ogolosha.ua Open in urlscan Pro
37.187.135.210 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ogolosha.ua/
Effective URL:
https://ogolosha.ua/
Submission: On December 04 via api (December 4th 2022, 1:49:37 am UTC) from GB — Scanned from GB

Summary HTTP 162 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 32 domains to perform 162 HTTP transactions. The main IP is 37.187.135.210, located in France and belongs to OVH, FR. The main domain is ogolosha.ua. The Cisco Umbrella rank of the primary domain is 996055.
TLS certificate: Issued by R3 on October 14th 2022. Valid for: 3 months.

This is the only time ogolosha.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	37.187.135.210 37.187.135.210	16276 (OVH) (OVH)
14	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:a00... 2a04:4e42:a00::282	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f04... 2a03:2880:f045:10:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f14... 2a03:2880:f145:82:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
12 36	2600:9000:20e... 2600:9000:20eb:4c00:18:ad79:1380:21	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1 2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
4 4	184.30.16.79 184.30.16.79	16625 (AKAMAI-AS) (AKAMAI-AS)
10	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2a05:d01c:1d8... 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf	16509 (AMAZON-02) (AMAZON-02)
7	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12 12	3.71.227.10 3.71.227.10	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:2638:1::8 2a02:2638:1::8	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::17 2a02:2638:1::17	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:26f0:480... 2a02:26f0:480:9::210:ee0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f02... 2a03:2880:f02d:5:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1 1	35.157.182.139 35.157.182.139	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
162	38

25 37.187.135.210 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3125388.ip-37-187-135.eu

ogolosha.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.ogolosha.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f145:82:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2600:9000:20eb:4c00:18:ad79:1380:21 (United States) 12 redirects

ASN16509 (AMAZON-02, US)

d1opu7v3g3cdvy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.30.16.79 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-79.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 3.71.227.10 (Frankfurt am Main, Germany) 12 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-227-10.eu-central-1.compute.amazonaws.com

lnkwsh369f.execute-api.eu-central-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:9::210:ee0e (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f02d:5:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.182.139 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-182-139.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	cloudfront.net 12 redirects d1opu7v3g3cdvy.cloudfront.net	165 KB
25	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	335 KB
25	ogolosha.ua 1 redirects ogolosha.ua — Cisco Umbrella Rank: 996055 api.ogolosha.ua	887 KB
19	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 73 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 290 cm.g.doubleclick.net — Cisco Umbrella Rank: 194	61 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 267	228 KB
12	amazonaws.com 12 redirects lnkwsh369f.execute-api.eu-central-1.amazonaws.com	2 KB
11	criteo.net static.criteo.net — Cisco Umbrella Rank: 626 pix.eu.criteo.net — Cisco Umbrella Rank: 7558 csm.eu.criteo.net — Cisco Umbrella Rank: 7664	37 KB
6	google.com www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 4715 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 441 tps.doubleverify.com — Cisco Umbrella Rank: 457 tpsc-eu3.doubleverify.com — Cisco Umbrella Rank: 8979	110 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1421	3 KB
3	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14123 ads.eu.criteo.com — Cisco Umbrella Rank: 7505 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9397	42 KB
3	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3337 adservice.google.co.uk — Cisco Umbrella Rank: 5290	1 KB
2	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 1519	684 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 419	2 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 658	1 KB
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1403	414 B
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 629	798 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 182	96 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	203 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	124 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 134	112 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	20 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 154 partner.googleadservices.com — Cisco Umbrella Rank: 859	18 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 37	1 KB
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 873	356 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 613	763 B
1	atdmt.com ad.atdmt.com — Cisco Umbrella Rank: 3790
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 203	5 KB
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 292	460 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1340	417 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
162	32

	Domain	Requested by
36	d1opu7v3g3cdvy.cloudfront.net	12 redirects ogolosha.ua
19	ogolosha.ua	1 redirects ogolosha.ua
18	s0.2mdn.net	ogolosha.ua s0.2mdn.net
14	pagead2.googlesyndication.com	ogolosha.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
12	lnkwsh369f.execute-api.eu-central-1.amazonaws.com	12 redirects
11	tpc.googlesyndication.com	googleads.g.doubleclick.net ogolosha.ua tpc.googlesyndication.com pagead2.googlesyndication.com
10	cm.g.doubleclick.net	ogolosha.ua googleads.g.doubleclick.net
7	static.criteo.net	ads.eu.criteo.com
6	api.ogolosha.ua	ogolosha.ua
6	googleads.g.doubleclick.net	www.googleadservices.com pagead2.googlesyndication.com ogolosha.ua googleads.g.doubleclick.net
4	e.dlx.addthis.com	4 redirects
4	www.google.com	ogolosha.ua googleads.g.doubleclick.net tpc.googlesyndication.com
2	cdn.doubleverify.com	s0.2mdn.net ogolosha.ua
2	csm.eu.criteo.net	ads.eu.criteo.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.facebook.com	ogolosha.ua
2	www.google.co.uk	ogolosha.ua
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	www.googletagmanager.com	ogolosha.ua www.googletagmanager.com
2	connect.facebook.net	ogolosha.ua connect.facebook.net
2	www.google-analytics.com	ogolosha.ua www.google-analytics.com
1	tpsc-eu3.doubleverify.com	cdn.doubleverify.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	cdnjs.cloudflare.com
1	odr.mookie1.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	ad.atdmt.com	googleads.g.doubleclick.net
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl.eu.criteo.com	ads.eu.criteo.com
1	pixel.rubiconproject.com	1 redirects
1	googleads4.g.doubleclick.net	ogolosha.ua
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	region1.analytics.google.com	www.googletagmanager.com
1	polyfill.io	ogolosha.ua
1	www.googleadservices.com	ogolosha.ua
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
162	47

This site contains links to these domains. Also see Links.

Domain
m.ogolosha.ua
craftoil.ogolosha.ua
vlasnahata.ogolosha.ua
magsergeykobzar.ogolosha.ua
magvictorlitovsky.ogolosha.ua
rmbt.ogolosha.ua
avtolimo.ogolosha.ua
setmotors.ogolosha.ua
kubrealtyestate.ogolosha.ua
magic.ogolosha.ua
agroshina.ogolosha.ua
rdsprom.ogolosha.ua
pricep.ogolosha.ua
ua.depositphotos.com
retailradio.online
iamradio.tv
vionsy.com
mediaretail.com.ua
www.facebook.com
www.instagram.com

Subject Issuer	Validity	Valid
ogolosha.ua R3	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q1	`2022-03-08` - `2023-04-09`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-09-12` - `2022-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-14` - `2023-01-13`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-10` - `2023-01-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2022-09-12` - `2022-12-11`	3 months	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://ogolosha.ua/
Frame ID: D29286500E00A5AA383CC834EF545749
Requests: 70 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: 505591D12BF04BBA0AEE0E95B443F019
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&adk=1812271804&adf=3025194257&lmt=1670118570&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fogolosha.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570115&bpp=4&bdt=361&idt=286&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7085640242052&frm=20&pv=2&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303
Frame ID: 5DB8CBD6E0B8BDFA338F75B60F83CF6E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309
Frame ID: 90FE6DFA2E34122995DA606C2AAECF8E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309
Frame ID: CD2399F6E89B9CABC3F668D31E85F3BA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=3770977671&adk=355968364&adf=427558073&pi=t.ma~as.3770977671&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570121&bpp=1&bdt=366&idt=469&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1320&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=t3glS548rT&p=https%3A//ogolosha.ua&dtd=472
Frame ID: DCD70F1DAFCB0EB17A7B494933977DFB
Requests: 9 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E97893153F76E8880471FF49A72C8305
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4v8qgAJtCUHg4WdAAX3UxztJRy1-8niBdMdcg&u=%7CZRBdA4otD%2BRQkwh0WpW6oQqQha1TPKKyYRWcXoirQ38%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phh4lo32BGON0tQr51eqYYJnmjWGHIgHgOp5zvz9rLv69BZV1oa0dLQCO-mPTRgCyxg9XoTE0nJklH7BNL5tw4WQ28hf-Li6YPGg374VSOUexlB_yEEQHsB4ukrP64o49kWMrdMAszP4l0lPehjjj5oTFI7ugrVXRcGrs-P4VvuvipLLyOHRqO9a-MDIHEXgHUSAIAcUumucFHsIiwR-IhtS0FSZ1CGr-xkrXFfoEZ0F3KDE4z85IEaRnrxq0S9I3Yw8b-xIuG16gltMTGYuKuO1JxvSeXxZId6j2PhDr-c0_yHIMAeLYl1ZEuHI6VJsfzaQMjxbH2XaU0rLXme8QuLNxyxNmfTz6IAvMd1IzrMt80yD1omtL0nbo_sWDVzQmEwEbXWeLNo-EgMVGLUnz-Z72CXJfI_KRhY_CkgpNgqP6bTGfwlYAddXiu83gzYs8N6NXWIM2QaAeioXNKwm8P0MYE0ST2gO91OrjqojXGjhd4vqc0T9dODZCe5P5NOpL51icVmVdAKuL-tzN5p8CZ-edxokKTsiE1jjCE2cVSAXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsZtMqvyLY6XoJp2LjuwP0-6XqA_kj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yMjkyMTYzMDY2ODI2NTI4yAEJqQKtCl7YGpq0PqgDAaoEsgFP0E340s37r66gU5Icbh9L7r20KkcP9jnK1i86vdqJlg4QBYJULZME95yipMoXz9NeM6yweOF7Y_yGA74h0sfOjwETdmutiwHfZOWcjaZiPy0aL2Hu_Nj_Hq6wu1K4YVDTec4I7u5HsQdrQCJvtLPlHhTMBlFj5vd-t1paGQPdsL_9KoH9PCRDljyDkKvnQsGkw-yCDQ1CeT7GwWD8akx2myYb4bPu_aZGd9pqMFG0afaDgAaCrObDkNW8u4UBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nUtPUZXovUT_KLFQRZIPhgIhMLg%26client%3Dca-pub-2292163066826528%26adurl%3D
Frame ID: 365E93798657C295B13B6759BDD0D1A4
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D929151F7B5A1A6EA8D5B5E1075F59A7
Requests: 9 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsun4ckaRUqYn61RAt_wNafA4hJjdVmAY68bxGahiCuwFGfeZmfWfO9kdbhD5TDbZs6cT9Zkfpd9EByAlfZdHoVxUabqbzAo4dwxr7E0ceEiad2qWVQYTzcTNsvMPQzWwKg7Ugb9Djr92r1D3VQ-icP_V0gkP7TusvAoieUNbXYm__D9YoTgiUBWDnnc8BJqmL40jdEOBYz60trsACqTe9BRlucYGW3gpKCsQZUGAd3Utt3xPODtRR8f11xcI1eeu05t7dQVLMthe-eRFI1ixu3Guj-V8xs0o2tvD_NGJbkMtjocmi65fCn3-qbblijD6DFDGdu_KQBSWQ_hMwY50fXHEUxtIdmbn_kNg-sh0CKEpB_inLKIGj8rKvnyFNC59pr8igmHXqKUeDfgOiOeVfLry6n-ZMKrIwySsTUX6_C18Ie6dW41gOeem4p1ljSPRUiICUml4sJT05PWluXibNH-7_baxknMBnK4rL7TfwMit7wiz1W_NT7zc2s3EPG3lMoSeThBobwoRw7R4U_TIZVJTmZZ8kDJnAmy1dUuF2E2IwEnaBADqh03d5MzCIWzSha5_yAcZvnEVBT7NOl-2wG9TaS10PPeceem8VR9Fy5XUN_dOGoLnxjJQmVGAEHqDwoFPrv0Y1SkbaxQExd2ScJ1imeoyjeKm_AjUc9Iyt6Sr-sNpvMNe3j2p1mgkwbb8AHSpqHuIA-58H4ya_zDM-vSj6KojhiuSUYBFrYJMUTyNtGLot04MF9pbVPTMamifwBkRd8H-RmtHXC-g5LtzAQMWm7J3CMdtPdqr5CiKyWEQCd-zZHkGrddaroE2ZvIjQXWdRgDspcDy00mi6debabL-vQww_y6NTJpsf_9p6WqPlbgIlxCAWW2UOHoH9F_7My6fCFq_vrYf_FrgWgmxMh0Cexmw5nXbRpbdzqcRrT1AfvFYM4YRxwD9_zUWR4xNSyzyf9tJmJ46lJsL5aF2yw4nzmsCnhFDr2PXG0St4pPm0CMfssZtml9u3f36h4Zw_h-xjk&sai=AMfl-YRd7klze7RzKZd830bggMaip7QI5vRi5BDskgQMom1NZ3PRVRLn09I0qFjLOi6aohiMDrnnjFn9ZKVI1F3eAngRsFW8UTFJaUhsDoSatDFqMIGfTGw4utJvl4xOGyvp-NVTyDVFzB1EJtHW4d4WBcVZRu0Cyr2jAb_8JfA3THjtaG3lmbNc_ev_dq_DKBVeQCVnysflw5tuuA-97Ibv3jtgLPvgVCx481uJyQOPOGGvoTnq5aXdXYuTSCzehhSAZh8jWW4fDsH1laVVcP3f-SDP5edmgDdLhpDsLafl0G32SCK-CrElLOMwEc4&sig=Cg0ArKJSzGnzYcnYjOV0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 715FF45FD41A07AA82A2B149B0B872B5
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7F5F2AE1C634D44C1CD20DFAEC1D9AFF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B7263D64045FF05A253E414C906F9400
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
Frame ID: 75D07AC2B5F870532AB72C8E7FE64639
Requests: 18 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3296.js
Frame ID: B6462B674D95E1DCB966E02202099819
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D62E6D99887D7760A56A2D931837CF34
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6846C55AD4C6A3D42158F0D29D1AD41D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Доска бесплатных объявлений ОГОЛОША. Покупка, продажа, обмен.Найти

Page URL History Show full URLs

http://ogolosha.ua/ HTTP 301
https://ogolosha.ua/ Page URL

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

Page Statistics

162
Requests

86 %
HTTPS

67 %
IPv6

32
Domains

47
Subdomains

38
IPs

7
Countries

2258 kB
Transfer

5451 kB
Size

33
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://m.ogolosha.ua/ru/

Search URL Search Domain Scan URL

URL: https://craftoil.ogolosha.ua/
Title: Алексей МамаевКомпания Craft Oil є українським виробником натуральних сиродавлених олійТМ Craft Oil спеціалізується на виробництві якісної нерафінованої олії, видобутої в процесі холодного віджиму на дубовому пресі

Search URL Search Domain Scan URL

URL: https://vlasnahata.ogolosha.ua/
Title: Власна ХатаАгенція нерухомості «Власна хата» до ваших послуг!

Search URL Search Domain Scan URL

URL: https://magsergeykobzar.ogolosha.ua/
Title: mag.kobzarСергей Кобзарь – сильный и потомственный маг, колдун, знахарь и экстрасенс. Автор карт Таро. Участник 14 сезона битвы экстрасенсов Украины. Верховный маг Ордена Древних Богов (Украина), член ордена династических рыцарей.

Search URL Search Domain Scan URL

URL: https://magvictorlitovsky.ogolosha.ua/
Title: mag.litovskyВіктор Литовский – чорний маг, екстрасенс, некромант та таролог.Учасник міжнародної битви екстрасенсів 21 сезон в Україні, лауреат Міжнародної премії Вольфа Мессінга в Україні 2018, автор карт Таро, Верховний маг культу Стародавніх Богів, Рицар ордену Династичних рицарів.

