: nosniff
age: 603278
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25590
x-xss-protection: 0
last-modified: Fri, 17 Sep 2021 00:22:28 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 17 Mar 2023 04:33:24 GMT

GET
DATA 200
OK truncated
/ Frame 853E 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 853E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 583c04eba622323b1bc7d6fda2f57e1e.js Show response
www.gstatic.com/mysidia/ Frame 0FE5 9 KB
4 KB 60ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/583c04eba622323b1bc7d6fda2f57e1e.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882037&bpp=2&bdt=332&idt=206&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h8kzA8ue6M&p=https%3A//kodeksy.com.ua&dtd=214

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3720
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 03:38:40 GMT

GET
H2 200 d153763d065fc486a30a5318c8635961.js Show response
www.gstatic.com/mysidia/ Frame 0FE5 8 KB
4 KB 60ms
33ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/d153763d065fc486a30a5318c8635961.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:38:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1762
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3697
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 03:38:40 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0FE5 8 KB
965 B 70ms
47ms Stylesheet
text/css 2a00:1450:4001:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 24 Mar 2022 02:49:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Thu, 24 Mar 2022 04:08:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 24 Mar 2022 04:08:02 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 0FE5 2 KB
904 B 72ms
31ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:06:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 103
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 04:06:19 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/ Frame 0FE5 19 KB
8 KB 86ms
86ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:50:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1051
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:50:31 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 0FE5 2 KB
1 KB 67ms
30ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1392
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:44:50 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0FE5 119 KB
36 KB 79ms
79ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36904
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1648035241783118"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 24 Mar 2022 04:08:02 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/ Frame 0FE5 15 KB
6 KB 87ms
87ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220317/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:46:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1321
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Apr 2022 03:46:01 GMT

GET
H3 200 c5c2d0ec538305d3144caccb9e9ba20c.js Show response
www.gstatic.com/mysidia/ Frame 0FE5 28 KB
12 KB 72ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c5c2d0ec538305d3144caccb9e9ba20c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 03:20:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11812
x-xss-protection: 0
last-modified: Tue, 22 Mar 2022 03:00:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 22 Jun 2022 03:20:34 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 028A 143 B
163 B 32ms
31ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=600&slotname=5507812167&adk=3595555304&adf=4182175903&pi=t.ma~as.5507812167&w=160&lmt=1648094882&psa=0&format=160x600&url=https%3A%2F%2Fkodeksy.com.ua%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882039&bpp=1&bdt=334&idt=219&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1074x280&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=100&ady=1325&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=eYzRC2spls&p=https%3A//kodeksy.com.ua&dtd=222

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 24 Mar 2022 04:06:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

1 Show response
mc.yandex.ru/watch/56501437/
Redirect Chain

https://mc.yandex.ru/watch/56501437?wmode=7&page-url=https%3A%2F%2Fkodeksy.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3...
https://mc.yandex.ru/watch/56501437/1?wmode=7&page-url=https%3A%2F%2Fkodeksy.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala...

357 B
439 B

58ms
58ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56501437/1?wmode=7&page-url=https%3A%2F%2Fkodeksy.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1014479948433%3Ahid%3A570613333%3Az%3A0%3Ai%3A20220324040802%3Aet%3A1648094883%3Ac%3A1%3Arn%3A629258818%3Arqn%3A1%3Au%3A1648094883654700993%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648094881443%3Ads%3A0%2C47%2C121%2C33%2C91%2C0%2C%2C120%2C0%2C%2C%2C%2C412%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648094883%3At%3A%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20-%20%D0%97%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%202019%20%D1%80%D1%96%D0%BA&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

621862a354d0ddb59e386052f61e2df6b219ccf923d9feac54008faa22d9ef2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 24-Mar-2022 04:08:02 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kodeksy.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Thu, 24-Mar-2022 04:08:02 GMT

Redirect headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:02 GMT
last-modified: Thu, 24-Mar-2022 04:08:02 GMT
location: /watch/56501437/1?wmode=7&page-url=https%3A%2F%2Fkodeksy.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afp%3A420%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A1014479948433%3Ahid%3A570613333%3Az%3A0%3Ai%3A20220324040802%3Aet%3A1648094883%3Ac%3A1%3Arn%3A629258818%3Arqn%3A1%3Au%3A1648094883654700993%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1648094881443%3Ads%3A0%2C47%2C121%2C33%2C91%2C0%2C%2C120%2C0%2C%2C%2C%2C412%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648094883%3At%3A%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20-%20%D0%97%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%202019%20%D1%80%D1%96%D0%BA&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://kodeksy.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Thu, 24-Mar-2022 04:08:02 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 56ms
55ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
last-modified: Wed, 23 Mar 2022 13:19:15 GMT
etag: "623af423-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 24 Mar 2022 05:08:02 GMT

GET
H2 200 assets.json Show response
widget.info-static.ru/ 1 KB
709 B 202ms
82ms XHR
application/json 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/assets.json?nocache=0.5979897656327005
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/main.77fcb608.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 0c13422d50cbe999f79243901db83ea8a26b8004e4802e955ac7e44088b7a9c3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 14:40:21 GMT
etag: W/"621cded5-459"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 assets.react.json Show response
widget.info-static.ru/ 969 B
631 B 203ms
83ms XHR
application/json 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/assets.react.json?nocache=0.14739240959716637
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/main.77fcb608.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 513c30585990cb95d7aa5ee9816cf235145eaa650bdc4bb060db233be01b17b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:02 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 14:39:36 GMT
etag: W/"621cdea8-3c9"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
DATA 200
OK truncated
/ Frame 853E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca6a66df9f553a2e58def432b02f42f4f399f23abebe4f303b7b77107a2bd72b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0FE5 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQoEPou47YsDoEoyKgAf7r7aYCPnyu9Fox4Xq9ucPnriItoMDEAEgoKTTDGC7BqABld-PkwLIAQGpAqkvMhSE24M-qAMByAPLBKoEwwFP0NvThGIpmKSRvzINHSZpKIzbqbyz97rJewJ-k4jmPKvWFqR2y5z2bckAVycQqE5oSURQERU6J-4zPUBbWTm1DD7s9TkRG9KcP9YBAg9zavSIZE8YfRZ1YhpitFdrKMutyG41qtDlBPX_bbiYxHS6W2EJz0kuDbhF5y9gIBs3HEvIUj1WlZaQjCX2rTe7-OWXgEXGhg96icEOJUNcpCm36KUeftLuf8QzEqwwimbB9auvwDdOTNbXg2TLpW9YC6AIUHrABL2isJTvA5IFBAgEGAGSBQQIBRgEgAfToPDsAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEK7PFtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0wNzE0MDg1MDIyODc3MTM5GAA&sigh=hJgyRf_JqUE&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882037&bpp=2&bdt=332&idt=206&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h8kzA8ue6M&p=https%3A//kodeksy.com.ua&dtd=214
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 24 Mar 2022 04:08:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA92 143 B
163 B 31ms
31ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0714085022877139&output=html&h=280&slotname=7265485077&adk=3397636257&adf=3246541266&pi=t.ma~as.7265485077&w=1074&fwrn=4&fwrnh=100&lmt=1648094882&rafmt=1&psa=0&format=1074x280&url=https%3A%2F%2Fkodeksy.com.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1648094882037&bpp=2&bdt=332&idt=206&shv=r20220317&mjsv=m202203170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6023263103422&frm=20&pv=1&ga_vid=2126350178.1648094882&ga_sid=1648094882&ga_hid=1899906859&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=290&ady=113&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31065371%2C44760495&oid=2&pvsid=3828732815129329&pem=726&tmod=1684644005&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CoeE%7C&abl=NS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=h8kzA8ue6M&p=https%3A//kodeksy.com.ua&dtd=214

Response headers

x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 145
x-xss-protection: 0
date: Thu, 24 Mar 2022 04:06:52 GMT
cache-control: public, max-age=3600
content-type: text/html; charset=UTF-8
age: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK gstats
momad.ru/f/ 33 B
358 B 862ms
401ms XHR
application/json 165.232.142.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://momad.ru/f/gstats
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/main.77fcb608.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.232.142.149 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Referer: https://kodeksy.com.ua/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