Search URL Search Domain Scan URL

URL: https://rmbt.ogolosha.ua/
Title: Сервіс маркет "Ремпобуттех" Запчастини для ремонтуСервіс маркет "Ремпобуттех" Запчастини для ремонту побутової техніки

Search URL Search Domain Scan URL

URL: https://avtolimo.ogolosha.ua/
Title: olg2405- аренда лимузинов - аренда авто на свадьбу - аренда VIP авто - прокат внедорожников - аренда ретро авто - прокат кабриолетов - тест драйв спорткаров - прокат авто без водителя - услуги Party Bus Monster Truck Monster Buggy - заказ микроавтобусов и больших автобусов - украшения свадебных машин

Search URL Search Domain Scan URL

URL: https://setmotors.ogolosha.ua/
Title: SetPiston -запчастини двигуна DAF, MAN, MercedesЗапчастини двигуна для вантажівок: DAF, MAN, Mercedes, Renault truck, Volvo, Skania, Iveco

Search URL Search Domain Scan URL

URL: https://kubrealtyestate.ogolosha.ua/
Title: АН КУБВідновлення втрачених через війну документів на нерухоме майно Вирішення питання втраченого житла в наслідок руйнувань (Ці послуги будуть працювати повноцінно після закінчення війни) Купівля, продаж всіх видів нерухомості - квартири, будинки, земля, комерційна нерухомість Інвестиційний консалтинг -

Search URL Search Domain Scan URL

URL: https://magic.ogolosha.ua/
Title: kontanistovmagАлександр Контанистов - маг, экстрасенс с более чем 15ти лет опыта личных приемов

Search URL Search Domain Scan URL

URL: https://agroshina.ogolosha.ua/
Title: АГРОШИНА 0507773380Компания "АГРОШИНА" ☎️ 0507773380 официальный представитель в Украине шин торговых марок (брендов) всех шинных заводов.🌐 Агрошина.укр ☎️ 0800 401011 Бесплатные звонки по Украине ☎️ 0507773380

Search URL Search Domain Scan URL

URL: https://rdsprom.ogolosha.ua/
Title: RdsPromАрмійське спорядження та засоби індивідуального захисту

Search URL Search Domain Scan URL

URL: https://pricep.ogolosha.ua/
Title: Кремень+"Корида-Тех"Производство и продажа легковых прицепов, одноосные, двухосные, спецприцепы, лодочные прицепы.

Search URL Search Domain Scan URL

URL: https://ua.depositphotos.com/music.html

Search URL Search Domain Scan URL

URL: https://retailradio.online/

Search URL Search Domain Scan URL

URL: https://iamradio.tv/

Search URL Search Domain Scan URL

URL: https://vionsy.com/

Search URL Search Domain Scan URL

URL: https://mediaretail.com.ua/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/groups/ogolosha/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/ogolosha_ua/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ogolosha.ua/ HTTP 301
https://ogolosha.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZmb_Rp7_VyJSitPk1uC5nijIjO0bRuIfMGQ0JZsFyQTikAO9DYugPKHZc8sV2tBhM-rUNA3cJCyw8H0cUS7q4fV6gYgis&google_gid=CAESEOuY_ECKpM-ticXkIxVrS1Q&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZmb_Rp7_VyJSitPk1uC5nijIjO0bRuIfMGQ0JZsFyQTikAO9DYugPKHZc8sV2tBhM-rUNA3cJCyw8H0cUS7q4fV6gYgis&google_gid=CAESEOuY_ECKpM-ticXkIxVrS1Q&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDQwMTQ5MzEwMDAxMzYxMzg2MjE2NQ%3D%3D&google_push=ASkJ3FZmb_Rp7_VyJSitPk1uC5nijIjO0bRuIfMGQ0JZsFyQTikAO9DYugPKHZc8sV2tBhM-rUNA3cJCyw8H0cUS7q4fV6gYgis

Request Chain 84

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEASO8EfboIgOWFKT_q8qcAI&google_cver=1&google_push=ASkJ3FYTdW6tfArhKP-g2itk8gPVwms_JgOg7bOlvCSuKW0S8aiI6fC74z8BOKNd4RhP_2ZpMMTrby3BbubYoe362R1ol5XFVXE HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEASO8EfboIgOWFKT_q8qcAI&google_cver=1&google_push=ASkJ3FYTdW6tfArhKP-g2itk8gPVwms_JgOg7bOlvCSuKW0S8aiI6fC74z8BOKNd4RhP_2ZpMMTrby3BbubYoe362R1ol5XFVXE&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_gL2keIRTyWwexNYcFeQwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYTdW6tfArhKP-g2itk8gPVwms_JgOg7bOlvCSuKW0S8aiI6fC74z8BOKNd4RhP_2ZpMMTrby3BbubYoe362R1ol5XFVXE

Request Chain 85

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG997Z0qr3ie68WO--MrhX4&google_cver=1&google_push=ASkJ3Fa-116dmyY34oRvqBwwvMukri-WpIaOhL-O7Sr48yW1X_OrtiOPXe4v17eCL18XL6ztiihBoBuedrsUw2oxziCRsmz0uXU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI4UEg1ME0tMjctMjcwTg==&google_push=ASkJ3Fa-116dmyY34oRvqBwwvMukri-WpIaOhL-O7Sr48yW1X_OrtiOPXe4v17eCL18XL6ztiihBoBuedrsUw2oxziCRsmz0uXU

Request Chain 86

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMC_mVRkShj1vT7nZmaMCeI&google_cver=1&google_push=ASkJ3FYIivdqulhwB9nPfgPRorUgM4QLQt5-qnzqeypUivSC-TJSfajAjz34TADovZeX0Y9Taue2INyjOouOAuKJ_OMtR3S6acU HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMC_mVRkShj1vT7nZmaMCeI&google_push=ASkJ3FYIivdqulhwB9nPfgPRorUgM4QLQt5-qnzqeypUivSC-TJSfajAjz34TADovZeX0Y9Taue2INyjOouOAuKJ_OMtR3S6acU&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMC_mVRkShj1vT7nZmaMCeI&google_hm=Y4v8q064q0WLAQ84DUhMsgAAByAAAAAB&google_nid=index&google_push=ASkJ3FYIivdqulhwB9nPfgPRorUgM4QLQt5-qnzqeypUivSC-TJSfajAjz34TADovZeX0Y9Taue2INyjOouOAuKJ_OMtR3S6acU

Request Chain 97

https://d1opu7v3g3cdvy.cloudfront.net/232x155/im7fktOAwp0ebPFvzAvF.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/im7fktOAwp0ebPFvzAvF.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/im7fktOAwp0ebPFvzAvF.webp

Request Chain 98

https://d1opu7v3g3cdvy.cloudfront.net/232x155/982471752638bfab4a54aa8.25703734.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/982471752638bfab4a54aa8.25703734.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/982471752638bfab4a54aa8.25703734.webp

Request Chain 99

https://d1opu7v3g3cdvy.cloudfront.net/232x155/354962071638bfab47fbcd7.70315989.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/354962071638bfab47fbcd7.70315989.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/354962071638bfab47fbcd7.70315989.webp

Request Chain 100

https://d1opu7v3g3cdvy.cloudfront.net/232x155/508098804638bfab4793ad9.68457243.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/508098804638bfab4793ad9.68457243.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/508098804638bfab4793ad9.68457243.webp

Request Chain 101

https://d1opu7v3g3cdvy.cloudfront.net/232x155/1581633196638bfab453eca7.15326898.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/1581633196638bfab453eca7.15326898.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/1581633196638bfab453eca7.15326898.webp

Request Chain 102

https://d1opu7v3g3cdvy.cloudfront.net/232x155/1756836240638bfab42d00c2.40820126.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/1756836240638bfab42d00c2.40820126.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/1756836240638bfab42d00c2.40820126.webp

Request Chain 103

https://d1opu7v3g3cdvy.cloudfront.net/232x155/2101969120638bfab4947e82.15151803.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/2101969120638bfab4947e82.15151803.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/2101969120638bfab4947e82.15151803.webp

Request Chain 115

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO33WuWLavJ8Xz57tkDnLKY&google_cver=1&google_push=ASkJ3FY4GHUSGUg2tIUj0H__l_PNJSULbF0WVlNf9wzBdFpsHXIzoAhO0oRfH8GhEEq5EuZx_k2FP3lGMX_8KESz4Zgb_mVtBbFb7w HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FY4GHUSGUg2tIUj0H__l_PNJSULbF0WVlNf9wzBdFpsHXIzoAhO0oRfH8GhEEq5EuZx_k2FP3lGMX_8KESz4Zgb_mVtBbFb7w&google_hm=h1BlI3CA4F5VBq7vZ1k__g

Request Chain 116

https://d.agkn.com/pixel/2175/?google_gid=CAESEDbVk6HpQrknHYdqyCH336A&google_cver=1&google_push=ASkJ3FZglJuDgrS9N1Xbdnj9Etd69ma0UKwccmO2GReyPqEkRBt8YBe1vzDcwB2zcHypdwrCwK75EeS9ehAvYe9cgsTdNBQX4y9TfA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FZglJuDgrS9N1Xbdnj9Etd69ma0UKwccmO2GReyPqEkRBt8YBe1vzDcwB2zcHypdwrCwK75EeS9ehAvYe9cgsTdNBQX4y9TfA&google_hm=Q0FFU0VEYlZrNkhwUXJrbkhZZHF5Q0gzMzZB

Request Chain 117

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYTYKO55lky7GQ1_0w00uiM1h5xgYGoUYped8XbdLcML-FtFJO-WGTPhTToIK-wKmaS4XgdwBGJ-CYKsIexuCAF-MALxTY2vA&google_gid=CAESEChhA770lik4iwfIqxYv-yM&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYTYKO55lky7GQ1_0w00uiM1h5xgYGoUYped8XbdLcML-FtFJO-WGTPhTToIK-wKmaS4XgdwBGJ-CYKsIexuCAF-MALxTY2vA&google_gid=CAESEChhA770lik4iwfIqxYv-yM&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDQwMTQ5MzEwMDAyNjk5NjYzOTQ1NQ%3D%3D&google_push=ASkJ3FYTYKO55lky7GQ1_0w00uiM1h5xgYGoUYped8XbdLcML-FtFJO-WGTPhTToIK-wKmaS4XgdwBGJ-CYKsIexuCAF-MALxTY2vA

Request Chain 120

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMe5TEjXGgcNgo4Bu8Lld08&google_cver=1&google_push=ASkJ3FZEpwtUM9RTUDjihnJHRVFNtmNN12f7WRJ8znRSTcGpAnQLTCvqCGEhwio1j8oD481VWXgIUculrw4CoDrsxUMWanosCyAk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FZEpwtUM9RTUDjihnJHRVFNtmNN12f7WRJ8znRSTcGpAnQLTCvqCGEhwio1j8oD481VWXgIUculrw4CoDrsxUMWanosCyAk&google_hm=9kc-zKJJTG2kbVPF6_O6oQ

Request Chain 123

https://d1opu7v3g3cdvy.cloudfront.net/232x155/hCztYTUq3r9THofIXTTa.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/hCztYTUq3r9THofIXTTa.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/hCztYTUq3r9THofIXTTa.webp

Request Chain 147

https://d1opu7v3g3cdvy.cloudfront.net/232x155/226712061638bfab4abcab9.23856901.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/226712061638bfab4abcab9.23856901.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/226712061638bfab4abcab9.23856901.webp

Request Chain 148

https://d1opu7v3g3cdvy.cloudfront.net/232x155/107059795638bfab3ef42e6.72150993.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/107059795638bfab3ef42e6.72150993.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/107059795638bfab3ef42e6.72150993.webp

Request Chain 149

https://d1opu7v3g3cdvy.cloudfront.net/232x155/1617479792638bfab3a85841.36378159.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/1617479792638bfab3a85841.36378159.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/1617479792638bfab3a85841.36378159.webp

Request Chain 153

https://d1opu7v3g3cdvy.cloudfront.net/232x155/109697727638bfab413b907.80230470.webp HTTP 307
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/109697727638bfab413b907.80230470.webp HTTP 301
https://d1opu7v3g3cdvy.cloudfront.net/232x155/109697727638bfab413b907.80230470.webp

162 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
ogolosha.ua/
Redirect Chain

http://ogolosha.ua/
https://ogolosha.ua/

117 KB
23 KB

337ms
246ms

Document
text/html

37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://ogolosha.ua/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

37.187.135.210 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3125388.ip-37-187-135.eu

Software

nginx/1.17.9 /

Resource Hash

2e0f6d93f35130ebcd6e8d44d914d1aae2ad3496030910869c7875976f4c092a

Security Headers

Name	Value
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 04 Dec 2022 01:49:29 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx/1.17.9
x-frame-options: DENY

Redirect headers

Connection: keep-alive
Content-Length: 169
Content-Type: text/html
Date: Sun, 04 Dec 2022 01:49:29 GMT
Location: https://ogolosha.ua/
Server: nginx/1.17.9

GET
H2 200 fonts.css
ogolosha.ua/assets/4a6f1cb7/fonts/ 2 KB
501 B 40ms
39ms Stylesheet
text/css 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/assets/4a6f1cb7/fonts/fonts.css?v=1610492145
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 57cff9a577a1c41f5f0dd51a0fb4ef224c43adaedbe057152ad4b8fb040de6fb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
content-encoding: gzip
last-modified: Tue, 12 Jan 2021 22:55:45 GMT
server: nginx/1.17.9
etag: W/"5ffe28f1-92a"
content-type: text/css

GET
H2 200 5ee479d894c550ecbc798951a6aa5238.css
ogolosha.ua/assets/ 152 KB
38 KB 43ms
43ms Stylesheet
text/css 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/assets/5ee479d894c550ecbc798951a6aa5238.css?v=1658164562
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 999bf38feffaafb1abb7e0bf35e326457f4e7a794fcfd33b8043b32e05c0f0bc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
content-encoding: gzip
last-modified: Mon, 18 Jul 2022 17:16:02 GMT
server: nginx/1.17.9
etag: W/"62d59552-25e78"
content-type: text/css

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 202ms
99ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa2434524a3020b0671f2d48851bc8bc6526392b08f041096056860346aebdbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48975
x-xss-protection: 0
server: cafe
etag: 4566489115341293623
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Dec 2022 01:49:30 GMT

GET
H2 200 logo-main.png
ogolosha.ua/ogolosha/images/main-header/ 25 KB
25 KB 83ms
79ms Image
image/png 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogolosha.ua/ogolosha/images/main-header/logo-main.png
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 99ced0184f229ddb3468f853d67f1bf3f3ded03563e3e3cf700a9fe24255ca62

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
last-modified: Wed, 29 Apr 2020 13:19:42 GMT
server: nginx/1.17.9
accept-ranges: bytes
etag: "5ea97eee-62b9"
content-length: 25273
content-type: image/png

GET
H2 200 sprite2.svg
ogolosha.ua/ogolosha/images/ 97 KB
98 KB 83ms
79ms Image
image/svg+xml 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogolosha.ua/ogolosha/images/sprite2.svg?v=1643898650
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 6a1f0139e31c7dc4feee0e86c6810d2a61db4c27dd1dbeb60b2cde8578aab8df

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
last-modified: Thu, 03 Feb 2022 14:30:50 GMT
server: nginx/1.17.9
accept-ranges: bytes
etag: "61fbe71a-18512"
content-length: 99602
content-type: image/svg+xml

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 142 KB
48 KB 185ms
84ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2292163066826528

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cb97e0ce86b0ccdffe10339f757c3b831fe6bc7ad71f5b74c7e9c8dc9d0689c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ogolosha.ua/
Origin: https://ogolosha.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48957
x-xss-protection: 0
server: cafe
etag: 9531801730719287683
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Dec 2022 01:49:29 GMT

GET
H2 200 ukraine_pc.jpg
ogolosha.ua/ogolosha/images/ 95 KB
95 KB 83ms
80ms Image
image/jpeg 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogolosha.ua/ogolosha/images/ukraine_pc.jpg
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 74623cbf12c9783466952bcbe6945498cefd8dfd65373451840ed94448df44f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
last-modified: Thu, 10 Mar 2022 10:00:07 GMT
server: nginx/1.17.9
accept-ranges: bytes
etag: "6229cc27-17d10"
content-length: 97552
content-type: image/jpeg

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
17 KB 166ms
57ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

3bd916949aeea3ea0d8c943ffe67060a38c2902c9533a94d36650bc176e322af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16827
x-xss-protection: 0
server: cafe
etag: 16359567893097152046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 04 Dec 2022 01:49:29 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
417 B 550ms
189ms Script
text/javascript 2a04:4e42:a00::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es2015%2Ces2016%2Ces2017%2Ces2018%2Ces5%2Ces6%2CIntersectionObserver%2CIntersectionObserverEntry
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Request headers

Referer: https://ogolosha.ua/
Origin: https://ogolosha.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: br
last-modified: Sat, 19 Nov 2022 11:32:20 GMT
age: 0
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
useragent_normaliser: chrome/99.0.0
server-timing: cache-lax10647, PASS, fastly;desc="Edge time";dur=14
accept-ranges: bytes
content-length: 94

GET
H2 200 99532d829aef9871a11f54b2601967a9.js Show response
ogolosha.ua/assets/ 768 KB
262 KB 45ms
40ms Script
application/javascript 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: ceb31079d569d5f3095a2b2a77577e830577b2c489df259342bc7d175a911eab

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
content-encoding: gzip
last-modified: Tue, 13 Sep 2022 16:57:39 GMT
server: nginx/1.17.9
etag: W/"6320b683-c00ec"
content-type: application/javascript; charset=utf-8

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 143ms
44ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Dec 2022 01:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2023
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Sun, 04 Dec 2022 03:15:46 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
28 KB 127ms
40ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 04 Dec 2022 01:49:29 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27340
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: QE5ruDLpeSYAN0PUapPVRvTslzYYAT8jHzBBddEut7/1kiqK3c08o86gyD/vRxvxjcHqm5Lo74pMkGyOccNRRw==
x-fb-trip-id: 1709462857
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 124 KB
48 KB 160ms
60ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N52NZHP

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5b824059f6696df5caafcd2a07ec53d599c01115790155cc9a5bd3d1dea843ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48605
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 04 Dec 2022 01:49:29 GMT

GET
H2 200 icon-header2.png
ogolosha.ua/ogolosha/images/ 7 KB
7 KB 76ms
75ms Image
image/png 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogolosha.ua/ogolosha/images/icon-header2.png
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/5ee479d894c550ecbc798951a6aa5238.css?v=1658164562
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 39d8251a09cf983f2385a5892c8020a76cdd01d82bab025e6bf23838eabaa30b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/assets/5ee479d894c550ecbc798951a6aa5238.css?v=1658164562
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
last-modified: Wed, 29 Apr 2020 13:19:42 GMT
server: nginx/1.17.9
accept-ranges: bytes
etag: "5ea97eee-1bc7"
content-length: 7111
content-type: image/png

GET
H2 200 Roboto-Regular.woff2
ogolosha.ua/assets/4a6f1cb7/fonts/Roboto/ 63 KB
63 KB 72ms
71ms Font
font/woff2 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/assets/4a6f1cb7/fonts/Roboto/Roboto-Regular.woff2
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/4a6f1cb7/fonts/fonts.css?v=1610492145
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659

Request headers

Referer: https://ogolosha.ua/assets/4a6f1cb7/fonts/fonts.css?v=1610492145
Origin: https://ogolosha.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
last-modified: Wed, 29 Apr 2020 13:19:42 GMT
server: nginx/1.17.9
accept-ranges: bytes
etag: "5ea97eee-fcf0"
content-length: 64752
content-type: font/woff2

GET
H2 200 Roboto-Bold.woff2
ogolosha.ua/assets/4a6f1cb7/fonts/Roboto/ 65 KB
65 KB 72ms
72ms Font
font/woff2 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/assets/4a6f1cb7/fonts/Roboto/Roboto-Bold.woff2
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/4a6f1cb7/fonts/fonts.css?v=1610492145
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: ff5b869affc9fee89a38dae4b60b2f654a8f3bd938e3846f64caf1167bb645c6

Request headers

Referer: https://ogolosha.ua/assets/4a6f1cb7/fonts/fonts.css?v=1610492145
Origin: https://ogolosha.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
last-modified: Wed, 29 Apr 2020 13:19:42 GMT
server: nginx/1.17.9
accept-ranges: bytes
etag: "5ea97eee-10258"
content-length: 66136
content-type: font/woff2

GET
H2 200 lazy-bckgrnd.gif
ogolosha.ua/ogolosha/images/ 17 KB
17 KB 53ms
53ms Image
image/gif 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ogolosha.ua/ogolosha/images/lazy-bckgrnd.gif
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/5ee479d894c550ecbc798951a6aa5238.css?v=1658164562
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 6640f2a1888dbf2469049ea1e88bbab2afc9bb11417cc1cf1ea525a07c147e0a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/assets/5ee479d894c550ecbc798951a6aa5238.css?v=1658164562
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
last-modified: Tue, 26 May 2020 04:27:31 GMT
server: nginx/1.17.9
accept-ranges: bytes
etag: "5ecc9ab3-4542"
content-length: 17730
content-type: image/gif

GET
H2 200 Roboto-Medium.woff2
ogolosha.ua/assets/4a6f1cb7/fonts/Roboto/ 65 KB
65 KB 53ms
52ms Font
font/woff2 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/assets/4a6f1cb7/fonts/Roboto/Roboto-Medium.woff2
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/4a6f1cb7/fonts/fonts.css?v=1610492145
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: b26f0d833d11d5d3be164466b3d5326796770d2ce3223735cf83bdee983eba06

Request headers

Referer: https://ogolosha.ua/assets/4a6f1cb7/fonts/fonts.css?v=1610492145
Origin: https://ogolosha.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:29 GMT
last-modified: Wed, 29 Apr 2020 13:19:42 GMT
server: nginx/1.17.9
accept-ranges: bytes
etag: "5ea97eee-10438"
content-length: 66616
content-type: font/woff2

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/945948815/ 2 KB
2 KB 155ms
59ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/945948815/?random=1670118569979&cv=9&fst=1670118569979&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fogolosha.ua%2F&tiba=%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%9E%D0%93%D0%9E%D0%9B%D0%9E%D0%A8%D0%90.%20%D0%9F%D0%BE%D0%BA%D1%83%D0%BF%D0%BA%D0%B0%2C%20&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

155930ed270d30adcf8195de1789cb4d34dbd3abe7536c5f4627ef6bd2585d6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1000
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 291293851938594 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 102ms
100ms Script
application/x-javascript 2a03:2880:f045:10:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/291293851938594?v=2.9.89&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

877a4adb3df689adddd0e5298d7fb86a4761ca8d57d2267765955195d99a59e1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 04 Dec 2022 01:49:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: TgW8BH9KOIf8kqvKDtYgS1TIcvL8hGDeQP4HfwAIsMntK5Bf0CmpmLrXVarmrQo/HEh+FX8fhbF9J9SeAxDWLA==
x-fb-trip-id: 1709462857
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
206 B 52ms
51ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=48106471&t=pageview&_s=1&dl=https%3A%2F%2Fogolosha.ua%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%9E%D0%93%D0%9E%D0%9B%D0%9E%D0%A8%D0%90.%20%D0%9F%D0%BE%D0%BA%D1%83%D0%BF%D0%BA%D0%B0%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%2C%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD.&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=2098584389&gjid=327385048&cid=623611004.1670118570&tid=UA-125721042-1&_gid=1419185928.1670118570&_r=1&_slc=1&z=397693799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://ogolosha.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ogolosha.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
76 KB 152ms
60ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8777T0F2Z7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N52NZHP

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cea45b482e31aee7bb96168cd800f18a75747b7432c496e9b2ecc936a9054d49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77922
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 04 Dec 2022 01:49:30 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 123ms
38ms XHR
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-125721042-1&cid=623611004.1670118570&jid=2098584389&gjid=327385048&_gid=1419185928.1670118570&_u=IEBAAEAAAAAAACAAI~&z=211998148

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://ogolosha.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 04 Dec 2022 01:49:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ogolosha.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/ 354 KB
116 KB 178ms
88ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2292163066826528&plah=ogolosha.ua

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2292163066826528

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aac6daa347859a560426ce92eee895aaba712abb1ee7b544a936d20ed4e3843c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119173
x-xss-protection: 0
server: cafe
etag: 3850245829391933410
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 04 Dec 2022 01:49:30 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame 5055 10 KB
4 KB 44ms
44ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2292163066826528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ogolosha.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 31889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 16:58:01 GMT
etag: 10353107486223812946
expires: Sat, 17 Dec 2022 16:58:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.google.com/pagead/1p-user-list/945948815/ 42 B
548 B 158ms
56ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/945948815/?random=1670118569979&cv=9&fst=1670115600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fogolosha.ua%2F&tiba=%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%9E%D0%93%D0%9E%D0%9B%D0%9E%D0%A8%D0%90.%20%D0%9F%D0%BE%D0%BA%D1%83%D0%BF%D0%BA%D0%B0%2C%20&fmt=3&is_vtc=1&random=3324769709&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.co.uk/pagead/1p-user-list/945948815/ 42 B
548 B 169ms
57ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/945948815/?random=1670118569979&cv=9&fst=1670115600000&num=1&guid=ON&eid=375603261&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fogolosha.ua%2F&tiba=%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%9E%D0%93%D0%9E%D0%9B%D0%9E%D0%A8%D0%90.%20%D0%9F%D0%BE%D0%BA%D1%83%D0%BF%D0%BA%D0%B0%2C%20&fmt=3&is_vtc=1&random=3324769709&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 125ms
39ms Image
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=291293851938594&ev=PageView&dl=https%3A%2F%2Fogolosha.ua%2F&rl=&if=false&ts=1670118570228&sw=1600&sh=1200&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670118570227.49622087&it=1670118570019&coo=false&rqm=GET

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 04 Dec 2022 01:49:30 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
335 B 141ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8777T0F2Z7&gtm=2oebu0&_p=48106471&_gaz=1&cid=623611004.1670118570&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670118570&sct=1&seg=0&dl=https%3A%2F%2Fogolosha.ua%2F&dt=%D0%94%D0%BE%D1%81%D0%BA%D0%B0%20%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%8B%D1%85%20%D0%BE%D0%B1%D1%8A%D1%8F%D0%B2%D0%BB%D0%B5%D0%BD%D0%B8%D0%B9%20%D0%9E%D0%93%D0%9E%D0%9B%D0%9E%D0%A8%D0%90.%20%D0%9F%D0%BE%D0%BA%D1%83%D0%BF%D0%BA%D0%B0%2C%20%D0%BF%D1%80%D0%BE%D0%B4%D0%B0%D0%B6%D0%B0%2C%20%D0%BE%D0%B1%D0%BC%D0%B5%D0%BD.&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8777T0F2Z7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ogolosha.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 117ms
39ms Ping
text/plain 2a00:1450:400c:c0a::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8777T0F2Z7&cid=623611004.1670118570&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8777T0F2Z7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://ogolosha.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.co.uk/ads/ 42 B
63 B 147ms
56ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8777T0F2Z7&cid=623611004.1670118570&gtm=2oebu0&aip=1&z=2133297055

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 389 B
695 B 148ms
52ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ogolosha.ua&callback=_gfp_s_&client=ca-pub-2292163066826528&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2292163066826528&plah=ogolosha.ua

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84dc42f0060d8d1e9b65776fc765a67c5d01ff5b9bed6f71c615ce11d58e882b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 150ms
54ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ogolosha.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 164ms
54ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ogolosha.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5DB8 0
20 B 257ms
166ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&adk=1812271804&adf=3025194257&lmt=1670118570&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fogolosha.ua%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570115&bpp=4&bdt=361&idt=286&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7085640242052&frm=20&pv=2&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=303

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ogolosha.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 01:49:30 GMT
expires: Sun, 04 Dec 2022 01:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET ads
googleads.g.doubleclick.net/pagead/ Frame 90FE 0
0

GET
H2 200 23.fde5057dbb50ed59ba0b.js Show response
ogolosha.ua/js/desktop/vue/ 14 KB
5 KB 40ms
40ms Script
application/javascript 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/js/desktop/vue/23.fde5057dbb50ed59ba0b.js
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 645060f27a8c19f946eded13051c7f9aea10d2f41c00a6d17026ecc2419e1cd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 19:26:31 GMT
server: nginx/1.17.9
etag: W/"624b4667-376e"
content-type: application/javascript; charset=utf-8

GET
H2 200 13.30a3ebac71d8dc47427a.js Show response
ogolosha.ua/js/desktop/vue/ 13 KB
5 KB 45ms
44ms Script
application/javascript 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/js/desktop/vue/13.30a3ebac71d8dc47427a.js
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 6bdcdf010914fd8155c7b3a8f7a83ae0ddac15dfe7503b442c8bcab87489fd1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 19:26:31 GMT
server: nginx/1.17.9
etag: W/"624b4667-3365"
content-type: application/javascript; charset=utf-8

GET
H2 200 21.153509e18751d935c266.js Show response
ogolosha.ua/js/desktop/vue/ 8 KB
4 KB 45ms
44ms Script
application/javascript 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/js/desktop/vue/21.153509e18751d935c266.js
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 1044f4b255f2907c735b2de46a0fb49b6a43d3635cadfc9c332662bb47b1049a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 19:26:31 GMT
server: nginx/1.17.9
etag: W/"624b4667-1f3b"
content-type: application/javascript; charset=utf-8

GET
H2 200 8.5d86f5a4ecfc6ec27bd7.js Show response
ogolosha.ua/js/desktop/vue/ 76 KB
30 KB 48ms
48ms Script
application/javascript 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/js/desktop/vue/8.5d86f5a4ecfc6ec27bd7.js
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 25d8dfcd687f22ab0687a6267877e6ab9e38b25f551aee46633f80859ac0d844

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 19:26:31 GMT
server: nginx/1.17.9
etag: W/"624b4667-12fe8"
content-type: application/javascript; charset=utf-8

GET
H2 200 27.3ad76cebf37beefd9da8.js Show response
ogolosha.ua/js/desktop/vue/ 8 KB
3 KB 49ms
49ms Script
application/javascript 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/js/desktop/vue/27.3ad76cebf37beefd9da8.js
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: 6750a03a1c5d654cc78848771d02cd3181037d60df34ad20c7cbf2747008abf1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 19:26:31 GMT
server: nginx/1.17.9
etag: W/"624b4667-2163"
content-type: application/javascript; charset=utf-8

GET
H2 200 32.92aaa458131f5d53861f.js Show response
ogolosha.ua/js/desktop/vue/ 4 KB
2 KB 48ms
48ms Script
application/javascript 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://ogolosha.ua/js/desktop/vue/32.92aaa458131f5d53861f.js
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: cc3ecfb71694fbfdbd40b6a7df2c0fcd6e7f69bbf42f7ca2c7b63eecc59afeaf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
last-modified: Mon, 04 Apr 2022 19:26:31 GMT
server: nginx/1.17.9
etag: W/"624b4667-f52"
content-type: application/javascript; charset=utf-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CD23 116 KB
41 KB 345ms
344ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03396556fe53a4dd19eb0e0a56b5219448f2d69c1ca1eb955d3afa085d60acb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ogolosha.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 42250
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 01:49:30 GMT
expires: Sun, 04 Dec 2022 01:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 category
api.ogolosha.ua/ru/ Frame 0
0 180ms
71ms Preflight
application/json 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ogolosha.ua/ru/category
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://ogolosha.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Csrf-Token, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://ogolosha.ua
content-encoding: gzip
content-type: application/json; charset=UTF-8
date: Sun, 04 Dec 2022 01:49:30 GMT
server: nginx/1.17.9
vary: Accept

OPTIONS
H2 200 geo
api.ogolosha.ua/ru/data/get-filters/ Frame 0
0 181ms
73ms Preflight
application/json 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ogolosha.ua/ru/data/get-filters/geo
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://ogolosha.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-headers: X-Csrf-Token, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-encoding: gzip
content-type: application/json; charset=UTF-8
date: Sun, 04 Dec 2022 01:49:30 GMT
server: nginx/1.17.9
vary: Accept

GET
H2 200 category Show response
api.ogolosha.ua/ru/ 272 KB
56 KB 114ms
113ms XHR
application/json 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ogolosha.ua/ru/category
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: bcbc50adc436543f0b4874fe7d42264c6fa9ac12f11f87d8b94a6c9dd1bdea85

Request headers

Accept: application/json, text/plain, */*
Referer: https://ogolosha.ua/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: xlCMOGgfrRm_L3_VaqLhD6wuK_JCONWMIYRrDP_21aSoZP1eDFnbWPJMTa8Y4IVl-HhemStnu95UzQB1q7GK_g==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://ogolosha.ua
date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.17.9
vary: Accept
content-type: application/json; charset=UTF-8