Date: Thu, 24 Mar 2022 04:08:03 GMT
Server: nginx/1.14.0 (Ubuntu)
X-Powered-By: Express
ETag: W/"21-uK3xslFNuPqtqXcA+PzECVEyrvE"
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache
Connection: keep-alive
Content-Length: 33

GET
DATA 200
OK truncated
/ Frame 1716 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ce217adde05dc0d170d3b8f5d544dc16f10649c885a3eec0366868310b75fca

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 853E 28 KB
28 KB 104ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 105625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:47:37 GMT

GET
DATA 200
OK truncated
/ Frame 0FE5 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38b9b84f05c24d0d34831449c968f28f4218f46ac4a292e8e013ae3fcf0894a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 56501437 Show response
mc.yandex.ru/watch/ 43 B
73 B 56ms
56ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/56501437?page-url=goal%3A%2F%2Fkodeksy.com.ua%2Fused_loader_version2&page-ref=https%3A%2F%2Fkodeksy.com.ua%2F&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2ej8hz2%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A1%3Als%3A1014479948433%3Ahid%3A570613333%3Az%3A0%3Ai%3A20220324040802%3Aet%3A1648094883%3Ac%3A1%3Arn%3A904916405%3Arqn%3A2%3Au%3A1648094883654700993%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1648094881443%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1648094883%3At%3A%D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0%20-%20%D0%97%D0%B0%D0%BA%D0%BE%D0%BD%D0%BE%D0%B4%D0%B0%D0%B2%D1%81%D1%82%D0%B2%D0%BE%20%D0%A3%D0%BA%D1%80%D0%B0%D1%97%D0%BD%D0%B8%202019%20%D1%80%D1%96%D0%BA&t=gdpr(14)mc(g-1)aw(1)ti(2)

Requested by

Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/main.77fcb608.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:02 GMT
last-modified: Thu, 24-Mar-2022 04:08:02 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://kodeksy.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 24-Mar-2022 04:08:02 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 028A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

48ms
47ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Mar 2022 04:08:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Mar 2022 04:08:03 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Mar 2022 04:08:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame FA99 35 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 08:58:54 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FA92
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

48ms
48ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Mar 2022 04:08:03 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 24 Mar 2022 04:08:03 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 24 Mar 2022 04:08:02 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v42/ Frame 0FE5 28 KB
28 KB 86ms
64ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v42/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 22:47:37 GMT
x-content-type-options: nosniff
age: 105625
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28328
x-xss-protection: 0
last-modified: Tue, 01 Mar 2022 21:57:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 22 Mar 2023 22:47:37 GMT

GET
H2 200 widget-chat-7d5687c8.html Show response
widget.info-static.ru/ Frame 388F 29 KB
10 KB 66ms
65ms Document
text/html 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/main.77fcb608.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: fc4355189b6dc16c9d774b5217ec6b1ade321882d4fdfd8dca1b2a9978568f23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
content-type: text/html; charset=utf-8
last-modified: Mon, 28 Feb 2022 14:40:21 GMT
vary: Accept-Encoding
etag: W/"621cded5-75c1"
content-encoding: gzip
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame C2CA 35 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 08:58:54 GMT

GET
H2 200 chat.dd7d4d51.min.css
widget.info-static.ru/css/ Frame 388F 83 KB
14 KB 60ms
59ms Stylesheet
text/css 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/css/chat.dd7d4d51.min.css
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 4ad5e9dea686cd0ba195c6b4199fa62d256b56a557f34865be5a88ca1231bfa8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 14:40:21 GMT
etag: W/"621cded5-14b8e"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 vendor.81061ef1.min.js Show response
widget.info-static.ru/js/ Frame 388F 237 KB
81 KB 117ms
116ms Script
application/javascript 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/js/vendor.81061ef1.min.js
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: ba295598fc3ee1ec8852b0aabe7c47937e67ff44844bbd4297a91e6baab14f43

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 14:40:21 GMT
etag: W/"621cded5-3b598"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 metrics.34bdfe7a.min.js Show response
widget.info-static.ru/js/ Frame 388F 991 B
977 B 60ms
60ms Script
application/javascript 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/js/metrics.34bdfe7a.min.js
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: eb8b7fd514481512414c948d76ef731124240a9368e2272a9d6570483b47fbab

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 14:40:21 GMT
etag: W/"621cded5-3df"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H2 200 chat.b05631e4.min.js Show response
widget.info-static.ru/js/ Frame 388F 141 KB
39 KB 61ms
61ms Script
application/javascript 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/js/chat.b05631e4.min.js
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: d97ba588b468002def8432bca43faeb4a0422874b50efcd2e68ddf53f824c878

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: gzip
last-modified: Mon, 28 Feb 2022 14:40:21 GMT
etag: W/"621cded5-23200"
vary: Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization

GET
H3 200 w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js Show response
pagead2.googlesyndication.com/bg/ Frame D819 35 KB
14 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/w5W1EixFGUzWFgZOi1zWjT-g-ai_4t-KN23ava9eLxA.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 08:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68949
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13798
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 08:58:54 GMT

OPTIONS
H2 204 /
stat-feedot.ru/event/ Frame 0
0 183ms
57ms Preflight 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://widget.info-static.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
content-length: 0

GET
H3 200 api.js Show response
www.google.com/recaptcha/ Frame 388F 884 B
607 B 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp

Requested by

Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/vendor.81061ef1.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c695c21a6e2889177f0b2af3f3e4a98cd00390d6e96ba8c6cf844b188a02b803

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 586
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 04:08:03 GMT

GET
H2 200 avatar.png
widget.info-static.ru/images/avatars/animated/loops/right/1/48/ Frame 388F 5 KB
5 KB 59ms
59ms Image
image/png 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.info-static.ru/images/avatars/animated/loops/right/1/48/avatar.png
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: c075e353c0df1f5005c652ea8e3221dee5951e8f00bfa35151f9b4382bac25e1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
last-modified: Mon, 28 Feb 2022 12:43:01 GMT
etag: "621cc355-1241"
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 4673

GET
H2 200 background.jpg
widget.info-static.ru/images/skins/telegram/ Frame 388F 29 KB
29 KB 57ms
57ms Image
image/jpeg 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget.info-static.ru/images/skins/telegram/background.jpg
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 1e0ed38ff8e6d6a5cd264a3966331fcbc875a5d4345e5ffe4c24acae0fc9794d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
last-modified: Mon, 28 Feb 2022 12:43:01 GMT
etag: "621cc355-73b8"
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
content-length: 29624

POST
H2 200 / Show response
stat-feedot.ru/event/ Frame 388F 20 B
470 B 123ms
122ms XHR
application/json 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/vendor.81061ef1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: */*
Referer: https://widget.info-static.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

serverid: clickhouse-receiver-receiver-57c65ccd58-vf5tw
pragma: no-cache
date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: -1

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ Frame 388F 200 KB
68 KB 58ms
58ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

9ce79ce26140a662f35113ab302e3bde45e5eac490fa260bf61f7aa15c6b4730

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: br
last-modified: Wed, 23 Mar 2022 13:19:15 GMT
etag: "623af423-11110"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69904
expires: Thu, 24 Mar 2022 05:08:03 GMT

GET
H2 206 initial.webm
widget.info-static.ru/images/avatars/animated/loops/right/1/48/ Frame 388F 61 KB
62 KB 60ms
60ms Media
video/webm 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/images/avatars/animated/loops/right/1/48/initial.webm
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: f54989f34875f0707fe1af46ef810e1d53c869eb634e8e35b4fbc207b26a3732

Request headers

Referer: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
last-modified: Mon, 28 Feb 2022 12:43:01 GMT
access-control-allow-origin: *
etag: "621cc355-f5f3"
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: video/webm
Content-Range: bytes 0-62962/62963
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length: 62963