GET
H2 200 geo Show response
api.ogolosha.ua/ru/data/get-filters/ 54 KB
12 KB 75ms
74ms XHR
application/json 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ogolosha.ua/ru/data/get-filters/geo
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: f167267f79edbc5b0916ee78a308824e7b309f97b40103483ec490050e5d004b

Request headers

Accept: application/json, text/plain, */*
Referer: https://ogolosha.ua/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: xlCMOGgfrRm_L3_VaqLhD6wuK_JCONWMIYRrDP_21aSoZP1eDFnbWPJMTa8Y4IVl-HhemStnu95UzQB1q7GK_g==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
server: nginx/1.17.9
vary: Accept, Accept-Encoding
content-type: application/json; charset=UTF-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DCD7 26 KB
12 KB 237ms
236ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=3770977671&adk=355968364&adf=427558073&pi=t.ma~as.3770977671&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570121&bpp=1&bdt=366&idt=469&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1320&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=t3glS548rT&p=https%3A//ogolosha.ua&dtd=472

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b9fc4d3698220097826e6b53cda0d56bed2a014dc9c52f295970ec50d8c21b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ogolosha.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 11866
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 01:49:30 GMT
expires: Sun, 04 Dec 2022 01:49:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OOnOLn6TXBXnq9rDeJtk.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 6 KB
7 KB 209ms
103ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/OOnOLn6TXBXnq9rDeJtk.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0238e25c55c6b63b64e9f99db1d2815278ee732928775acc1c299ad4306e8254

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 19:35:24 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 09:16:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 22447
etag: "841ca111831c9eb84fbeec978fcdb279"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 6482
x-amz-cf-id: Z9Yo3WxdozNtQdP2JXP0J3jxU5GfkIqLiVr7-sHPRixenmvgPCbLqA==

GET
H2 200 eYWt2W3gxeuY1enuysQO.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 9 KB
10 KB 192ms
86ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/eYWt2W3gxeuY1enuysQO.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 693c067cb9e00f94987a7c32d76a12110482b7304eca58418ef8bfa9897c2f8f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 19:10:51 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Thu, 03 Nov 2022 18:00:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 23920
etag: "62454f958488f2f158de8062ca049846"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 9460
x-amz-cf-id: x4oBgP3wrWaD51Nzu17Bfyc1LI6Gp9fT8oGwKev9DPNSSHYPqbwLyw==

GET
H2 200 3Pd43QZON3q86SFjHcHj.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 9 KB
9 KB 200ms
94ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/3Pd43QZON3q86SFjHcHj.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b1f74c5e97641a8c440de036a6a3c2dad04fda48f4caf82e9af05bffb078c34

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 19:14:39 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 19:10:51 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 23692
etag: "bd6d397b64c6b9b99a57f4f68950e92a"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 8926
x-amz-cf-id: uz9qNMH7IQ9AOjaPoz0_BQn9N841PQ7C-nCtKfW_bu81E_EGIrE9yg==

GET
H2 200 6KJQG8GquyxbazbZWOjj.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 5 KB
5 KB 194ms
88ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/6KJQG8GquyxbazbZWOjj.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3ae9817744703471d88160ccc1d2c3844f5de8717cb20641300017d4d2142021

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:15:01 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 18:12:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 27270
etag: "8fc125f07fb2807180521068328a9c11"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 4734
x-amz-cf-id: TrZj8lmWu0usGsBHn2IIarsZQQKSmPp1Qtj9Z3xoC5sjLmNkRVonFQ==

GET
H2 200 1840829815638afa003b5909.91505274.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 8 KB
8 KB 163ms
58ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/1840829815638afa003b5909.91505274.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89db5abb5fe72faa42f1a50d1e55d15cc85ca13d4cd3dd3a3655e6968402de92

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:12:54 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 18:10:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 27397
etag: "9d6d2034b920133a3d40ea986d7eb56f"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 8110
x-amz-cf-id: wCX4GjqYEzC40jOBVhEQwYQF5cvbnyUrurTmSzjuS7ue1BohW7AR5A==

GET
H2 200 93215725638af9ce5aae69.50143241.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 3 KB
3 KB 210ms
105ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/93215725638af9ce5aae69.50143241.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f05663405ef941e61d4650e6b6a8c6b83d273e42ecc960fdfb174acea3826062

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:10:20 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 17:50:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 27551
etag: "59c4a9f8b8ab0c65d9a0d9bae3d76828"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 3112
x-amz-cf-id: joEjsXZJQm8Zos8D4bX0VLvDxM_f20IB01Ae7TyeATq25P8iF5zFCg==

GET
H2 200 2BP3fujpu8wUL1UCNsNc.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 7 KB
8 KB 151ms
54ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/2BP3fujpu8wUL1UCNsNc.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bc605d5e4efdc103fb84973fdb972b08f7d082015776e29e7d1b5cb82dcd04d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:10:20 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 17:50:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 27551
etag: "b54d63e872daa31bdd320bd94cb530f1"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 7484
x-amz-cf-id: 8MdLS3bPBg7f4-JJIwAIgZWSXyJZFilOrKJOP4UB8PR6NsYbFM16Pg==

GET
H2 200 w3Re6gP9Douc2QIxIyl6.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 7 KB
8 KB 148ms
51ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/w3Re6gP9Douc2QIxIyl6.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1bc605d5e4efdc103fb84973fdb972b08f7d082015776e29e7d1b5cb82dcd04d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 18:10:20 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 17:50:49 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 27551
etag: "b54d63e872daa31bdd320bd94cb530f1"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 7484
x-amz-cf-id: 9HezWV7rm1KneRAYM6cOuOADOpOTq5PdZ6joNAjmPOtYyrqTd1Di9A==

GET
H2 200 1341470184638afa0ce02d46.21300125.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 7 KB
8 KB 196ms
98ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/1341470184638afa0ce02d46.21300125.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4badab11baa760e94514cd52c815b050184cfe0a36219671b61de05aff005b5a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 17:40:21 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 17:40:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 29350
etag: "8053adf369ffe7d7a1400937fc9b9d59"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 7610
x-amz-cf-id: reCPDEZCjbhscI4HtT7V0OW5j-fi7BVoeiq6C1Q5P1ojvHTdgF51pw==

GET
H2 200 465410816638afa553abbf5.82277477.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 3 KB
3 KB 198ms
101ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/465410816638afa553abbf5.82277477.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0aa76fbe37de5edfe15d063d5df0fe592e0f53fc36be3dbcf06f10de51a7c401

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 17:14:30 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 17:09:18 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 30901
etag: "a6db7a3a1aaae68f180adaf40fafc3f5"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 3120
x-amz-cf-id: uN-rF_TM4kRSeWk1St1yJY4KJiN2QcsFUgEoz1o9mJD9pzw_mpB2iQ==

GET
H2 200 regions Show response
api.ogolosha.ua/ru/ 43 KB
10 KB 151ms
151ms XHR
application/json 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ogolosha.ua/ru/regions?include=cities
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/assets/99532d829aef9871a11f54b2601967a9.js?v=1663088259
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash: f4f14765c93c88d165338fe7e50f03cac5597b7b9788010bd717db6ddb4245b7

Request headers

Accept: application/json, text/plain, */*
Referer: https://ogolosha.ua/
X-Requested-With: XMLHttpRequest
X-CSRF-TOKEN: xlCMOGgfrRm_L3_VaqLhD6wuK_JCONWMIYRrDP_21aSoZP1eDFnbWPJMTa8Y4IVl-HhemStnu95UzQB1q7GK_g==
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-origin: https://ogolosha.ua
date: Sun, 04 Dec 2022 01:49:30 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.17.9
vary: Accept, Accept-Encoding
content-type: application/json; charset=UTF-8

OPTIONS
H2 200 regions
api.ogolosha.ua/ru/ Frame 0
0 87ms
74ms Preflight
application/json 37.187.135.210
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ogolosha.ua/ru/regions?include=cities
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 37.187.135.210 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3125388.ip-37-187-135.eu
Software: nginx/1.17.9 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-csrf-token,x-requested-with
Access-Control-Request-Method: GET
Origin: https://ogolosha.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Csrf-Token, X-Requested-With
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://ogolosha.ua
content-encoding: gzip
content-type: application/json; charset=UTF-8
date: Sun, 04 Dec 2022 01:49:30 GMT
server: nginx/1.17.9
vary: Accept

POST
H3 200 / Show response
www.facebook.com/tr/ Frame E978 0
18 B 80ms
39ms Document
text/plain 2a03:2880:f145:82:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f145:82:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://ogolosha.ua
Referer: https://ogolosha.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://ogolosha.ua
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 01:49:30 GMT
priority: u=0
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DCD7 3 KB
1 KB 202ms
104ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=3770977671&adk=355968364&adf=427558073&pi=t.ma~as.3770977671&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570121&bpp=1&bdt=366&idt=469&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1320&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=t3glS548rT&p=https%3A//ogolosha.ua&dtd=472

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 14:56:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DCD7 18 KB
8 KB 143ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 14:56:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DCD7 0
0 153ms
59ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRuaUu25Gr2I7Ie8zPLBZeVShnLI2EqeUK2-kA4iOR2nX4wLwl2EJKM2fEU4jbZFLxnOeBnKo-OQTIsrZOUUa7-WYPgBA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=3770977671&adk=355968364&adf=427558073&pi=t.ma~as.3770977671&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570121&bpp=1&bdt=366&idt=469&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1320&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=t3glS548rT&p=https%3A//ogolosha.ua&dtd=472
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DCD7 155 KB
48 KB 174ms
58ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 01:49:31 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DCD7 0
0 89ms
89ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CSITDqvyLY6XoJp2LjuwP0-6XqA_kj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yMjkyMTYzMDY2ODI2NTI4yAEJqQKtCl7YGpq0PqgDAaoErwFP0E340s37r66gU5Icbh9L7r20KkcP9jnK1i86vdqJlg4QBYJULZME95yipMoXz9NeM6yweOF7Y_yGA74h0sfOjwETdmutiwHfZOWcjaZiPy0aL2Hu_Nj_Hq6wu1K4YVDTec4I7u5HsQdrQCJvtLPlHhTMBlFj5vd-t1paGQPdsL_9KoH9PCRDln6BsTk04DOhUB6NlY4m5ZXF1WpAYGJuQKiAhS9PQrhqbwvt2lQngAaCrObDkNW8u4UBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yMjkyMTYzMDY2ODI2NTI4GAA&sigh=7OE4hl3DrAo&uach_m=[UACH]&cid=CAQSKQDq26N9InqjgaFAqHzE-AR_P-ePw4PFQzV-pCiLZNQT-mty4iO_mW-mGAEgEw

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=3770977671&adk=355968364&adf=427558073&pi=t.ma~as.3770977671&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570121&bpp=1&bdt=366&idt=469&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1320&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=t3glS548rT&p=https%3A//ogolosha.ua&dtd=472
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Dec 2022 01:49:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame DCD7 0
0 242ms
39ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=koDhCZu6MHjYBIf6VxgCAAAAA2Jn4NLI1Co-9o11EKn8i2ODYM9j7yeGQWkf0QASAAA&wp=Y4v8qgAJtCUHg4WdAAX3UxztJRy1-8niBdMdcg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 238176
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 365E 118 KB
42 KB 203ms
101ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4v8qgAJtCUHg4WdAAX3UxztJRy1-8niBdMdcg&u=%7CZRBdA4otD%2BRQkwh0WpW6oQqQha1TPKKyYRWcXoirQ38%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phh4lo32BGON0tQr51eqYYJnmjWGHIgHgOp5zvz9rLv69BZV1oa0dLQCO-mPTRgCyxg9XoTE0nJklH7BNL5tw4WQ28hf-Li6YPGg374VSOUexlB_yEEQHsB4ukrP64o49kWMrdMAszP4l0lPehjjj5oTFI7ugrVXRcGrs-P4VvuvipLLyOHRqO9a-MDIHEXgHUSAIAcUumucFHsIiwR-IhtS0FSZ1CGr-xkrXFfoEZ0F3KDE4z85IEaRnrxq0S9I3Yw8b-xIuG16gltMTGYuKuO1JxvSeXxZId6j2PhDr-c0_yHIMAeLYl1ZEuHI6VJsfzaQMjxbH2XaU0rLXme8QuLNxyxNmfTz6IAvMd1IzrMt80yD1omtL0nbo_sWDVzQmEwEbXWeLNo-EgMVGLUnz-Z72CXJfI_KRhY_CkgpNgqP6bTGfwlYAddXiu83gzYs8N6NXWIM2QaAeioXNKwm8P0MYE0ST2gO91OrjqojXGjhd4vqc0T9dODZCe5P5NOpL51icVmVdAKuL-tzN5p8CZ-edxokKTsiE1jjCE2cVSAXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsZtMqvyLY6XoJp2LjuwP0-6XqA_kj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yMjkyMTYzMDY2ODI2NTI4yAEJqQKtCl7YGpq0PqgDAaoEsgFP0E340s37r66gU5Icbh9L7r20KkcP9jnK1i86vdqJlg4QBYJULZME95yipMoXz9NeM6yweOF7Y_yGA74h0sfOjwETdmutiwHfZOWcjaZiPy0aL2Hu_Nj_Hq6wu1K4YVDTec4I7u5HsQdrQCJvtLPlHhTMBlFj5vd-t1paGQPdsL_9KoH9PCRDljyDkKvnQsGkw-yCDQ1CeT7GwWD8akx2myYb4bPu_aZGd9pqMFG0afaDgAaCrObDkNW8u4UBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nUtPUZXovUT_KLFQRZIPhgIhMLg%26client%3Dca-pub-2292163066826528%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cf3d144dff6e5ae834e25ee0cb1dce7a7dc5532438a3368b52070d4a505e71f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 01:49:30 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=29TzIKb-p2u-WuofeLiD7-vqRr2yPl3eWUaReinGkBqh6qxKZuUsfv1I1o6miEMDNZJ5OKHrSVWcR_LKzMJy5rv6vqYH3Szgo3oqwchCQ7t9r69O0bnyclKCPXGt7pj6LROModjnfON9P__Q9VJjeM8zYS52mI9DTFnIN7N7V_PUt1nD59hGfnFGucCen4XeEzrMRfe3MKlba901mcexH2Ho4wJe-s7YJEs10f3Li7qe8S-fl1iRTByEUai5qJlijqJ4cQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 61746882
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D929 1 KB
643 B 45ms
44ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 54324
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 10:44:06 GMT
etag: 48472445140208031
expires: Sun, 04 Dec 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 715F 0
0 205ms
92ms Fetch
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsun4ckaRUqYn61RAt_wNafA4hJjdVmAY68bxGahiCuwFGfeZmfWfO9kdbhD5TDbZs6cT9Zkfpd9EByAlfZdHoVxUabqbzAo4dwxr7E0ceEiad2qWVQYTzcTNsvMPQzWwKg7Ugb9Djr92r1D3VQ-icP_V0gkP7TusvAoieUNbXYm__D9YoTgiUBWDnnc8BJqmL40jdEOBYz60trsACqTe9BRlucYGW3gpKCsQZUGAd3Utt3xPODtRR8f11xcI1eeu05t7dQVLMthe-eRFI1ixu3Guj-V8xs0o2tvD_NGJbkMtjocmi65fCn3-qbblijD6DFDGdu_KQBSWQ_hMwY50fXHEUxtIdmbn_kNg-sh0CKEpB_inLKIGj8rKvnyFNC59pr8igmHXqKUeDfgOiOeVfLry6n-ZMKrIwySsTUX6_C18Ie6dW41gOeem4p1ljSPRUiICUml4sJT05PWluXibNH-7_baxknMBnK4rL7TfwMit7wiz1W_NT7zc2s3EPG3lMoSeThBobwoRw7R4U_TIZVJTmZZ8kDJnAmy1dUuF2E2IwEnaBADqh03d5MzCIWzSha5_yAcZvnEVBT7NOl-2wG9TaS10PPeceem8VR9Fy5XUN_dOGoLnxjJQmVGAEHqDwoFPrv0Y1SkbaxQExd2ScJ1imeoyjeKm_AjUc9Iyt6Sr-sNpvMNe3j2p1mgkwbb8AHSpqHuIA-58H4ya_zDM-vSj6KojhiuSUYBFrYJMUTyNtGLot04MF9pbVPTMamifwBkRd8H-RmtHXC-g5LtzAQMWm7J3CMdtPdqr5CiKyWEQCd-zZHkGrddaroE2ZvIjQXWdRgDspcDy00mi6debabL-vQww_y6NTJpsf_9p6WqPlbgIlxCAWW2UOHoH9F_7My6fCFq_vrYf_FrgWgmxMh0Cexmw5nXbRpbdzqcRrT1AfvFYM4YRxwD9_zUWR4xNSyzyf9tJmJ46lJsL5aF2yw4nzmsCnhFDr2PXG0St4pPm0CMfssZtml9u3f36h4Zw_h-xjk&sai=AMfl-YRd7klze7RzKZd830bggMaip7QI5vRi5BDskgQMom1NZ3PRVRLn09I0qFjLOi6aohiMDrnnjFn9ZKVI1F3eAngRsFW8UTFJaUhsDoSatDFqMIGfTGw4utJvl4xOGyvp-NVTyDVFzB1EJtHW4d4WBcVZRu0Cyr2jAb_8JfA3THjtaG3lmbNc_ev_dq_DKBVeQCVnysflw5tuuA-97Ibv3jtgLPvgVCx481uJyQOPOGGvoTnq5aXdXYuTSCzehhSAZh8jWW4fDsH1laVVcP3f-SDP5edmgDdLhpDsLafl0G32SCK-CrElLOMwEc4&sig=Cg0ArKJSzGnzYcnYjOV0EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 04 Dec 2022 01:49:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 715F 106 KB
38 KB 157ms
44ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 08:38:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61891
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 08:38:00 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 715F 6 KB
2 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 23:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 9429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 23:12:21 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 715F 41 KB
15 KB 111ms
91ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 153786
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 07:06:25 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 715F 35 KB
14 KB 127ms
107ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 19:52:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21399
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14142
x-xss-protection: 0
server: cafe
etag: 14789286559671545279
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 19:52:52 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 715F 3 KB
1 KB 126ms
106ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 14:56:08 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 715F 18 KB
7 KB 69ms
50ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39202
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7458
x-xss-protection: 0
server: cafe
etag: 16870613375306414947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 14:56:09 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 715F 0
0 84ms
52ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbNCGEI8_AOWZLEmDSYLYvqmhkGSTg4SbZUqRewORhGdkfmtizJHFePVsjxlId-qwN_haSF_8zk4OFqzRq6hlU69BIAA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 715F 155 KB
47 KB 175ms
121ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48508
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1669811598765935"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 01:49:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 715F 23 KB
9 KB 74ms
56ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39203
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9428
x-xss-protection: 0
server: cafe
etag: 246362764157784863
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 17 Dec 2022 14:56:08 GMT

GET
H2 200 343497187638af9f0431572.10366526.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 4 KB
4 KB 46ms
46ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/343497187638af9f0431572.10366526.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 141d23078709e3484421738b10030193ad12debe8ba7577c8d8e724247f850a6

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 16:52:33 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 16:50:55 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 32218
etag: "28b44355a9d0efd3c75e6c2e52e57f24"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 4020
x-amz-cf-id: 3I7gWqa2wQlNs_4Z9J9srp4UueSmNYNOjAWGqR2j-yvZNac0tEXYpg==

GET
H2 200 2oX1O1n3cJQQoQ0uzXRN.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/ 9 KB
9 KB 49ms
49ms Image
image/webp 2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/2oX1O1n3cJQQoQ0uzXRN.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9eaaa997629f8fc061bbcbc5f9cf6232f1b46cb4d591e190434e83781a73db29

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 16:31:17 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sat, 03 Dec 2022 16:28:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 33494
etag: "7d88fcb27a076a858324ee286808dad8"
x-cache: Hit from cloudfront
content-type: image/webp
content-length: 9268
x-amz-cf-id: k6pj99N1P3WkOb1jHWgamoV6lP3dgPOAZbzLJoBvok34e1FN2vSYMw==

GET
H2 200 dpixel
cms.quantserve.com/ Frame D929 35 B
464 B 148ms
45ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEH-uGYozQyvn3dWvWH76t6w&google_cver=1&google_push=ASkJ3Fbo1VV-HDPBmLnfRhZgihk39adIGact8eBijXuCbcbqqvldzbfFeo_Fk619ZGH5-tts0NFKtQbUaqTAgIbtKJCRtjjWEA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D929
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZmb_Rp...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FZmb_Rp...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDQwMTQ5MzEwMDAxMzYxMzg2MjE2NQ%3D%3D&google_push=ASkJ3FZmb_Rp7_VyJSitPk1uC5nijIjO0bRuIfMGQ0JZsFyQTikAO9DYugPKHZc8sV2tBh...

170 B
188 B

54ms
54ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDQwMTQ5MzEwMDAxMzYxMzg2MjE2NQ%3D%3D&google_push=ASkJ3FZmb_Rp7_VyJSitPk1uC5nijIjO0bRuIfMGQ0JZsFyQTikAO9DYugPKHZc8sV2tBhM-rUNA3cJCyw8H0cUS7q4fV6gYgis

Requested by

Host: ogolosha.ua
URL: https://ogolosha.ua/

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDQwMTQ5MzEwMDAxMzYxMzg2MjE2NQ%3D%3D&google_push=ASkJ3FZmb_Rp7_VyJSitPk1uC5nijIjO0bRuIfMGQ0JZsFyQTikAO9DYugPKHZc8sV2tBhM-rUNA3cJCyw8H0cUS7q4fV6gYgis
pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 04 Dec 2022 01:49:31 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame D929 43 B
350 B 121ms
36ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHWSFcadXOHDrdlTpUnQFb4&google_cver=1&google_push=ASkJ3FYFj2r1zfKlLe-mjR4j_tyohbeZV72Bj70MmlvkETngoC4siCT-AlCJH4SVcPcvefi4V1t98agO8lgTrO2oIfgamCQruxg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=3770977671&adk=355968364&adf=427558073&pi=t.ma~as.3770977671&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570121&bpp=1&bdt=366&idt=469&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1320&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=t3glS548rT&p=https%3A//ogolosha.ua&dtd=472
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: cls1o2au8168ec5860ubkt35sh58cbda

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D929
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_gL2keIRTyWwexNYcFeQwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

91ms
57ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_gL2keIRTyWwexNYcFeQwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYTdW6tfArhKP-g2itk8gPVwms_JgOg7bOlvCSuKW0S8aiI6fC74z8BOKNd4RhP_2ZpMMTrby3BbubYoe362R1ol5XFVXE

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_gL2keIRTyWwexNYcFeQwg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=ASkJ3FYTdW6tfArhKP-g2itk8gPVwms_JgOg7bOlvCSuKW0S8aiI6fC74z8BOKNd4RhP_2ZpMMTrby3BbubYoe362R1ol5XFVXE
date: Sun, 04 Dec 2022 01:49:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D929
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG997Z0qr3ie68WO--MrhX4&google_cver=1&google_push=ASkJ3Fa-116dmyY34oRvqBwwvMukri-WpIaOhL-O7Sr48yW1X_OrtiOPXe4v17eCL18XL6ztiih...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI4UEg1ME0tMjctMjcwTg==&google_push=ASkJ3Fa-116dmyY34oRvqBwwvMukri-WpIaOhL-O7Sr48yW1X_OrtiOPXe4v17eCL18XL6ztiihBoBuedrsUw2oxziCRsmz0uXU

170 B
188 B

152ms
59ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI4UEg1ME0tMjctMjcwTg==&google_push=ASkJ3Fa-116dmyY34oRvqBwwvMukri-WpIaOhL-O7Sr48yW1X_OrtiOPXe4v17eCL18XL6ztiihBoBuedrsUw2oxziCRsmz0uXU

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEI4UEg1ME0tMjctMjcwTg==&google_push=ASkJ3Fa-116dmyY34oRvqBwwvMukri-WpIaOhL-O7Sr48yW1X_OrtiOPXe4v17eCL18XL6ztiihBoBuedrsUw2oxziCRsmz0uXU
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D929
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEMC_mVRkShj1vT7nZmaMCeI&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEMC_mVRkShj1vT7nZmaMCeI&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMC_mVRkShj1vT7nZmaMCeI&google_hm=Y4v8q064q0WLAQ84DUhMsgAAByAAAAAB&google_nid=index&google_push=ASkJ3FYIivdqulhwB9nPfgPRorUgM4QLQt5-q...

170 B
188 B

136ms
56ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMC_mVRkShj1vT7nZmaMCeI&google_hm=Y4v8q064q0WLAQ84DUhMsgAAByAAAAAB&google_nid=index&google_push=ASkJ3FYIivdqulhwB9nPfgPRorUgM4QLQt5-qnzqeypUivSC-TJSfajAjz34TADovZeX0Y9Taue2INyjOouOAuKJ_OMtR3S6acU

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3mGqLy%2BLnzbxhhKdn6vpCaKQsCCugW%2FUxObCa1KZasC7Q7YBa3%2F47YgZerVXcO7m0lXmLden7NAjVZZWQO7UsE9J7r4Zg7twEQ%2FDq%2FmJOHsORcv6TwIbNw7glNOryYeSLFQfNzHuOXBR%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEMC_mVRkShj1vT7nZmaMCeI&google_hm=Y4v8q064q0WLAQ84DUhMsgAAByAAAAAB&google_nid=index&google_push=ASkJ3FYIivdqulhwB9nPfgPRorUgM4QLQt5-qnzqeypUivSC-TJSfajAjz34TADovZeX0Y9Taue2INyjOouOAuKJ_OMtR3S6acU
cache-control: no-cache
cf-ray: 7740e2cdce5e1887-MAN
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame D929 43 B
296 B 230ms
46ms Image
image/gif 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEBMyrKtT9parO3iR6kac2z4&google_cver=1&google_push=ASkJ3FaNBnAupLr4RRdtckICJjQXoMHH3mdIkPncwUjJ_2fkAij0S-U9pxrpkd_EnBibhYxj1GRSVZhnmgS8RZjvhoPbUZOcnHk
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=3770977671&adk=355968364&adf=427558073&pi=t.ma~as.3770977671&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570121&bpp=1&bdt=366&idt=469&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1320&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=t3glS548rT&p=https%3A//ogolosha.ua&dtd=472
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8101:d648:86cf:755a:6dbf London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame D929 0
223 B 167ms
53ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IFXtrN87k1p5F-xahxSzk7QJ39Reu2UrYobdde_uq6Hdb3x-TUpifDWEqu2ZmuHI8ZONqS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame DCD7 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0b6da4157a77d8f253da458371d01bd7ea6daaa349aafbc59aefd0be12b9c778

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7F5F 22 KB
8 KB 135ms
44ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 22209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 19:39:22 GMT
expires: Sun, 03 Dec 2023 19:39:22 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B726 1 KB
643 B 45ms
44ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 54325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 10:44:06 GMT
etag: 48472445140208031
expires: Sun, 04 Dec 2022 10:44:06 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 365E 2 KB
1 KB 117ms
38ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y4v8qgAJtCUHg4WdAAX3UxztJRy1-8niBdMdcg&u=%7CZRBdA4otD%2BRQkwh0WpW6oQqQha1TPKKyYRWcXoirQ38%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRXTNwbNfi5phh4lo32BGON0tQr51eqYYJnmjWGHIgHgOp5zvz9rLv69BZV1oa0dLQCO-mPTRgCyxg9XoTE0nJklH7BNL5tw4WQ28hf-Li6YPGg374VSOUexlB_yEEQHsB4ukrP64o49kWMrdMAszP4l0lPehjjj5oTFI7ugrVXRcGrs-P4VvuvipLLyOHRqO9a-MDIHEXgHUSAIAcUumucFHsIiwR-IhtS0FSZ1CGr-xkrXFfoEZ0F3KDE4z85IEaRnrxq0S9I3Yw8b-xIuG16gltMTGYuKuO1JxvSeXxZId6j2PhDr-c0_yHIMAeLYl1ZEuHI6VJsfzaQMjxbH2XaU0rLXme8QuLNxyxNmfTz6IAvMd1IzrMt80yD1omtL0nbo_sWDVzQmEwEbXWeLNo-EgMVGLUnz-Z72CXJfI_KRhY_CkgpNgqP6bTGfwlYAddXiu83gzYs8N6NXWIM2QaAeioXNKwm8P0MYE0ST2gO91OrjqojXGjhd4vqc0T9dODZCe5P5NOpL51icVmVdAKuL-tzN5p8CZ-edxokKTsiE1jjCE2cVSAXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCsZtMqvyLY6XoJp2LjuwP0-6XqA_kj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0yMjkyMTYzMDY2ODI2NTI4yAEJqQKtCl7YGpq0PqgDAaoEsgFP0E340s37r66gU5Icbh9L7r20KkcP9jnK1i86vdqJlg4QBYJULZME95yipMoXz9NeM6yweOF7Y_yGA74h0sfOjwETdmutiwHfZOWcjaZiPy0aL2Hu_Nj_Hq6wu1K4YVDTec4I7u5HsQdrQCJvtLPlHhTMBlFj5vd-t1paGQPdsL_9KoH9PCRDljyDkKvnQsGkw-yCDQ1CeT7GwWD8akx2myYb4bPu_aZGd9pqMFG0afaDgAaCrObDkNW8u4UBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0nUtPUZXovUT_KLFQRZIPhgIhMLg%26client%3Dca-pub-2292163066826528%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 Nov 2023 01:49:31 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 365E 2 KB
1 KB 117ms
39ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 Nov 2023 01:49:31 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 365E 308 B
636 B 112ms
40ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 29 Nov 2023 01:49:31 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 365E 293 B
621 B 111ms
39ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 29 Nov 2023 01:49:31 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 365E 43 B
348 B 214ms
42ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qHcI2ojwuDpo5018auaTpaoO-0gTHDRcd-XrBHo30Er8ffy0k1dc759bEGjTUKOAXDfUNIVOWYqx7yxDDcO6kx9RHLyg_QoG-Gc0Sb6iz3PDLXHNLkgLhV8KiHL9Km9LFd_nYdaAVmJpdVY_1AsLfOmdzkWHFCSqI4liPawVcQC63_BDmHeW2BRDFQNUg9trOVyHKNkLgDufTs-4p7u_l-1qAHbNFvQiIW3rrWqbXtO1OXVfzOqOzbT_RudNUTb28lOyT-R6wDqNYPNi5wIemczWZ9m-yJ2tZ2FZ9ag-njwyTJOH2ZlpyWJLSM_vSF9x3DWyaOUbEjUQkYM0-quBP-kp6jbv4ZXwZfKR-srVjAr-7FFmvnVqXXkxdnFh7UCujhBw6Sq_z_HzPJYDOY4Q72ErkJ4hNGLQfoUYz-X4hnr53fZo

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3556982
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

im7fktOAwp0ebPFvzAvF.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/im7fktOAwp0ebPFvzAvF.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/im7fktOAwp0ebPFvzAvF.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/im7fktOAwp0ebPFvzAvF.webp

7 KB
8 KB

83ms
83ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/im7fktOAwp0ebPFvzAvF.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5fcfc59468d5169ef608ce47b7c1c4ecb6fdc139280ada29e91b12bf67287718

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "f2ea7608856b541f52ef68dd8d19bda8"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 7598
x-amz-cf-id: asuD6B9BaPZLA2S5kz3eumQgzewMhgrcsBZXzCw7M5W5HyFsBkK76g==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/im7fktOAwp0ebPFvzAvF.webp
date: Sun, 04 Dec 2022 01:49:31 GMT
content-length: 0
apigw-requestid: cmRqzjv7liAEJog=

GET
H2

200

982471752638bfab4a54aa8.25703734.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/982471752638bfab4a54aa8.25703734.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/982471752638bfab4a54aa8.25703734.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/982471752638bfab4a54aa8.25703734.webp

6 KB
7 KB

72ms
71ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/982471752638bfab4a54aa8.25703734.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2d513ad4834c985a84c1e970b81ddac6bee700ce02e8995b071fc52057ccf9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "2747b11b0dff05fe5f32ee40784c7058"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 6586
x-amz-cf-id: rln5KhM_EQn10Ks3gLwcAErI-_3bXeXz1oDjHFaGgvFX-1IpbiJw0w==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/982471752638bfab4a54aa8.25703734.webp
date: Sun, 04 Dec 2022 01:49:31 GMT
content-length: 0
apigw-requestid: cmRqzja3FiAEJlA=