GET
H2 206 awake2.mp3
widget.info-static.ru/audios/ Frame 388F 10 KB
11 KB 66ms
66ms Media
audio/mpeg 82.202.220.204
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.info-static.ru/audios/awake2.mp3
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.204 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 2f6f908ee4faaf5ecb71c7963488832a67c73cde360938b6c9121b6fa771d230

Request headers

Referer: https://widget.info-static.ru/widget-chat-7d5687c8.html?operatorName=%D0%9E%D0%BB%D0%B5%D0%BA%D1%81%D0%B0%D0%BD%D0%B4%D1%80%D0%B0&operatorSurname=%D0%97%D0%B5%D0%BB%D0%B5%D0%BD%D1%81%D1%8C%D0%BA%D0%B0&operatorDescription=%D0%AE%D1%80%D0%B8%D1%81%D1%82-%D0%BA%D0%BE%D0%BD%D1%81%D1%83%D0%BB%D1%8C%D1%82%D0%B0%D0%BD%D1%82&theme=telegram&secretHash=143988624b868d1a369ea557de9d505e&lv=3&partnerId=d63d3a1dfc909320a37a4b7172f60eba&partnerWidgetId=14581&partnerPlatformId=2457&instanceIndex=0&widgetId=47fb4f02-11c0-4732-9e08-5707638f8128&widgetType=chat&isMobile=false&isIOS=false&pageUrl=https%3A%2F%2Fkodeksy.com.ua%2F&hasMetaTagViewPort=true&width=1600&height=1200&session=%7B%22sessionId%22%3A%22e06dcf96-c53e-4966-a010-a860eb40b6a9%22%7D&isStandaloneLoad=false&measure=%7B%22project%22%3A%22pravoved%22%2C%22category%22%3Anull%7D
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
last-modified: Mon, 28 Feb 2022 12:42:59 GMT
access-control-allow-origin: *
etag: "621cc353-29eb"
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: audio/mpeg
Content-Range: bytes 0-10730/10731
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
Content-Length: 10731

POST
H2 200 / Show response
stat-feedot.ru/event/ Frame 388F 20 B
470 B 86ms
85ms XHR
application/json 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Requested by: Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/vendor.81061ef1.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Accept: */*
Referer: https://widget.info-static.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

serverid: clickhouse-receiver-receiver-57c65ccd58-f4xk5
pragma: no-cache
date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: gzip
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
expires: -1

OPTIONS
H2 204 /
stat-feedot.ru/event/ Frame 0
0 174ms
57ms Preflight 82.202.220.203
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL: https://stat-feedot.ru/event/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 82.202.220.203 , Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://widget.info-static.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization
access-control-max-age: 1728000
content-length: 0

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame 388F 357 KB
141 KB 71ms
30ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

41a65d5276c8d1b2c5f16f1a833a45e0a4882516f806938c340b6a93fb7a25bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widget.info-static.ru/
Origin: https://widget.info-static.ru
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 01:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143864
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 01:56:15 GMT

GET
H2 200 57119542 Show response
mc.yandex.ru/watch/ Frame 388F 357 B
459 B 56ms
56ms XHR
application/json 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57119542?wmode=7&page-url=https%3A%2F%2Fwidget.info-static.ru%2Fwidget-chat-7d5687c8.html%3FoperatorName%3D%25D0%259E%25D0%25BB%25D0%25B5%25D0%25BA%25D1%2581%25D0%25B0%25D0%25BD%25D0%25B4%25D1%2580%25D0%25B0%26operatorSurname%3D%25D0%2597%25D0%25B5%25D0%25BB%25D0%25B5%25D0%25BD%25D1%2581%25D1%258C%25D0%25BA%25D0%25B0%26operatorDescription%3D%25D0%25AE%25D1%2580%25D0%25B8%25D1%2581%25D1%2582-%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2581%25D1%2583%25D0%25BB%25D1%258C%25D1%2582%25D0%25B0%25D0%25BD%25D1%2582%26theme%3Dtelegram%26secretHash%3D143988624b868d1a369ea557de9d505e%26lv%3D3%26partnerId%3Dd63d3a1dfc909320a37a4b7172f60eba%26partnerWidgetId%3D14581%26partnerPlatformId%3D2457%26instanceIndex%3D0%26widgetId%3D47fb4f02-11c0-4732-9e08-5707638f8128%26widgetType%3Dchat%26isMobile%3Dfalse%26isIOS%3Dfalse%26pageUrl%3Dhttps%253A%252F%252Fkodeksy.com.ua%252F%26hasMetaTagViewPort%3Dtrue%26width%3D1600%26height%3D1200%26session%3D%257B%2522sessionId%2522%253A%2522e06dcf96-c53e-4966-a010-a860eb40b6a9%2522%257D%26isStandaloneLoad%3Dfalse%26measure%3D%257B%2522project%2522%253A%2522pravoved%2522%252C%2522category%2522%253Anull%257D&page-ref=https%3A%2F%2Fkodeksy.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2dfa4fy%3Afp%3A357%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A0%3Als%3A277838346374%3Ahid%3A587806354%3Az%3A0%3Ai%3A20220324040803%3Aet%3A1648094883%3Ac%3A1%3Arn%3A291366129%3Arqn%3A1%3Au%3A1648094883682185654%3Aw%3A2000x2000%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Ans%3A1648094882991%3Ads%3A0%2C0%2C65%2C1%2C0%2C0%2C%2C258%2C0%2C%2C%2C%2C326%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648094883%3At%3A&t=gdpr(14)aw(1)ti(2)

Requested by

Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/vendor.81061ef1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

a68e49920c432a50fb1dc00e8b9ea58b266f66a9ecd59a7f90b5ddd2fe02c7d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 24-Mar-2022 04:08:03 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.info-static.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Thu, 24-Mar-2022 04:08:03 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ Frame 388F 43 B
72 B 55ms
55ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
last-modified: Wed, 23 Mar 2022 13:19:15 GMT
etag: "623af423-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 24 Mar 2022 05:08:03 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F943 41 KB
21 KB 53ms
53ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly93aWRnZXQuaW5mby1zdGF0aWMucnU6NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=nadsli4a9aqt

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a40c7fda2ce61112e1637b28caece81e9a701ff723f7781839287fe03c15a520

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pHyBoPOsZqjdjEsb2XG7sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://widget.info-static.ru/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 04:08:03 GMT
content-security-policy: script-src 'report-sample' 'nonce-pHyBoPOsZqjdjEsb2XG7sQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 21722
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 1 Show response
mc.yandex.ru/watch/57119542/ Frame 388F 43 B
73 B 57ms
56ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57119542/1?page-url=goal%3A%2F%2Fwidget.info-static.ru%2Fwidget-chat__used_loader_version2&page-ref=https%3A%2F%2Fwidget.info-static.ru%2Fwidget-chat-7d5687c8.html%3FoperatorName%3D%25D0%259E%25D0%25BB%25D0%25B5%25D0%25BA%25D1%2581%25D0%25B0%25D0%25BD%25D0%25B4%25D1%2580%25D0%25B0%26operatorSurname%3D%25D0%2597%25D0%25B5%25D0%25BB%25D0%25B5%25D0%25BD%25D1%2581%25D1%258C%25D0%25BA%25D0%25B0%26operatorDescription%3D%25D0%25AE%25D1%2580%25D0%25B8%25D1%2581%25D1%2582-%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2581%25D1%2583%25D0%25BB%25D1%258C%25D1%2582%25D0%25B0%25D0%25BD%25D1%2582%26theme%3Dtelegram%26secretHash%3D143988624b868d1a369ea557de9d505e%26lv%3D3%26partnerId%3Dd63d3a1dfc909320a37a4b7172f60eba%26partnerWidgetId%3D14581%26partnerPlatformId%3D2457%26instanceIndex%3D0%26widgetId%3D47fb4f02-11c0-4732-9e08-5707638f8128%26widgetType%3Dchat%26isMobile%3Dfalse%26isIOS%3Dfalse%26pageUrl%3Dhttps%253A%252F%252Fkodeksy.com.ua%252F%26hasMetaTagViewPort%3Dtrue%26width%3D1600%26height%3D1200%26session%3D%257B%2522sessionId%2522%253A%2522e06dcf96-c53e-4966-a010-a860eb40b6a9%2522%257D%26isStandaloneLoad%3Dfalse%26measure%3D%257B%2522project%2522%253A%2522pravoved%2522%252C%2522category%2522%253Anull%257D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2dfa4fy%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A1%3Als%3A277838346374%3Ahid%3A587806354%3Az%3A0%3Ai%3A20220324040803%3Aet%3A1648094884%3Ac%3A1%3Arn%3A65748213%3Arqn%3A2%3Au%3A1648094883682185654%3Aw%3A2000x2000%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1648094882991%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648094884%3At%3A&t=gdpr(14)mc(g-2)lt(5000)aw(1)ti(2)