GET
H2

200

354962071638bfab47fbcd7.70315989.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/354962071638bfab47fbcd7.70315989.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/354962071638bfab47fbcd7.70315989.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/354962071638bfab47fbcd7.70315989.webp

4 KB
5 KB

173ms
173ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/354962071638bfab47fbcd7.70315989.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3da9b0eee213bed9116bb01b489af9d89823bf86c33e603c0d1073070a6c739

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "8aa6cdecfec6a196b94ad68efbad4256"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 4452
x-amz-cf-id: vHe6j0VtSP9emnNyPkdLqX_EtCLmAJ1LHPBNExm20UtX8lVBuVRI3A==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/354962071638bfab47fbcd7.70315989.webp
date: Sun, 04 Dec 2022 01:49:31 GMT
content-length: 0
apigw-requestid: cmRqziGBliAEJDA=

GET
H2

200

508098804638bfab4793ad9.68457243.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/508098804638bfab4793ad9.68457243.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/508098804638bfab4793ad9.68457243.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/508098804638bfab4793ad9.68457243.webp

5 KB
5 KB

79ms
79ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/508098804638bfab4793ad9.68457243.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e1798824a85a976219bbafc3864fbcb11d3c263562465283dfe5b73ad9ed530b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "0f11b00e0ffc8176c832c20c3bf68032"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 5080
x-amz-cf-id: inwlXCbpFVrHtbOQtKHQMPySCopMpfEAM6CLrSoEHaojc7lz_IsPtw==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/508098804638bfab4793ad9.68457243.webp
date: Sun, 04 Dec 2022 01:49:31 GMT
content-length: 0
apigw-requestid: cmRqziEbFiAEJEQ=

GET
H2

200

1581633196638bfab453eca7.15326898.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/1581633196638bfab453eca7.15326898.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/1581633196638bfab453eca7.15326898.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/1581633196638bfab453eca7.15326898.webp

9 KB
9 KB

77ms
76ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/1581633196638bfab453eca7.15326898.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9daac0e62821cf68114e60a5c62b8af98a346903c169f18c7742d4524b2a71ba

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "07020a884f4616bd3c0ffc3f07f6cbe7"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 9146
x-amz-cf-id: XIGlYO1DxFSn1-OdiXeJNFBPaAlHxvuE4VPlcqRUqS-d6F4km89G7g==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/1581633196638bfab453eca7.15326898.webp
date: Sun, 04 Dec 2022 01:49:31 GMT
content-length: 0
apigw-requestid: cmRqziquliAEJvA=

GET
H2

200

1756836240638bfab42d00c2.40820126.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/1756836240638bfab42d00c2.40820126.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/1756836240638bfab42d00c2.40820126.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/1756836240638bfab42d00c2.40820126.webp

8 KB
8 KB

132ms
132ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/1756836240638bfab42d00c2.40820126.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: deaa9ddaf9a473255dab8f310a30f4e5d4632b37fed8b8c76cef38df02ea7e71

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "182379d72364617d9980e21ef7d1b0f0"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 8238
x-amz-cf-id: kY6XmMC0oCXT8Y0aR6rwdvBJM4Xv8sfsqH5rb78CS9PrcyHrEY1Srg==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/1756836240638bfab42d00c2.40820126.webp
date: Sun, 04 Dec 2022 01:49:31 GMT
content-length: 0
apigw-requestid: cmRqzjisliAEJ9A=

GET
H2

200

2101969120638bfab4947e82.15151803.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/2101969120638bfab4947e82.15151803.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/2101969120638bfab4947e82.15151803.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/2101969120638bfab4947e82.15151803.webp

4 KB
4 KB

104ms
104ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/2101969120638bfab4947e82.15151803.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96aa703126c2e55cac1a3800d3dc7472ffd4245ee28dc5948e65c085563becfb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "b9fcf8bc044f73d0aa07264bb1da5e39"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 3878
x-amz-cf-id: Sc-6WVwPbnU-opv65aWg32JNRaQutm2PiWRIMSqKPHmJ3w68GLXjoA==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/2101969120638bfab4947e82.15151803.webp
date: Sun, 04 Dec 2022 01:49:31 GMT
content-length: 0
apigw-requestid: cmRqzinXFiAEJ5w=

GET
DATA 200
OK truncated
/ Frame 715F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d98fd2cbcbd2a0faddcf87aba91c6940b3f3562a3ff373395a43d3579e32466

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 365E 12 KB
5 KB 108ms
39ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 131835
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y34P4HThO2SuYtzBv3aB%2F%2BDDmwfwxhdDnDgT4E9pbakqDvtgw33jD1aWhbgTR2X%2FnPbgTG0tE%2BaO7If4q%2FBKKOEftDy9ywo2b5xOqhEPSRlXmcpf2Eax5yyCqm%2Btrh3IdvixOf2%2B29sjWAT67fcMsQH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7740e2ce7a00dd54-LHR
expires: Fri, 24 Nov 2023 01:49:31 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 365E 12 KB
6 KB 72ms
72ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 Nov 2023 01:49:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 365E 17 KB
17 KB 130ms
39ms Image
image/png 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=110&m=0&partner=52920&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F15516%2F190213%2F86f0f1f708604b2d82f69cc681c004dd_untitled-1.png&v=3&w=236&s=vTONw9RNV_mqU9zHgTcePg_R

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

4b90b2f133f7cfc90f98674ff83d1b271fc81adb95f78a0aa371c9fdad628c3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:30 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30688770
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17050
expires: Fri, 24 Nov 2023 06:29:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 365E 8 KB
8 KB 129ms
38ms Image
image/webp 2a02:2638:1::8
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=52920&q=80&r=0&u=https%3A%2F%2Fcdn2.pipingrock.com%2Fimages%2Fproduct%2Fshoppingservice%2Fmelatonin-3-mg-250-tablets-11284.jpg&v=3&w=800&s=eqUAQOlPgZTVwU1m8nEbc78N&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

bf58d83de7d38ff3e65e9a6076ca3062e9c5bd96aae704cd389b74aec951676f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=29600136
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7850
expires: Sat, 11 Nov 2023 16:05:07 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 365E 0
128 B 124ms
39ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=29TzIKb-p2u-WuofeLiD7-vqRr2yPl3eWUaReinGkBqh6qxKZuUsfv1I1o6miEMDNZJ5OKHrSVWcR_LKzMJy5rv6vqYH3Szgo3oqwchCQ7t9r69O0bnyclKCPXGt7pj6LROModjnfON9P__Q9VJjeM8zYS52mI9DTFnIN7N7V_PUt1nD59hGfnFGucCen4XeEzrMRfe3MKlba901mcexH2Ho4wJe-s7YJEs10f3Li7qe8S-fl1iRTByEUai5qJlijqJ4cQ&sds=2&rev=83599&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 01:49:30 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 365E 2 KB
1 KB 60ms
60ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 Nov 2023 01:49:31 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 365E 2 KB
1 KB 60ms
60ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 29 Nov 2023 01:49:31 GMT

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 715F 8 KB
4 KB 231ms
59ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=28887302&sid=443002&plc=353276826&num=&adid=&advid=8650961&adsrv=1&btreg=544407154&btadsrv=doubleclick&crt=182018004&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8be4fef4604cb204c4a31d9ce579020d00faf5bc66b204b1d28b8e1c1b25feac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 01:49:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 14:42:25 GMT
Server: Microsoft-IIS/10.0
ETag: "809ea220935d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3314

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/ Frame 75D0 5 KB
2 KB 134ms
44ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cef07ea91264b3d27051351541610878827f3d6a6f2be878a26bfe9ae5a233e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 103587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1727
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 21:03:04 GMT
expires: Sat, 02 Dec 2023 21:03:04 GMT
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 400 img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276826;a.a=544407154;cache=3127832593;
ad.atdmt.com/i/ Frame 715F 0
0 214ms
89ms Image
text/html 2a03:2880:f02d:5:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276826;a.a=544407154;cache=3127832593;
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f02d:5:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B726
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEO33WuWLavJ8Xz57tkDnLKY&google_cver=1&google_push=ASkJ3FY4GHUSGUg2tIUj0H__l_PNJSULbF0WVlNf9wzBdFpsHXIzoAhO0o...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FY4GHUSGUg2tIUj0H__l_PNJSULbF0WVlNf9wzBdFpsHXIzoAhO0oRfH8GhEEq5EuZx_k2FP3lGMX_8KESz4Zgb_mVtBbFb7w&google_hm=h1BlI3CA4F...

170 B
188 B

80ms
58ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FY4GHUSGUg2tIUj0H__l_PNJSULbF0WVlNf9wzBdFpsHXIzoAhO0oRfH8GhEEq5EuZx_k2FP3lGMX_8KESz4Zgb_mVtBbFb7w&google_hm=h1BlI3CA4F5VBq7vZ1k__g

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=ASkJ3FY4GHUSGUg2tIUj0H__l_PNJSULbF0WVlNf9wzBdFpsHXIzoAhO0oRfH8GhEEq5EuZx_k2FP3lGMX_8KESz4Zgb_mVtBbFb7w&google_hm=h1BlI3CA4F5VBq7vZ1k__g
pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
strict-transport-security: max-age=86400
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B726
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEDbVk6HpQrknHYdqyCH336A&google_cver=1&google_push=ASkJ3FZglJuDgrS9N1Xbdnj9Etd69ma0UKwccmO2GReyPqEkRBt8YBe1vzDcwB2zcHypdwrCwK75EeS9ehAvYe9cgsTdNBQX4y9TfA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FZglJuDgrS9N1Xbdnj9Etd69ma0UKwccmO2GReyPqEkRBt8YBe1vzDcwB2zcHypdwrCwK75EeS9ehAvYe9cgsTdNBQX4y9TfA&google_hm=Q0FFU0VEYlZrNkhwUXJ...

170 B
188 B

55ms
54ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FZglJuDgrS9N1Xbdnj9Etd69ma0UKwccmO2GReyPqEkRBt8YBe1vzDcwB2zcHypdwrCwK75EeS9ehAvYe9cgsTdNBQX4y9TfA&google_hm=Q0FFU0VEYlZrNkhwUXJrbkhZZHF5Q0gzMzZB

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 01:49:30 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=ASkJ3FZglJuDgrS9N1Xbdnj9Etd69ma0UKwccmO2GReyPqEkRBt8YBe1vzDcwB2zcHypdwrCwK75EeS9ehAvYe9cgsTdNBQX4y9TfA&google_hm=Q0FFU0VEYlZrNkhwUXJrbkhZZHF5Q0gzMzZB
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B726
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYTYKO5...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FYTYKO5...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDQwMTQ5MzEwMDAyNjk5NjYzOTQ1NQ%3D%3D&google_push=ASkJ3FYTYKO55lky7GQ1_0w00uiM1h5xgYGoUYped8XbdLcML-FtFJO-WGTPhTToIK-wKm...

170 B
188 B

55ms
55ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDQwMTQ5MzEwMDAyNjk5NjYzOTQ1NQ%3D%3D&google_push=ASkJ3FYTYKO55lky7GQ1_0w00uiM1h5xgYGoUYped8XbdLcML-FtFJO-WGTPhTToIK-wKmaS4XgdwBGJ-CYKsIexuCAF-MALxTY2vA

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEyMDQwMTQ5MzEwMDAyNjk5NjYzOTQ1NQ%3D%3D&google_push=ASkJ3FYTYKO55lky7GQ1_0w00uiM1h5xgYGoUYped8XbdLcML-FtFJO-WGTPhTToIK-wKmaS4XgdwBGJ-CYKsIexuCAF-MALxTY2vA
pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 04 Dec 2022 01:49:31 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B726 43 B
356 B 118ms
44ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEE6FyalmPkRkCedLU2ilLG0&google_push=ASkJ3FaSTRTT-BdNUnuinhLj2W0mCd-SeFzn2xz0ag2BJUuXfIiq4n-vqt9s4zqADYbD8ZJSwPaZTgfY4xqSekMd6Wz5ITDR2ji2Uw&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame B726 43 B
64 B 71ms
36ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEALVDQlxTfpzUHSE4z1hMpw&google_cver=1&google_push=ASkJ3FYdzqLrj4NtKvN_tDhyBO4ZOvYn0sBwZ53-1weRIlnDoxmxgKrUvnJdnbJ7O5q5bUh6thY3pg1Nh1s6Zraf7lk39FdhRfQu
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:30 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: sronh3pqn2kdd3m32bm81a02jfa05qu3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B726
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEMe5TEjXGgcNgo4Bu8Lld08&google_cver=1&google_push=ASkJ3FZEpwtUM9RTUDjihnJHRVFNtmNN12f7WRJ8znRSTcGpAnQLTCvqCGEhwio1j8oD481VWXgIUculrw4CoDrsxUMWano...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FZEpwtUM9RTUDjihnJHRVFNtmNN12f7WRJ8znRSTcGpAnQLTCvqCGEhwio1j8oD481VWXgIUculrw4CoDrsxUMWanosCyAk&google_hm=9kc-zKJJTG2kbVPF...

170 B
188 B

79ms
58ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FZEpwtUM9RTUDjihnJHRVFNtmNN12f7WRJ8znRSTcGpAnQLTCvqCGEhwio1j8oD481VWXgIUculrw4CoDrsxUMWanosCyAk&google_hm=9kc-zKJJTG2kbVPF6_O6oQ

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=ASkJ3FZEpwtUM9RTUDjihnJHRVFNtmNN12f7WRJ8znRSTcGpAnQLTCvqCGEhwio1j8oD481VWXgIUculrw4CoDrsxUMWanosCyAk&google_hm=9kc-zKJJTG2kbVPF6_O6oQ
pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame B726 0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B726 0
12 B 123ms
54ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LTjLt-FRiUy_oVc-hob2kuxrtyPHAD6TIdYnl3uFydeKJ1WAmBZBFgau_Z_SwyvwThDoU8RQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

hCztYTUq3r9THofIXTTa.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/hCztYTUq3r9THofIXTTa.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/hCztYTUq3r9THofIXTTa.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/hCztYTUq3r9THofIXTTa.webp

9 KB
9 KB

100ms
100ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/hCztYTUq3r9THofIXTTa.webp
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6e394f8012d4f27fa7dc6a9acee1c8b19eb726452a09d42b565bfdb2add73e33

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "62baadc596f50748244a23d5aecdc92c"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 9228
x-amz-cf-id: -TPS9jGU2VQ-LoOJI9vncvIZ2XTco9vQW51_FzpeFIbrGfPUvNlLJg==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/hCztYTUq3r9THofIXTTa.webp
date: Sun, 04 Dec 2022 01:49:31 GMT
content-length: 0
apigw-requestid: cmRqzjUPFiAEJjg=

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame 7F5F 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 365E 2 KB
1 KB 148ms
53ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 04 Dec 2022 01:49:31 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Dec 2022 01:49:31 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/styles/ Frame 75D0 6 KB
2 KB 45ms
44ms Stylesheet
text/css 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97052a601b59aa39f7d0c61eb48ea44dfe2076be0b48ce97d4f91b57098c74c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1726
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 11:37:28 GMT

GET brand.css
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/ Frame 75D0 0
0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 75D0 60 KB
24 KB 55ms
52ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 01:49:31 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 75D0 2 KB
1 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 04 Dec 2022 01:49:31 GMT

GET
H3 200 initialLoader.min.js Show response
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/ Frame 75D0 4 KB
2 KB 50ms
48ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/initialLoader.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 05:47:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72123
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1989
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 05:47:28 GMT

GET
H3 200 fontfaceobserver.standalone.js Show response
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/ Frame 75D0 4 KB
2 KB 51ms
49ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/fontfaceobserver.standalone.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1674
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 09:34:13 GMT

GET
H3 200 custom.js Show response
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/ Frame 75D0 3 KB
1 KB 46ms
45ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/custom.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98687b4600a1c921f99f25a7b95a9b27d3273a650c9513ee10374eec99dc0b24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 13:44:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 302714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1183
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 13:44:17 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/ Frame 75D0 8 KB
2 KB 47ms
45ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7adfb77791d93651a2e79f059c60b6d5e802b6236af3e324809d0204a00a5e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:37:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2260
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 11:37:28 GMT