Requested by

Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/vendor.81061ef1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.info-static.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:03 GMT
last-modified: Thu, 24-Mar-2022 04:08:03 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://widget.info-static.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 24-Mar-2022 04:08:03 GMT

POST
H2 200 1 Show response
mc.yandex.ru/watch/57119542/ Frame 388F 43 B
73 B 57ms
57ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/57119542/1?page-url=goal%3A%2F%2Fwidget.info-static.ru%2Fwidget-chat__view&page-ref=https%3A%2F%2Fwidget.info-static.ru%2Fwidget-chat-7d5687c8.html%3FoperatorName%3D%25D0%259E%25D0%25BB%25D0%25B5%25D0%25BA%25D1%2581%25D0%25B0%25D0%25BD%25D0%25B4%25D1%2580%25D0%25B0%26operatorSurname%3D%25D0%2597%25D0%25B5%25D0%25BB%25D0%25B5%25D0%25BD%25D1%2581%25D1%258C%25D0%25BA%25D0%25B0%26operatorDescription%3D%25D0%25AE%25D1%2580%25D0%25B8%25D1%2581%25D1%2582-%25D0%25BA%25D0%25BE%25D0%25BD%25D1%2581%25D1%2583%25D0%25BB%25D1%258C%25D1%2582%25D0%25B0%25D0%25BD%25D1%2582%26theme%3Dtelegram%26secretHash%3D143988624b868d1a369ea557de9d505e%26lv%3D3%26partnerId%3Dd63d3a1dfc909320a37a4b7172f60eba%26partnerWidgetId%3D14581%26partnerPlatformId%3D2457%26instanceIndex%3D0%26widgetId%3D47fb4f02-11c0-4732-9e08-5707638f8128%26widgetType%3Dchat%26isMobile%3Dfalse%26isIOS%3Dfalse%26pageUrl%3Dhttps%253A%252F%252Fkodeksy.com.ua%252F%26hasMetaTagViewPort%3Dtrue%26width%3D1600%26height%3D1200%26session%3D%257B%2522sessionId%2522%253A%2522e06dcf96-c53e-4966-a010-a860eb40b6a9%2522%257D%26isStandaloneLoad%3Dfalse%26measure%3D%257B%2522project%2522%253A%2522pravoved%2522%252C%2522category%2522%253Anull%257D&charset=utf-8&browser-info=ar%3A1%3Agdpr%3A14%3Avf%3Auq3ipefhyn2n2dfa4fy%3Afu%3A3%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A771%3Acn%3A1%3Adp%3A1%3Als%3A277838346374%3Ahid%3A587806354%3Az%3A0%3Ai%3A20220324040803%3Aet%3A1648094884%3Ac%3A1%3Arn%3A414418810%3Arqn%3A3%3Au%3A1648094883682185654%3Aw%3A2000x2000%3As%3A1600x1200x24%3Ask%3A1%3Aifr%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1648094882991%3Awv%3A2%3Aco%3A0%3Arqnl%3A1%3Ast%3A1648094884%3At%3A&t=gdpr(14)mc(g-2)lt(5000)aw(1)ti(2)

Requested by

Host: widget.info-static.ru
URL: https://widget.info-static.ru/js/vendor.81061ef1.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://widget.info-static.ru/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:03 GMT
last-modified: Thu, 24-Mar-2022 04:08:03 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://widget.info-static.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 24-Mar-2022 04:08:03 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame F943 51 KB
24 KB 31ms
31ms Stylesheet
text/css 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly93aWRnZXQuaW5mby1zdGF0aWMucnU6NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=nadsli4a9aqt

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 22:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19708
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 22:39:35 GMT

GET
H3 200 recaptcha__en.js
www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/ Frame F943 357 KB
141 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 01:56:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 143864
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 04:02:07 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 24 Mar 2023 01:56:15 GMT

GET
H/1.1 200
OK stats
momad.ru/s/ 107 B
468 B 156ms
155ms Document
text/html 165.232.142.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://momad.ru/s/stats
Requested by: Host: momad.ru
URL: https://momad.ru/bbqcode?saitDomain=kodeksy.com.ua&clientWidth=1600&referrer=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 165.232.142.149 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://kodeksy.com.ua/

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 24 Mar 2022 04:08:03 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-store no-cache
ETag: W/"6b-OEth+ALPNrbgRromnTQctnW9dqk"
Content-Encoding: gzip

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F943 2 KB
2 KB 31ms
31ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/zLD1nfkNCJC1kEswSRdSyd-p/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 03:05:30 GMT
x-content-type-options: nosniff
age: 90153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Wed, 30 Mar 2022 03:05:30 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F943 15 KB
15 KB 69ms
30ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 146998
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:18:05 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F943 15 KB
15 KB 78ms
40ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 119295
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 18:59:48 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F943 102 B
134 B 40ms
40ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcOjdIZAAAAAKDI6b7ZOfzmmQ6rYQbS-Yfa9gzp&co=aHR0cHM6Ly93aWRnZXQuaW5mby1zdGF0aWMucnU6NDQz&hl=en&v=zLD1nfkNCJC1kEswSRdSyd-p&size=invisible&cb=nadsli4a9aqt
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 24 Mar 2022 04:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 24 Mar 2022 04:08:03 GMT

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 0FE5 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 1716 0
0

GET activeview
pagead2.googlesyndication.com/pcs/ Frame 853E 0
0

GET
H/1.1 200
OK / Show response
korespodent.net/ 240 B
564 B 322ms
157ms Document
text/html 165.232.142.149
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: http://korespodent.net/
Protocol: HTTP/1.1
Server: 165.232.142.149 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) / Express
Resource Hash: 63e297c5f7ffed6f6cb72b4c970e02f696c312b317c9b6fd30b5c9b0829c5ad9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Server: nginx/1.14.0 (Ubuntu)
Date: Thu, 24 Mar 2022 04:08:04 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: no-store no-cache
ETag: W/"f0-tTmn4N+9TSt7wE9eMtfK5bZeTKc"
Content-Encoding: gzip

GET
H2

200

Primary Request m Show response
consent.google.com/
Redirect Chain

http://dionysia-phr.com/zcvisitor/005a1d33-ab28-11ec-9872-12c336065217/e6eb32c0-57f0-11e6-9404-0aaf54648f79?campaignid=51a84780-a90b-11ec-8724-12beee04f19b
https://dkjfhuyd.fivetrafficroads.com/?cid=4703&clkid=zr005a1d33ab2811ec987212c336065217c0d927a671ef40fabc096b55ead5785a063340cced63078b64&sid=lima-bit-q91uvfh64
https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf
https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf&gl=GB&m=0&pc=cws&hl=en-GB&src=1

364 KB
40 KB

193ms
108ms

Document
text/html

2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf&gl=GB&m=0&pc=cws&hl=en-GB&src=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

17584c41820525c375fc66effa1bb99b6dd0a570fbcdc4668b99f775bc3300b2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4MUf0zo+ZW3SEVW+koLEwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentUi/cspreport;worker-src 'self' script-src 'nonce-4MUf0zo+ZW3SEVW+koLEwA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentUi/cspreport require-trusted-types-for 'script';report-uri /_/ConsentUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: http://korespodent.net/