GET
H3 200 messaging.js Show response
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/ Frame 75D0 3 KB
970 B 48ms
47ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/messaging.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e65cb1ef42d03ebc4c1e045db5ae8a445bf622dde48e4d04e3278d4acf30b77d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:34:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144918
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 941
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 02 Dec 2023 09:34:13 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7F5F 0
20 B 81ms
81ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BlKDsqvyLY7vgI-yk3gOp85noAgAAAAA4AeAEAg&bg=!d3SldDDNAAbvMpMzzzI7ACkAdvg8WiJ2XbV71JdVIkhZZprRpDsof7ErV4TVZSP-sj1PEODrKrHkCwIAAABxUgAAAANoAQeZAt24M14tkFaSKRmp2wWIP5BD5jvBwUJQPKn3mPeBeUP2FTTt4NCLx-z3y9L3iiEi85zD0NKbOvdk2U74eFl0IeSQ6z4EtUITcHnCSqAE6-9vsEJVi_uPnyGn6UKrmto-hGacSMrI2kfLZJUpPtI-Wf7PI7nbQzpgrFAIVVMz8x-TCFvDgPNZMdu-_2JVCNnPEBXwCfS_H_dwD-66K4KPdozvnXMo93Z2ef8AC_bfhWoA4XHNAc7BEg4oxdQNKyahbv-JhDWynNrGK3ZrM4rNdL6i_y7rP6VdfCYuDuilFKNMsxcEAfQBhdr-ZPKC-or4n4qMYN4LxYazPFgGIyDzjqFkCpsMyuZ-niMyq5lcs1V2jOa5AKz03Mtt9GNTTgl66xTkd49kGAcWnSyrdWyfvYXPwSp9kW73B0gOFDrQvlpj1QRe3w4xt2Uz6RxO9PWN32N5BbPygiPJKvkNY_kfTK5Y-ugxBOZRm1TOTCllDF2j2zQ9db793bKSubri-4DqOR0AZDUdNqmX9rDkW_dvdW4d1D-I2Dmfnl4DgeP81K9F3JwMIu89S4LuBX8J_PNOotSI1uRcOv-oZo3gYGUM9r-93B6_HEwVolH1W5z0rKM5zODMMMuIQMlpJxXY-td40rwpCMXabtHo_BmJXHqVqBYE892AUxuskkWnGyUR-r5jRVUOzbG_UCUPMR2FPHPAeT2RDPDbVmN3GVPRMZWCOWI_QDZld88BozqnT0ZjzhgcOklq-kmjYR-wDDcr-rLILlC7-iCaNGYJboN87jCvAgyzVpCH4Z8-_ccfJZrDGj0bGgwkSDY_4jgfKp32WmiPcerFoEP7EvzFsSMzSkPa4nI834jLX9C55xsbOhHJ2dBqoSksm46M9TkxEAmtfHwKViP4UHltchGBONknPhjIJPerrlB7CKmlSGpnuptvxCEPtehAuQEysSHjaMbYtFXxEguHgpIH_o3agvI50zoH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 365E 15 KB
16 KB 139ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 01 Dec 2022 19:42:15 GMT
x-content-type-options: nosniff
age: 194836
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 01 Dec 2023 19:42:15 GMT

GET
H/1.1 200
OK dv-measurements3296.js Show response
cdn.doubleverify.com/ Frame B646 551 KB
106 KB 63ms
63ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3296.js
Requested by: Host: ogolosha.ua
URL: https://ogolosha.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4caab9f4b88d575eff123a6dd8d1f3fdf1732933bcc921bc3ba25d5be93cc2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Sun, 04 Dec 2022 01:49:31 GMT
Content-Encoding: gzip
Last-Modified: Thu, 01 Dec 2022 12:05:05 GMT
Server: Microsoft-IIS/10.0
ETag: "80eef4257d5d91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 107946

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame B646 978 B
870 B 261ms
61ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=149&ttfrms=29&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%408%40%3D%40D92%5DF2TauU2%3F4r92%3A%3Fl9EEADTbpTauTau%408%40%3D%40D92%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=311&ddur=232&uid=1670118571652102&jsCallback=dvCallback_1670118571652743&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=450&winw=120&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3296&tgjsver=3296&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2292163066826528%26output%3Dhtml%26h%3D600%26slotname%3D6712001638%26adk%3D2497306117%26adf%3D1105298832%26pi%3Dt.ma~as.6712001638%26w%3D120%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1670118570%26rafmt%3D1%26format%3D120x600%26url%3Dhttps%253A%252F%252Fogolosha.ua%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd%26dt%3D1670118570119%26bpp%3D2%26bdt%3D365%26idt%3D304%26shv%3Dr20221110%26mjsv%3Dm202211150101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D7085640242052%26frm%3D20%26pv%3D1%26ga_vid%3D623611004.1670118570%26ga_sid%3D1670118570%26ga_hid%3D48106471%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D160%26ady%3D300%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759842%252C42531705%252C44773746%26oid%3D2%26pvsid%3D1596211166922496%26tmod%3D810532193%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257Co%257CfE%257C%26abl%3DNF%26pfx%3D0%26fu%3D128%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3DAXJTzgrH8z%26p%3Dhttps%253A%2F%2Fogolosha.ua%26dtd%3D309&fcifrms=4&brh=2&sdf=2&dvp_epl=234&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=28887302&sid=443002&plc=353276826&crt=182018004&btreg=544407154&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=64953735904.83492&dvp_tukv=583332656.1830087&dvp_uuid=10249873916.568037&dvp_strhd=0.6999998092651367&dvpx_strhd=0.6999998092651367&dvp_tuid=1150958008047
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3296.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: de2e3dd787bd56c483604a37e4543acee5e7e2489020fe5b51f03024853b624e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 04 Dec 2022 01:49:31 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Connection: close
Expires: 12/03/2022 01:49:31

GET
H3 200 config.js Show response
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/config/ Frame 75D0 970 B
584 B 59ms
59ms Script
application/x-javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/config/config.js?r=0.40557702132784534

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8d797761e49ba013fbc263697f7ded456154509ddd3ebad10d6f4072b7cec2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 556
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 04 Dec 2023 01:49:31 GMT

GET
H3 200 chevron.png
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/images/ Frame 75D0 190 B
217 B 44ms
44ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/images/chevron.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:37:28 GMT
x-content-type-options: nosniff
age: 310323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 11:37:28 GMT

GET
H3 200 aldine_light.woff2
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/fonts/ Frame 75D0 24 KB
24 KB 44ms
44ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/fonts/aldine_light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/styles/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:37:28 GMT
x-content-type-options: nosniff
age: 310323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24316
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 11:37:28 GMT

GET
H3 200 familyGuitarSuitcase-tier1-192x720.jpg
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/images/ Frame 75D0 27 KB
27 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/images/familyGuitarSuitcase-tier1-192x720.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24004311a35fcb942f70d7bea3d06c15bcb979bd0a7f8ba9513ee8e2c8ae6b6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:37:28 GMT
x-content-type-options: nosniff
age: 310323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28072
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 11:37:28 GMT

GET
H3 200 connector.png
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/images/ Frame 75D0 74 KB
74 KB 73ms
73ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/images/connector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:37:28 GMT
x-content-type-options: nosniff
age: 310323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76141
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 11:37:28 GMT

GET
H3 200 aldine_light_italic.woff2
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/fonts/ Frame 75D0 26 KB
26 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/fonts/aldine_light_italic.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/styles/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 02:12:02 GMT
x-content-type-options: nosniff
age: 85049
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26720
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 03 Dec 2023 02:12:02 GMT

GET
H3 404 hotel_names.json Show response
s0.2mdn.net/json/ Frame 75D0 43 B
62 B 44ms
44ms Fetch
image/gif 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/json/hotel_names.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/scripts/custom.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:47:51 GMT
x-content-type-options: nosniff
server: sffe
age: 101
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Sun, 04 Dec 2022 02:02:51 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 151ms
61ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b78410f3393578a5dad172edf8a12ffe5b70614992ca8ca032e362cd7d2a489

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11241
x-xss-protection: 0

GET
H2

200

226712061638bfab4abcab9.23856901.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/226712061638bfab4abcab9.23856901.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/226712061638bfab4abcab9.23856901.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/226712061638bfab4abcab9.23856901.webp

5 KB
6 KB

63ms
63ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/226712061638bfab4abcab9.23856901.webp
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b7e474f3a45a66c12987cc808e4305e42ad415ef8b30e2918fdf31b562082b3a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:33 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "9c12a23dfc18ab9f0161c6b7a6aaa72e"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 5362
x-amz-cf-id: QjFFQGSeokxf5Mj5cCP70_bfFUYaPaK_ZiCh6HjiQht5pqXAb9aWfw==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/226712061638bfab4abcab9.23856901.webp
date: Sun, 04 Dec 2022 01:49:32 GMT
content-length: 0
apigw-requestid: cmRq8jeGliAEJ8Q=

GET
H2

200

107059795638bfab3ef42e6.72150993.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/107059795638bfab3ef42e6.72150993.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/107059795638bfab3ef42e6.72150993.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/107059795638bfab3ef42e6.72150993.webp

5 KB
5 KB

80ms
80ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/107059795638bfab3ef42e6.72150993.webp
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74fd34b3ea37bb70c2fb5b98023186fdd384d45d73d065fefe3353804bb0db1a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:33 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "c448d8d66221b84d10d6979b0ac945e0"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 5084
x-amz-cf-id: -5bxqMjoV09RjsNrQexVWCISg0KzJxJ0p-cOYAwaA1k8Hc_UpU27AA==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/107059795638bfab3ef42e6.72150993.webp
date: Sun, 04 Dec 2022 01:49:32 GMT
content-length: 0
apigw-requestid: cmRq8gx_liAEJ6w=

GET
H2

200

1617479792638bfab3a85841.36378159.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/1617479792638bfab3a85841.36378159.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/1617479792638bfab3a85841.36378159.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/1617479792638bfab3a85841.36378159.webp

8 KB
8 KB

114ms
113ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/1617479792638bfab3a85841.36378159.webp
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d75622e91ff6be9c24a3d08afc6255e327201233e97a8b533f6edf48f9095c36

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:33 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "4cbb65a67f0fc9f93796a50f161e0527"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 7922
x-amz-cf-id: tdu4lbMaORmIRVXWoKTz4mMvDBjFVZgbn0ox5JivYHWntlax22ns5g==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/1617479792638bfab3a85841.36378159.webp
date: Sun, 04 Dec 2022 01:49:32 GMT
content-length: 0
apigw-requestid: cmRq8h2mliAEJNQ=

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/images/ Frame 75D0 1 KB
1 KB 44ms
44ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce00b26f4267f0c29387f4b62b5e47fc8aa13c45bd26ef560019f1ef05b7842c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:37:29 GMT
x-content-type-options: nosniff
age: 310323
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1446
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 03:27:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 30 Nov 2023 11:37:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DCD7 42 B
64 B 79ms
78ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMyhYubsBzC8zdIi8ArlmV_kAahh2lx8EEDP4eO3MJAyLya2ANZhqQPz4qyUChZRvPpV7I6yOpFzxz74q9l3x75cmj&sig=Cg0ArKJSzOd3ulyuRCuhEAE&cid=CAASF-Ro-Y4eHY7Ing2nASy_KGis8PWw1WtU&id=lidar2&mcvt=1000&p=0,0,600,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=355968364&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670118570594&rpt=580&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 04 Dec 2022 01:49:32 GMT

GET
H2

200

109697727638bfab413b907.80230470.webp
d1opu7v3g3cdvy.cloudfront.net/232x155/
Redirect Chain

https://d1opu7v3g3cdvy.cloudfront.net/232x155/109697727638bfab413b907.80230470.webp
https://lnkwsh369f.execute-api.eu-central-1.amazonaws.com/prod/resizer?key=232x155/109697727638bfab413b907.80230470.webp
https://d1opu7v3g3cdvy.cloudfront.net/232x155/109697727638bfab413b907.80230470.webp

5 KB
5 KB

75ms
75ms

Image
image/webp

2600:9000:20eb:4c00:18:ad79:1380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1opu7v3g3cdvy.cloudfront.net/232x155/109697727638bfab413b907.80230470.webp
Protocol: H2
Server: 2600:9000:20eb:4c00:18:ad79:1380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5e68928b877683c58621937a88b1919b64aea2dca396d2647d10148574bc53e7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:33 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
last-modified: Sun, 04 Dec 2022 01:49:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
etag: "a50e64333182235a9c2ff0c5503b4772"
x-cache: Miss from cloudfront
content-type: image/webp
content-length: 5172
x-amz-cf-id: uEKSQd859s35YQwrMD6y8GlzWvI7BhJimyaeXkiv_U1huN6j7aGu2w==

Redirect headers

location: https://d1opu7v3g3cdvy.cloudfront.net/232x155/109697727638bfab413b907.80230470.webp
date: Sun, 04 Dec 2022 01:49:32 GMT
content-length: 0
apigw-requestid: cmRq9iLMFiAEJmg=

POST
H2 200 all
csm.eu.criteo.net/ Frame 365E 0
127 B 40ms
39ms Ping
text/plain 2a02:2638:1::17
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 04 Dec 2022 01:49:32 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D62E 13 KB
5 KB 47ms
44ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ogolosha.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 20733
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 03 Dec 2022 20:03:59 GMT
expires: Sun, 03 Dec 2023 20:03:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6846 783 B
536 B 57ms
55ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6424664f254cc49240ad276914920da22460db1bc8ee167922fe1ec63302b6ab

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YN3DLx24e3hTO0xZQa2Rew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ogolosha.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-YN3DLx24e3hTO0xZQa2Rew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 01:49:32 GMT
expires: Sun, 04 Dec 2022 01:49:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js Show response
pagead2.googlesyndication.com/bg/ Frame D62E 36 KB
16 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/api979c0EJY6QQNrS8TSWwgKrshdt-vRMqEtOqF-hYY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 20:58:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16010
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 03 Dec 2023 20:58:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6846 0
0 78ms
78ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=1596211166922496&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D62E 0
10 B 44ms
44ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XcBJRg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 04 Dec 2022 01:49:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
82ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=1596211166922496&bg=!2tml2Z3NAAbvMpMzzzI7ACkAdvg8Wq9aLql95dfFTXFHismdAPZDVD6gcJAE9wworvyUqaZC8CaFFgIAAABTUgAAAAtoAQeZAq_6iipLSCMRzCwtfb7sYXO0qvcJD0aoyHOjijPoyx1KMdXC73u5JKZn0XdlFFlUvpvUT5-37-zNxkatoSlP2VojdqtStoek_JCdwSUgwg3HZhzf3Dhb1Pf3dDPNPWnd37PI2sBq8us4gO84-hAI6pfLF3KMnqBXtfXp9-aJu-ZX9NNgomO_qBcCQlAK2F_ezLaYk955T6VAGSCBQR8inVG0tIHVZ7FJf7WnmRvK07xFMuA7kzReF1Io1Sq73ePcELcZjwZqNnu_DFD2Iku8BRKpcnJSxpeEkEdBbLwzQGmJJhs03kc9uLH9yKzfxzOOLrG0mnXXLzPYWtrIRa6U5S09ShluQ4879GxsFSi6ynvCe4_dLO9MR6gNpcJSB66LUcBb7wIB__fjwr9Uj5bWAjl9ojpa3lpAWAwS8u0FI7lwyiIp1d0N0gNUFLC5r_4WB-PA7rOSylub_Xek1BVnbg9WTvYemHhtRssiwTCgrwVcIGzBxb5oahjIT2IzmUvjDTgAI3_RhymP24yqCCg9_v70gJ_ggD2tz1-IWIXu8U3ieerFF1FWHE3iv1nqDeX42k5Hzx7ebm0vtvC2qc_KLQboVN8fX82DmnSHkyZEwf3pEcYZsBA9_V1oJw0IVZwXAkXV0hchL90csQWSs-0-7FDAgn4Exr7sv92OJr4gFRzx0J_b9Yb2XdgsZlH7QAbHNRDbsub1LjjIYxzAz8A6syd_u7xutC5wdsX0UdZsBRcwoc3H66QBJmgEuLTyHPGTwj4q4qIYkGhdXw3NF-OEYf5AtJRJ-E9mZTzcydTqa-32cLqYeLIb570JT4ropEqecdR8FGHb5h1SB4URxJOTwP06EbWLdOJ98lQ4492YUrfOJFZJFJ6k-NobV7PqnKOcutZHK5XY58iAY8vWgQkKaos
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ogolosha.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 715F 42 B
64 B 87ms
86ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvZAORk99LIhFVVMVcUjYaEujouF2Ey_RmpiLMgoC9aZ4k1maS17ms_vIpvm96QJzGxS5vs8Hetes1qVDpA9Tw_OHilw4ktz-QNM_9BBN-QIEs_ld5iGsM3fH7zLnTTytNZl5SDdFbQKVd2SIqTdbbmL5kpGI5CvnD3lZhnXI3kURqOFjvrQQayLRs2rRTtskA3ysJ_leIS&sai=AMfl-YRmDGFDPW_6UqtRb85u4Z_GmYCkPmwsA_t6GIX1nYDjiDxtlEASKC6IFY2RJ4jxHFG3XwsFNnCXrxgg-R-GM44TWgiy1jgciyo7fA&sig=Cg0ArKJSzN6C4WoVQYX5EAE&cid=CAQSKQDq26N9NWP413HDsX5LrFUUKBc1acOuRLn9sZu2JSxqSketZEPDTRg0GAEgEw&id=lidar2&mcvt=1000&p=0,0,450,120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221130&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2497306117&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670118570934&rpt=1144&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Dec 2022 01:49:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-eu3.doubleverify.com/ Frame B646 0
229 B 126ms
48ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-eu3.doubleverify.com/event.png?impid=b30205b1e9294480a45b6411d36dd736&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=262&eoid=15&msrjs=3296&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=232&tetms=7&msltms=130&vltms=262&sei=290&vetms=5&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=264&msrcannum=2&ismms=41&isumms=40&nvr=6&isgmmims=41&isgmv4mims=41&elmtp=4&isbxdms=2346&b0=218&b11=2227&adwdth=120&dvp_vsosnmr=2&lftb=2445&sftb=2445&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=450&cwdth=120&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1144&isuiabvms=1144&isgmpims=240&isgmv4dpims=1144&ispmxpms=1144&iscvmvms=1144&engalms=39&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=1&metp=1&meeid=1&dvp_itg=HEAD:1,SCRIPT:26,STYLE:3,META:1,BODY:1,DIV:19,IFRAME:18,NOSCRIPT:1,IMG:1,svg:3,path:3,A:1,&ttfurm=3296&cbust=1670118574922521
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3296.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Sun, 04 Dec 2022 01:49:35 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: close
Expires: 12/03/2022 01:49:35