Response headers

content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-ua-compatible: IE=edge
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 04:08:06 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-4MUf0zo+ZW3SEVW+koLEwA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentUi/cspreport;worker-src 'self' script-src 'nonce-4MUf0zo+ZW3SEVW+koLEwA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentUi/cspreport require-trusted-types-for 'script';report-uri /_/ConsentUi/cspreport
report-to: {"group":"ConsentUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ConsentUi/external"}]}
cross-origin-opener-policy: unsafe-none; report-to="ConsentUi"
cross-origin-resource-policy: same-site
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

content-type: application/binary
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 24 Mar 2022 04:08:05 GMT
location: https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf&gl=GB&m=0&pc=cws&hl=en-GB&src=1
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-xqzGqAaUX9p7AteUAmOGpA' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';worker-src 'self';report-uri /webstore/cspreport
cross-origin-opener-policy: unsafe-none; report-to="coop_chromewebstore"
report-to: {"group":"coop_chromewebstore","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chromewebstore"}]}
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 204 cspreport
consent.google.com/_/ConsentUi/ 0
23 B 100ms
61ms Other
text/html 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.google.com/_/ConsentUi/cspreport

Requested by

Host: kodeksy.com.ua
URL: https://kodeksy.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yg83j+GTCIyUSKa63mljOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentUi/cspreport;worker-src 'self', script-src 'nonce-Yg83j+GTCIyUSKa63mljOw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentUi/cspreport, require-trusted-types-for 'script';report-uri /_/ConsentUi/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf&gl=GB&m=0&pc=cws&hl=en-GB&src=1
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Thu, 24 Mar 2022 04:08:06 GMT
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-Yg83j+GTCIyUSKa63mljOw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ConsentUi/cspreport;worker-src 'self', script-src 'nonce-Yg83j+GTCIyUSKa63mljOw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ConsentUi/cspreport, require-trusted-types-for 'script';report-uri /_/ConsentUi/cspreport
content-type: text/html; charset=utf-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/am=AAv4ABA/d=1/excm=_b,_tp,mainview/ed=1/dg=0/wt=2/esmo=1/rs=AOaEmlEx55P2epyzwelPyGhWS2k1cxAqkA/ 175 KB
61 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/am=AAv4ABA/d=1/excm=_b,_tp,mainview/ed=1/dg=0/wt=2/esmo=1/rs=AOaEmlEx55P2epyzwelPyGhWS2k1cxAqkA/m=_b,_tp

Requested by

Host: consent.google.com
URL: https://consent.google.com/m?continue=https://chrome.google.com/webstore/detail/yosearch-weather-tab/oaoknelgkigohopfbdjdhaehaagjmacf&gl=GB&m=0&pc=cws&hl=en-GB&src=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f886e4d2b1265fda2b7853b5919b0b0903486a358215b2a9dbd8dfbf8b25062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 09:54:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151995
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62492
x-xss-protection: 0
last-modified: Sun, 20 Mar 2022 18:03:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 09:54:51 GMT

GET
H3 200 googlelogo_clr_160x56px.svg
www.gstatic.com/images/branding/googlelogo/svg/ 2 KB
793 B 37ms
36ms Image
image/svg+xml 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/branding/googlelogo/svg/googlelogo_clr_160x56px.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfcf74187eb2a660ba6d14a4d6dceb59663d0540e80fa480d8e675a05d4e6596

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 21 Mar 2022 10:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 237898
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 768
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 21 Mar 2023 10:03:08 GMT

GET
H3 200 scene_cookie_wall_search_v2.svg
www.gstatic.com/ac/cb/ 9 KB
2 KB 36ms
35ms Image
image/svg+xml 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/ac/cb/scene_cookie_wall_search_v2.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

19124a04bdb4f8a55e6cd5b3f776a634b68c865d3db6d666be949f8f8a8b7d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 06:07:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 165624
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2040
x-xss-protection: 0
last-modified: Wed, 17 Feb 2021 20:45:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Mar 2023 06:07:42 GMT

GET
H3 200 keyboard_arrow_down_gm_grey_18dp.png
www.gstatic.com/images/icons/material/system/1x/ 150 B
174 B 37ms
36ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/1x/keyboard_arrow_down_gm_grey_18dp.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2aa4a5ece0f86deb2a8fa99bb7f621534025d6f2b6b4e6409b3e71390630cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 14:03:04 GMT
x-content-type-options: nosniff
age: 137102
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150
x-xss-protection: 0
last-modified: Mon, 13 Jan 2020 14:45:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 22 Mar 2023 14:03:04 GMT

GET
H3 200 keyboard_arrow_down_white_18dp.png
www.gstatic.com/images/icons/material/system/1x/ 119 B
144 B 37ms
37ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/1x/keyboard_arrow_down_white_18dp.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42f8ac5554252e21b00b0833e00471c4f99c7da83457c7992f68d49142b45a60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 13:24:45 GMT
x-content-type-options: nosniff
age: 571401
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 17 Mar 2023 13:24:45 GMT

GET
H3 200 check_black_24dp.png
www.gstatic.com/images/icons/material/system/1x/ 128 B
155 B 38ms
38ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/1x/check_black_24dp.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eea4c83b7ba7b9c7e2e0843e8d7f4593760cbc14281c9266632770111822b8f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:35:27 GMT
x-content-type-options: nosniff
age: 498759
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Mar 2023 09:35:27 GMT

GET
H3 200 check_white_24dp.png
www.gstatic.com/images/icons/material/system/1x/ 137 B
164 B 37ms
37ms Image
image/png 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/1x/check_white_24dp.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

968ae4bbcd17cc6a64e4f4e058044a00e3d7f4ce1b1be6de9ed3cee073998334

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:57:41 GMT
x-content-type-options: nosniff
age: 497425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Mar 2023 09:57:41 GMT

GET
H3 200 li_design_services_cb_v2_2_gm_grey_700.svg
www.gstatic.com/ac/cb/ 786 B
425 B 38ms
37ms Image
image/svg+xml 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/ac/cb/li_design_services_cb_v2_2_gm_grey_700.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4bbf18ecdafce3cbe5f0f059691a49706ae6fc6b1b8a3047319bd058b089bc0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 11:48:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58781
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 395
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 13:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Mar 2023 11:48:25 GMT

GET
H3 200 li_poll_cb_v2_2_gm_grey_700.svg
www.gstatic.com/ac/cb/ 449 B
277 B 38ms
38ms Image
image/svg+xml 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/ac/cb/li_poll_cb_v2_2_gm_grey_700.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edfeadeb5ab25c25f9435bcc24837768f82a2f5fe3f1867686386bd8ad80c65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 03:29:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 434330
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 13:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 Mar 2023 03:29:16 GMT

GET
H3 200 li_search_cb_v2_2_gm_grey_700.svg
www.gstatic.com/ac/cb/ 433 B
270 B 38ms
38ms Image
image/svg+xml 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/ac/cb/li_search_cb_v2_2_gm_grey_700.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4628dc2b4acecee4b58435efbeedd9849b0852a45f91d192d92aa77086a487ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 06:04:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 79440
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 13:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Mar 2023 06:04:06 GMT

GET
H3 200 li_magic_button_cb_v2_2_gm_grey_700.svg
www.gstatic.com/ac/cb/ 349 B
231 B 38ms
38ms Image
image/svg+xml 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/ac/cb/li_magic_button_cb_v2_2_gm_grey_700.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b994224a6029015cf79c53043b93eec61ecc650767ab99531ecb3bf4a254e79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 21:38:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 23398
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 13:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Mar 2023 21:38:08 GMT

GET
H3 200 li_shoppingmode_cb_v2_2_gm_grey_700.svg
www.gstatic.com/ac/cb/ 789 B
433 B 39ms
39ms Image
image/svg+xml 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/ac/cb/li_shoppingmode_cb_v2_2_gm_grey_700.svg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8517094dbd77b76569222b9b20cf18efb8a9d8bf91e980502edcec2d2b56edc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 23 Mar 2022 05:54:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80010
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 403
x-xss-protection: 0
last-modified: Tue, 01 Jun 2021 13:58:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/svg+xml
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 23 Mar 2023 05:54:36 GMT

GET
DATA 200
OK truncated
/ 267 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2c06c5b5c196c2ddbf057329c6e41a47eaeee1f084c84e582bbbd09cff633cb

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v14/ 21 KB
21 KB 32ms
32ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://consent.google.com/
Origin: https://consent.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:09:14 GMT
x-content-type-options: nosniff
age: 147532
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21700
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:43:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:09:14 GMT

GET
H3 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v14/ 21 KB
21 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://consent.google.com/
Origin: https://consent.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:16:09 GMT
x-content-type-options: nosniff
age: 147117
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21464
x-xss-protection: 0
last-modified: Mon, 22 Apr 2019 23:42:59 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:16:09 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ 15 KB
15 KB 39ms
39ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://consent.google.com/
Origin: https://consent.google.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 147001
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 22 Mar 2023 11:18:05 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/ck=boq-identity.ConsentUi.aScyNhjZmII.L.B1.O/am=AAv4ABA/d=1/exm=_b,_tp/excm=_b,_tp,mainview/esmo=1/ed=1/wt=2... 37 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/ck=boq-identity.ConsentUi.aScyNhjZmII.L.B1.O/am=AAv4ABA/d=1/exm=_b,_tp/excm=_b,_tp,mainview/esmo=1/ed=1/wt=2/rs=AOaEmlGU8AEDm3HLCCTCkSfdjsxi1dr9Cg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;BcQPH:lOY4De;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;vNjB7d:YTxL4;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=byfTOb,lsjVmc,LEikZe

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/am=AAv4ABA/d=1/excm=_b,_tp,mainview/ed=1/dg=0/wt=2/esmo=1/rs=AOaEmlEx55P2epyzwelPyGhWS2k1cxAqkA/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03c158eb2d5e668a661fdbd1c7cc0777bc95d48362428abc87d89d24cd1b4bac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151648
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13610
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:49:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 10:00:38 GMT

GET
H3 200 m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,UUJqVe,O1Gjze,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,m9oV,bXpTS,WCG2fe,O6y8ed,PrPYRd,MpJwZc,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,lfpdyf,VWuaCc,WpP9Yc... Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/ck=boq-identity.ConsentUi.aScyNhjZmII.L.B1.O/am=AAv4ABA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,main... 243 KB
86 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/ck=boq-identity.ConsentUi.aScyNhjZmII.L.B1.O/am=AAv4ABA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,mainview/esmo=1/ed=1/wt=2/rs=AOaEmlGU8AEDm3HLCCTCkSfdjsxi1dr9Cg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;BcQPH:lOY4De;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;vNjB7d:YTxL4;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=n73qwf,ws9Tlc,e5qFLc,GkRiKb,IZT63,UUJqVe,O1Gjze,xUdipf,blwjVc,fKUV3e,aurFic,COQbmf,U0aPgd,ZwDk9d,V3dDOb,m9oV,bXpTS,WCG2fe,O6y8ed,PrPYRd,MpJwZc,NwH0H,OmgaI,XVMNvd,L1AAkb,KUM7Z,lfpdyf,VWuaCc,WpP9Yc,s39S4,lwddkf,gychg,w9hDv,RMhBfe,SdcwHb,aW3pY,pw70Gc,EFQ78c,Ulmmrd,ZfAoz,xQtZb,PQaYAf,JNoxi,lPKSwe,QIhFr,yDVVkb,hc6Ubd,KG2eXe,SpsfSb,MdUzUe,VwDzFe,zbML3c,A7fCU,Uas9Hd,BVgquf,YTxL4,OgOVNe,pjICDe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77af373bfb5fe4127cd4fef99342fbfddc443b8e61b103d266adb5d5481b8538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 09:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87981
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:49:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 09:54:52 GMT

GET
H3 200 m=i5dxUd,i5H9N,wg1P6b,RAnnUd,PHUIyb,UMu52b,uu7UOe,nKuFpb,soHxf,qNG0Fc,ywOR5c,fkuQ3,Ndreoc Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/ck=boq-identity.ConsentUi.aScyNhjZmII.L.B1.O/am=AAv4ABA/d=1/exm=A7fCU,BVgquf,COQbmf,EFQ78c,GkRiKb,IZT63,JNox... 117 KB
33 KB 35ms
34ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/ck=boq-identity.ConsentUi.aScyNhjZmII.L.B1.O/am=AAv4ABA/d=1/exm=A7fCU,BVgquf,COQbmf,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,MpJwZc,NwH0H,O1Gjze,O6y8ed,OgOVNe,OmgaI,PQaYAf,PrPYRd,QIhFr,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VWuaCc,VwDzFe,WCG2fe,WpP9Yc,XVMNvd,YTxL4,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bXpTS,blwjVc,byfTOb,e5qFLc,fKUV3e,gychg,hc6Ubd,lPKSwe,lfpdyf,lsjVmc,lwddkf,m9oV,n73qwf,pjICDe,pw70Gc,s39S4,w9hDv,ws9Tlc,xQtZb,xUdipf,yDVVkb,zbML3c/excm=_b,_tp,mainview/esmo=1/ed=1/wt=2/rs=AOaEmlGU8AEDm3HLCCTCkSfdjsxi1dr9Cg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;BcQPH:lOY4De;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;vNjB7d:YTxL4;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=i5dxUd,i5H9N,wg1P6b,RAnnUd,PHUIyb,UMu52b,uu7UOe,nKuFpb,soHxf,qNG0Fc,ywOR5c,fkuQ3,Ndreoc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0784ec79d4cde7f8f1ec6d8f7c5c03cf1e2b4cf49bcedc6811bf3154cba4977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 10:07:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151229
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33812
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:49:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 10:07:37 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/ck=boq-identity.ConsentUi.aScyNhjZmII.L.B1.O/am=AAv4ABA/d=1/exm=A7fCU,BVgquf,COQbmf,EFQ78c,GkRiKb,IZT63,JNox... 6 KB
3 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.ConsentUi.en_GB.EH5AWqx8i8I.es5.O/ck=boq-identity.ConsentUi.aScyNhjZmII.L.B1.O/am=AAv4ABA/d=1/exm=A7fCU,BVgquf,COQbmf,EFQ78c,GkRiKb,IZT63,JNoxi,KG2eXe,KUM7Z,L1AAkb,LEikZe,MdUzUe,MpJwZc,Ndreoc,NwH0H,O1Gjze,O6y8ed,OgOVNe,OmgaI,PHUIyb,PQaYAf,PrPYRd,QIhFr,RAnnUd,RMhBfe,SdcwHb,SpsfSb,U0aPgd,UMu52b,UUJqVe,Uas9Hd,Ulmmrd,V3dDOb,VWuaCc,VwDzFe,WCG2fe,WpP9Yc,XVMNvd,YTxL4,ZfAoz,ZwDk9d,_b,_tp,aW3pY,aurFic,bXpTS,blwjVc,byfTOb,e5qFLc,fKUV3e,fkuQ3,gychg,hc6Ubd,i5H9N,i5dxUd,lPKSwe,lfpdyf,lsjVmc,lwddkf,m9oV,n73qwf,nKuFpb,pjICDe,pw70Gc,qNG0Fc,s39S4,soHxf,uu7UOe,w9hDv,wg1P6b,ws9Tlc,xQtZb,xUdipf,yDVVkb,ywOR5c,zbML3c/excm=_b,_tp,mainview/esmo=1/ed=1/wt=2/rs=AOaEmlGU8AEDm3HLCCTCkSfdjsxi1dr9Cg/ee=cEt90b:ws9Tlc;rXjWyb:VWuaCc;uY49fb:COQbmf;yxTchf:KUM7Z;qddgKe:xQtZb;dIoSBb:SpsfSb;zxnPse:GkRiKb;EVNhjf:pw70Gc;NSEoX:lazG7b;BcQPH:lOY4De;oGtAuc:sOXFj;eBAeSb:zbML3c;io8t5d:yDVVkb;j7137d:KG2eXe;Oj465e:KG2eXe;ul9GGd:JrBFQb;sP4Vbe:VwDzFe;kMFpHd:blwjVc;NPKaK:SdcwHb;pXdRYb:MdUzUe;nAFL3:s39S4;iFQyKf:QIhFr;vNjB7d:YTxL4;SNUn3:ZwDk9d;LBgRLc:SdcwHb;wR5FRb:O1Gjze/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea0db49edbd0d82be3b58b8446961f92ba4e749fc7f24e133d49a0c828a11bc3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://consent.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 22 Mar 2022 09:54:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 151994
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2839
x-xss-protection: 0
last-modified: Thu, 17 Mar 2022 00:49:17 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 22 Mar 2023 09:54:52 GMT

POST
H2 200 log Show response
play.google.com/ 131 B
521 B 116ms
44ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://consent.google.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 24 Mar 2022 04:08:06 GMT
content-encoding: gzip
server: Playlog
access-control-allow-headers: X-Playlog-Web
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://consent.google.com
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131
x-xss-protection: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvrcVbZAyTKgTMBEZQJn5MpC7GQe3I4V56vGe3mcuejWalkFmY3EnE3xeBkogHiu2WvgayGfD60kQrEBsfAv2fnr2mG5UEsZ4hFAbvsH8rfyAA9dsoOGg&sai=AMfl-YS5KGuEBsiHVMBUGHQi32HtjLFe8hfqQXKGS6QpCKfJwoRX6gO4LCfY4woi5mb9tiTVHw4djNqhp4Ra&sig=Cg0ArKJSzIqwbs64duvREAE&id=lidartos&mcvt=727&p=0,0,280,1074&mtos=727,727,727,727,727&tos=727,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3397636257&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1648094882252&rpt=851&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstz4Uiwha-LuprrYn39ld8-RWNatjMRnytltsLrMSZpBbA1WEDpUYmHjlQfFd1QcnjYFrlI6RI7BjIHNgzsqTSF9FHKx3i-szS7xMH4NWVdfB0H9zoeeQ&sai=AMfl-YTxxE3tS8AayxII2mmLBHR2hfK7O4faXHt1gMVI3AtcZGHqQKY9wqDYSwpkjdg-XASp5Kb8VOr15dHK&sig=Cg0ArKJSzNp2SoH6kC3qEAE&id=lidartos&mcvt=0&p=0,0,600,160&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=4&adk=3595555304&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1648094882262&rpt=530&ec=0&met=mue&wmsd=0

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1ffJtXZCkpcmI4z26K_-sMu6AO4YM3rCHuUQndLYXoFvdpI0JRG7Awp0jDmgpOMOTTmdqAcy98Tvko12OdMk-7PDnNkPBiD6YjanlyNJnPpghGSaY7w&sai=AMfl-YQouXZ99VA0xShCi0jC4lWFhT-XZCHZ5K9lH9JQADDHiToGNBSH5oXUPoLy-F56GsY4CpBkjbxZAc35&sig=Cg0ArKJSzEdCGroy_QsTEAE&id=lidartos&mcvt=0&p=0,0,280,1200&mtos=0,0,0,0,0&tos=0,0,0,0,0&v=20220323&bin=7&avms=nio&bs=0,0&mc=0&if=1&vu=1&app=0&itpl=22&adk=2896405366&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=3&r=b&rst=1648094882266&rpt=717&ec=0&met=mue&wmsd=0

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

23 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
kodeksy.com.ua/	1970-01-20 05:09:50	Name: last_pages_name[0] Value: %D0%93%D0%BE%D0%BB%D0%BE%D0%B2%D0%BD%D0%B0
kodeksy.com.ua/	1970-01-20 05:09:50	Name: last_pages_url[0] Value: %2F
.kodeksy.com.ua/	1970-01-20 19:19:26	Name: _ga Value: GA1.3.2126350178.1648094882
.kodeksy.com.ua/	1970-01-20 01:49:41	Name: _gid Value: GA1.3.444522347.1648094882
.kodeksy.com.ua/	1970-01-20 01:48:14	Name: _gat_gtag_UA_17274968_3 Value: 1
.kodeksy.com.ua/	1970-01-20 11:09:50	Name: __gads Value: ID=5af0aa28f09a6625-228fd27663cd0009:T=1648094882:RT=1648094882:S=ALNI_MaaPR_j5nDFPqHela1kiev3iCgVIw
.doubleclick.net/	1970-01-20 11:09:50	Name: IDE Value: AHWqTUldHNmCXrrJzJ2Tq3H_c62X89W4-XPD2ZFTe2Jke0oRbE7zMzIsHMIKBQ9RSS0
.kodeksy.com.ua/	1970-01-20 10:33:50	Name: _ym_uid Value: 1648094883654700993
.kodeksy.com.ua/	1970-01-20 10:33:50	Name: _ym_d Value: 1648094883
.yandex.ru/	1970-01-20 10:33:50	Name: yandexuid Value: 8999150581648094882
.yandex.ru/	1970-01-20 10:33:50	Name: yuidss Value: 8999150581648094882
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1511183401648094882
.yandex.ru/	1970-01-23 17:24:14	Name: i Value: 8dpcgwNIBU71arbZByZQPd/Uue8YOvKXvk2Y7abcMfwzEMQK4YoBs4c06uPjb7zba+eJSs6FGiYJd3td80NkgTEfRH0=
.yandex.ru/	1970-01-20 10:33:50	Name: ymex Value: 1679630882.yrts.1648094882#1679630882.yrtsi.1648094882
.kodeksy.com.ua/	1970-01-20 01:49:26	Name: _ym_isad Value: 2
.doubleclick.net/	1970-01-20 01:48:18	Name: DSID Value: NO_DATA
widget.info-static.ru/	1970-01-20 01:49:41	Name: __lagalaxy_ds_cookie_test Value: test
widget.info-static.ru/	1970-01-20 01:49:41	Name: __legalaxy_ds__st__chat Value: {%22sign%22:%22a57ef5e2e0665c0e23cb6af5c7688ae1%22%2C%22data%22:{%22name%22:%22NO-SPLIT%22%2C%22value%22:0}}
.info-static.ru/	1970-01-20 10:33:50	Name: _ym_uid Value: 1648094883682185654
.info-static.ru/	1970-01-20 10:33:50	Name: _ym_d Value: 1648094883
.info-static.ru/	1970-01-20 01:49:26	Name: _ym_isad Value: 2
.google.com/	1970-01-20 19:19:26	Name: CONSENT Value: PENDING+476
consent.google.com/	1970-01-20 02:31:26	Name: OTZ Value: 6429848_56_56__56_

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
chrome.google.com
code.jquery.com
config.widget.info-static.ru
connect.facebook.net
consent.google.com
dionysia-phr.com
dkjfhuyd.fivetrafficroads.com
fonts.googleapis.com
fonts.gstatic.com
geo-db.feedot.com
googleads.g.doubleclick.net
kodeksy.com.ua
korespodent.net
mc.yandex.ru
momad.ru
pagead2.googlesyndication.com
partner.googleadservices.com
play.google.com
stat-feedot.ru
stats.g.doubleclick.net
tpc.googlesyndication.com
widget.info-static.ru
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
pagead2.googlesyndication.com
142.250.186.98
165.232.142.149
2001:4de0:ac18::1:a:1b
2606:4700:3031::ac43:a76d
2606:4700:3035::ac43:c131
2a00:1450:4001:809::200a
2a00:1450:4001:809::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2001
2a00:1450:400c:c0c::9d
2a02:6b8::1:119
2a03:2880:f01c:216:face:b00c:0:3
52.73.81.10
82.202.220.203
82.202.220.204
03c158eb2d5e668a661fdbd1c7cc0777bc95d48362428abc87d89d24cd1b4bac
088e7de337a0203dae7173ef90488c347769c601b61014939ab520a32c432201
0c13422d50cbe999f79243901db83ea8a26b8004e4802e955ac7e44088b7a9c3
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
1153a9b753f8da554cc728c8c3430cb194c346e6d07bcdee9f7b3bbbdd5bfbc8
17584c41820525c375fc66effa1bb99b6dd0a570fbcdc4668b99f775bc3300b2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19124a04bdb4f8a55e6cd5b3f776a634b68c865d3db6d666be949f8f8a8b7d48
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
1e0ed38ff8e6d6a5cd264a3966331fcbc875a5d4345e5ffe4c24acae0fc9794d
1f886e4d2b1265fda2b7853b5919b0b0903486a358215b2a9dbd8dfbf8b25062
2a3046a9ebd763470ad803a76bbcc050024483900a4500b265620c6a2a8b20ec
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b994224a6029015cf79c53043b93eec61ecc650767ab99531ecb3bf4a254e79
2dc803ec47747817fefdfa2975d563583c60e2a689537a38ee2215ec39ce88af
2f6f908ee4faaf5ecb71c7963488832a67c73cde360938b6c9121b6fa771d230
30de69c01f8eb6cb0ab7b040f02316728cb490669cbf084aad71c06a708ed1ff
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41a65d5276c8d1b2c5f16f1a833a45e0a4882516f806938c340b6a93fb7a25bf
42f8ac5554252e21b00b0833e00471c4f99c7da83457c7992f68d49142b45a60
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4628dc2b4acecee4b58435efbeedd9849b0852a45f91d192d92aa77086a487ff
495ab245361570d78d65fb2345947fb30427fae08d8614262c524eaf446c0302
4ad5e9dea686cd0ba195c6b4199fa62d256b56a557f34865be5a88ca1231bfa8
4b13da96a6ed68cd6af2fc3840e8412cf0f164568578874ffd77dafbed230e1a
4bbf18ecdafce3cbe5f0f059691a49706ae6fc6b1b8a3047319bd058b089bc0f
4bec998e1b05cf23bc04e91b2e7123e6fa366e33bb9ba36b326a86b16785d97c
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
513c30585990cb95d7aa5ee9816cf235145eaa650bdc4bb060db233be01b17b1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
56b292bab6c777111694aa0bffda487c3108b1e83091ea8471e316272f9d1aff
5ce217adde05dc0d170d3b8f5d544dc16f10649c885a3eec0366868310b75fca
621862a354d0ddb59e386052f61e2df6b219ccf923d9feac54008faa22d9ef2c
623b7045e8d685e2b2d2491159acfcdc5766eb1637b7c998af08551124038401
63e297c5f7ffed6f6cb72b4c970e02f696c312b317c9b6fd30b5c9b0829c5ad9
677dbbf8ff43e504782de9868bb7426c81b3679879be9f18402e62563e42576e
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
6c24799e77b963b00401713a1dbd9cba3a00249b9363e2c194d01b13b8cdb3d7
6e4ecc1285834741dcbb12a01850237023ca5f23b149faff5781247e699197ab
6edfeadeb5ab25c25f9435bcc24837768f82a2f5fe3f1867686386bd8ad80c65
77af373bfb5fe4127cd4fef99342fbfddc443b8e61b103d266adb5d5481b8538
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8c5ac53f510d53f32e3042df2fd35bab3b918b6daa8beb0c43f80b928242ea57
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
968ae4bbcd17cc6a64e4f4e058044a00e3d7f4ce1b1be6de9ed3cee073998334
9b71a8416df17291a2e8190d9e6f4a7b74812073985c8bc324179a9ec6416fcb
9ce79ce26140a662f35113ab302e3bde45e5eac490fa260bf61f7aa15c6b4730
a18d27b1d95940d8d4569678359bc81a23763330a938f3843b64e5d9d719957d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a20c98f2f22e3734c9aed251f226676e977492c50c5949cc892c2fe60eafb78a
a40c7fda2ce61112e1637b28caece81e9a701ff723f7781839287fe03c15a520
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a67d07f733785876b3192826e76f537e2b9dc0be172ce52c773d30d65f712a07
a68e49920c432a50fb1dc00e8b9ea58b266f66a9ecd59a7f90b5ddd2fe02c7d6
ae3a15a3e9733515bb33d29c4820b33c0bcaf30a522fd034ea68d104939901d3
b2aa4a5ece0f86deb2a8fa99bb7f621534025d6f2b6b4e6409b3e71390630cbd
b32e2a199c3c9352689ae64546f5d70094b7208f0188067d7f583982f9886ef1
b8517094dbd77b76569222b9b20cf18efb8a9d8bf91e980502edcec2d2b56edc
b968113e586107906911e61864086ba097b7b45cf857c0de3c4fd20963a90e61
ba295598fc3ee1ec8852b0aabe7c47937e67ff44844bbd4297a91e6baab14f43
bf54609e418b0573c7a537e5b9ad28ac05f0ea7fcef23a0880435b53d4f12d0c
bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
bfcf74187eb2a660ba6d14a4d6dceb59663d0540e80fa480d8e675a05d4e6596
c075e353c0df1f5005c652ea8e3221dee5951e8f00bfa35151f9b4382bac25e1
c12f4d3943c8a81374ae586d265346a563866e7f612d067f79dec4f47475f303
c395b5122c45194cd616064e8b5cd68d3fa0f9a8bfe2df8a376ddabdaf5e2f10
c4ce821a6b36fd4c50dd004fd0a5f183f2a57109f0697d7cb45a41a426dcde68
c695c21a6e2889177f0b2af3f3e4a98cd00390d6e96ba8c6cf844b188a02b803
c71eda6e9ebe8a146f9ee526becef5cd9986305be443235b1cbd1c2e2fa08da1
ca6a66df9f553a2e58def432b02f42f4f399f23abebe4f303b7b77107a2bd72b
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d0784ec79d4cde7f8f1ec6d8f7c5c03cf1e2b4cf49bcedc6811bf3154cba4977
d2c06c5b5c196c2ddbf057329c6e41a47eaeee1f084c84e582bbbd09cff633cb
d38b9b84f05c24d0d34831449c968f28f4218f46ac4a292e8e013ae3fcf0894a
d76745ce0acb397a4d3928b989b2084d63f28147fc9de734bd3378d33ac30e81
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d83dacb1d7c78c7fc41af51f2c3577443904fb35de08069cc8aa216594bbfd2e
d97ba588b468002def8432bca43faeb4a0422874b50efcd2e68ddf53f824c878
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea0db49edbd0d82be3b58b8446961f92ba4e749fc7f24e133d49a0c828a11bc3
eb8b7fd514481512414c948d76ef731124240a9368e2272a9d6570483b47fbab
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
eea4c83b7ba7b9c7e2e0843e8d7f4593760cbc14281c9266632770111822b8f9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd605e1c67722f8fbdb6a2bf7f5b7b6abe5e22b572d8b995ea3055af306048d
f1cbb4ee5a64838a9790c083276ab3c55600b93cdcccc95ad3e7daa61a21e4f1
f4158f3737728c018c669913cb03f5f306370e8cd4d6869dd0aa493f42bcf29a
f54989f34875f0707fe1af46ef810e1d53c869eb634e8e35b4fbc207b26a3732
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
fc4355189b6dc16c9d774b5217ec6b1ade321882d4fdfd8dca1b2a9978568f23
fe1a2c376db6f38f7c729c47fbd45414641b0e3e22015a26334ea4f57fd5ad35
fe7c8405e37004d602afbe6206d9854a060a7dc88894356b62fac9a20fa1e898

consent.google.com Open in urlscan Pro 2a00:1450:4001:809::200e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

129 Requests

96 %HTTPS

81 %IPv6

21 Domains

30 Subdomains

24 IPs

5 Countries

1997 kBTransfer

5179 kBSize

23 Cookies

6 Outgoing links

Page URL History

Redirected requests

129 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

consent.google.com Open in urlscan Pro
2a00:1450:4001:809::200e Public Scan

Screenshot
Live screenshot

Full Image

129
Requests

96 %
HTTPS

81 %
IPv6

21
Domains

30
Subdomains

24
IPs

5
Countries

1997 kB
Transfer

5179 kB
Size

23
Cookies

129 HTTP transactions
6 data transactions