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=6712001638&adk=2497306117&adf=1105298832&pi=t.ma~as.6712001638&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570119&bpp=2&bdt=365&idt=304&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=160&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CfE%7C&abl=NF&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=AXJTzgrH8z&p=https%3A//ogolosha.ua&dtd=309

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEI9FuZ5A7Lw6kfHjKs7_f4U&google_cver=1&google_push=ASkJ3FaTGoR4C0ujUTrZfAMkme8Hsvv1x7t26hEKWKI6vxfJVbyOYPcVPBVWj7ra_ouUkwGEJZRIJ-7LmvK2wL7wjKPDQQJpiCLT7Q8

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/brand.css

Verdicts & Comments Add Verdict or Comment

279 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

33 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ogolosha.ua/	1970-01-20 08:38:30	Name: is_mobile_version Value: 0
.ogolosha.ua/	1969-12-31 23:59:59	Name: _session Value: 0j45ts0941uhm1n25bbsdoro7j
ogolosha.ua/	1970-01-20 07:56:44	Name: ip Value: 6576336093162af4c5b64ff6338b22c3328b4e5cc6d61dbd9ce88c8381ce0851a%3A2%3A%7Bi%3A0%3Bs%3A2%3A%22ip%22%3Bi%3A1%3Bi%3A3649750125%3B%7D
ogolosha.ua/	1970-01-20 08:15:28	Name: city_id Value: 2dc6d1ec46ef396e11d7fcfbab312deb90e0fafc14767d7693482d18fd3eda64a%3A2%3A%7Bi%3A0%3Bs%3A7%3A%22city_id%22%3Bi%3A1%3Bi%3A234%3B%7D
ogolosha.ua/	1969-12-31 23:59:59	Name: _csrf Value: 0a233fa9f9eb1659411a34e9f5ce48833e6721d488a2fd2214c0b8f2491450d4a%3A2%3A%7Bi%3A0%3Bs%3A5%3A%22_csrf%22%3Bi%3A1%3Bs%3A32%3A%22n4qfdFvAMc2zrBdjTVuki_nRuIkyTG_Z%22%3B%7D
.ogolosha.ua/	1970-01-20 07:56:44	Name: _gid Value: GA1.2.1419185928.1670118570
.ogolosha.ua/	1970-01-20 07:55:18	Name: _gat Value: 1
.ogolosha.ua/	1970-01-20 10:04:54	Name: _fbp Value: fb.1.1670118570227.49622087
.ogolosha.ua/	1970-01-20 17:31:18	Name: _ga_8777T0F2Z7 Value: GS1.1.1670118570.1.0.1670118570.60.0.0
.ogolosha.ua/	1970-01-20 17:31:18	Name: _ga Value: GA1.1.623611004.1670118570
.ogolosha.ua/	1970-01-20 17:16:54	Name: __gads Value: ID=e4986a266980e8b5-22decc9c49d8000b:T=1670118570:RT=1670118570:S=ALNI_MaunHWQ9EzQoL09HhnHEE7DLHlVpw
.ogolosha.ua/	1970-01-20 17:16:54	Name: __gpi Value: UID=00000b8d67412f59:T=1670118570:RT=1670118570:S=ALNI_MZ_Wa1VcmMV5npR7EaAifkSAtSyoQ
.doubleclick.net/	1970-01-20 17:16:54	Name: IDE Value: AHWqTUmixdXYSQZ_8Y5abPHcnoPDa8Ue30MaWg0Ed59PjSCB70A3muWdDX9Hb1Z8Tjc
.casalemedia.com/	1970-01-20 16:40:54	Name: CMID Value: Y4v8q064q0WLAQ84DUhMsgAA
.casalemedia.com/	1970-01-20 10:04:54	Name: CMPS Value: 1824
.casalemedia.com/	1970-01-20 10:04:54	Name: CMPRO Value: 1824
.quantserve.com/	1970-01-20 10:04:54	Name: d Value: EGIBCQHdJ4EA
.quantserve.com/	1970-01-20 17:25:32	Name: mc Value: 638bfcab-1e83a-b7946-e7406
.casalemedia.com/	1970-01-20 10:04:54	Name: CMTS Value: 4439
.innovid.com/	1970-01-20 10:04:54	Name: uuid Value: f6473ecc-a249-4c6d-a46d-53c5ebf3baa1-20221203 20:49:31
.pubmatic.com/	1970-01-20 07:56:44	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 10:04:54	Name: KADUSERCOOKIE Value: FE02F691-E211-4F25-B07B-1358705790C2
.e.dlx.addthis.com/	1970-01-20 17:25:32	Name: na_tc Value: Y
.agkn.com/	1970-01-20 16:40:54	Name: ab Value: 0001%3AUsaToc%2FHpZg9SOTbTEa3jOJfIj9xO1D7
.agkn.com/	1970-01-20 16:40:54	Name: u Value: C\|0CEArHrkrKx65KwAAAAAAAQ13AQCAAQpAAAAAAA
.addthis.com/	1970-01-20 17:25:32	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 08:38:30	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:38:30	Name: na_sr Value: 20221204
.dlx.addthis.com/	1970-01-20 07:55:18	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:38:30	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 17:25:32	Name: na_id Value: 2022120401493100026996639455
.addthis.com/	1970-01-20 17:25:32	Name: uid Value: 638bfcaba7269cad
.addthis.com/	1970-01-20 17:25:32	Name: ouid Value: 638bfcab0001495dae722025b520e09e63096c6476795aff9f80

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2292163066826528&output=html&h=600&slotname=3770977671&adk=355968364&adf=427558073&pi=t.ma~as.3770977671&w=120&fwrn=4&fwrnh=100&lmt=1670118570&rafmt=1&format=120x600&url=https%3A%2F%2Fogolosha.ua%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670118570121&bpp=1&bdt=366&idt=469&shv=r20221110&mjsv=m202211150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C120x600&nras=1&correlator=7085640242052&frm=20&pv=1&ga_vid=623611004.1670118570&ga_sid=1670118570&ga_hid=48106471&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1320&ady=300&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C44773746&oid=2&pvsid=1596211166922496&tmod=810532193&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CfE%7C&abl=CF&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=t3glS548rT&p=https%3A//ogolosha.ua&dtd=472 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEI9FuZ5A7Lw6kfHjKs7_f4U&google_cver=1&google_push=ASkJ3FaTGoR4C0ujUTrZfAMkme8Hsvv1x7t26hEKWKI6vxfJVbyOYPcVPBVWj7ra_ouUkwGEJZRIJ-7LmvK2wL7wjKPDQQJpiCLT7Q8 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE
network	error	URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=353276826;a.a=544407154;cache=3127832593; Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/index.html Message: Refused to apply style from 'https://s0.2mdn.net/sadbundle/11323749395733774725/Marriott-Global_Marriott-APD-2022_Display-Tool_160x600_-UxLXQ/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://s0.2mdn.net/json/hotel_names.json Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
api.ogolosha.ua
cat.nl.eu.criteo.com
cdn.doubleverify.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
csm.eu.criteo.net
d.agkn.com
d1opu7v3g3cdvy.cloudfront.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
lnkwsh369f.execute-api.eu-central-1.amazonaws.com
odr.mookie1.com
ogolosha.ua
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
polyfill.io
region1.analytics.google.com
rtb.fr.eu.criteo.com
rtb.openx.net
s0.2mdn.net
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-eu3.doubleverify.com
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
s0.2mdn.net
104.18.33.19
142.250.184.194
142.250.185.130
172.217.18.2
178.250.2.148
184.30.16.79
185.64.190.78
2001:4860:4802:32::36
2600:9000:20eb:4c00:18:ad79:1380:21
2606:4700::6811:180e
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:800::2002
2a00:1450:4001:802::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::200a
2a00:1450:4001:811::2006
2a00:1450:4001:812::2002
2a00:1450:4001:827::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2003
2a00:1450:400c:c0a::9c
2a02:2638:1::17
2a02:2638:1::4
2a02:2638:1::8
2a02:2638::2
2a02:2638::3
2a02:26f0:480:9::210:ee0e
2a03:2880:f02d:5:face:b00c:0:8c
2a03:2880:f045:10:face:b00c:0:3
2a03:2880:f145:82:face:b00c:0:25de
2a04:4e42:a00::282
2a05:d01c:1d8:8101:d648:86cf:755a:6dbf
3.71.227.10
34.149.12.213
34.98.67.61
35.157.182.139
35.186.253.211
37.187.135.210
69.173.144.139
0238e25c55c6b63b64e9f99db1d2815278ee732928775acc1c299ad4306e8254
03396556fe53a4dd19eb0e0a56b5219448f2d69c1ca1eb955d3afa085d60acb2
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aa76fbe37de5edfe15d063d5df0fe592e0f53fc36be3dbcf06f10de51a7c401
0b1f74c5e97641a8c440de036a6a3c2dad04fda48f4caf82e9af05bffb078c34
0b6da4157a77d8f253da458371d01bd7ea6daaa349aafbc59aefd0be12b9c778
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1044f4b255f2907c735b2de46a0fb49b6a43d3635cadfc9c332662bb47b1049a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
141d23078709e3484421738b10030193ad12debe8ba7577c8d8e724247f850a6
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
155930ed270d30adcf8195de1789cb4d34dbd3abe7536c5f4627ef6bd2585d6d
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
1b78410f3393578a5dad172edf8a12ffe5b70614992ca8ca032e362cd7d2a489
1bc605d5e4efdc103fb84973fdb972b08f7d082015776e29e7d1b5cb82dcd04d
234b9bab83aa0c52e9e5192995427a2bc44876cf1a11545ed631f369b8dc6534
24004311a35fcb942f70d7bea3d06c15bcb979bd0a7f8ba9513ee8e2c8ae6b6b
25d8dfcd687f22ab0687a6267877e6ab9e38b25f551aee46633f80859ac0d844
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2e0f6d93f35130ebcd6e8d44d914d1aae2ad3496030910869c7875976f4c092a
302e69dd5cd67c33a01a5d0308c1ead25d5967bd0810b0c073f9fe18124de7bd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
364103bc6bf5b67d5297c758dd3f07ebdcb05f33d36291cb6d0549fb51e78659
39d8251a09cf983f2385a5892c8020a76cdd01d82bab025e6bf23838eabaa30b
3ae9817744703471d88160ccc1d2c3844f5de8717cb20641300017d4d2142021
3bd916949aeea3ea0d8c943ffe67060a38c2902c9533a94d36650bc176e322af
4b90b2f133f7cfc90f98674ff83d1b271fc81adb95f78a0aa371c9fdad628c3c
4badab11baa760e94514cd52c815b050184cfe0a36219671b61de05aff005b5a
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57cff9a577a1c41f5f0dd51a0fb4ef224c43adaedbe057152ad4b8fb040de6fb
5b824059f6696df5caafcd2a07ec53d599c01115790155cc9a5bd3d1dea843ea
5d98fd2cbcbd2a0faddcf87aba91c6940b3f3562a3ff373395a43d3579e32466
5e68928b877683c58621937a88b1919b64aea2dca396d2647d10148574bc53e7
5fcfc59468d5169ef608ce47b7c1c4ecb6fdc139280ada29e91b12bf67287718
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61651edfb03aae1c1007d6741f98171447ae7b1a67aaa520d8b0a959e0400885
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6424664f254cc49240ad276914920da22460db1bc8ee167922fe1ec63302b6ab
645060f27a8c19f946eded13051c7f9aea10d2f41c00a6d17026ecc2419e1cd7
6640f2a1888dbf2469049ea1e88bbab2afc9bb11417cc1cf1ea525a07c147e0a
6750a03a1c5d654cc78848771d02cd3181037d60df34ad20c7cbf2747008abf1
693c067cb9e00f94987a7c32d76a12110482b7304eca58418ef8bfa9897c2f8f
6a1f0139e31c7dc4feee0e86c6810d2a61db4c27dd1dbeb60b2cde8578aab8df
6a98bdefd73410963a41036b4bc4d25b080aaec85db7ebd132a12d3aa17e8586
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bdcdf010914fd8155c7b3a8f7a83ae0ddac15dfe7503b442c8bcab87489fd1a
6e394f8012d4f27fa7dc6a9acee1c8b19eb726452a09d42b565bfdb2add73e33
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
74623cbf12c9783466952bcbe6945498cefd8dfd65373451840ed94448df44f8
74fd34b3ea37bb70c2fb5b98023186fdd384d45d73d065fefe3353804bb0db1a
78f24ab4db72c7344d41ebc97ace3f7bb0ad6198999d180b4ba473b6651cbe53
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
84dc42f0060d8d1e9b65776fc765a67c5d01ff5b9bed6f71c615ce11d58e882b
877a4adb3df689adddd0e5298d7fb86a4761ca8d57d2267765955195d99a59e1
89db5abb5fe72faa42f1a50d1e55d15cc85ca13d4cd3dd3a3655e6968402de92
8be4fef4604cb204c4a31d9ce579020d00faf5bc66b204b1d28b8e1c1b25feac
8cb97e0ce86b0ccdffe10339f757c3b831fe6bc7ad71f5b74c7e9c8dc9d0689c
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
96aa703126c2e55cac1a3800d3dc7472ffd4245ee28dc5948e65c085563becfb
97052a601b59aa39f7d0c61eb48ea44dfe2076be0b48ce97d4f91b57098c74c6
98687b4600a1c921f99f25a7b95a9b27d3273a650c9513ee10374eec99dc0b24
999bf38feffaafb1abb7e0bf35e326457f4e7a794fcfd33b8043b32e05c0f0bc
99ced0184f229ddb3468f853d67f1bf3f3ded03563e3e3cf700a9fe24255ca62
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf4a7e5a645c8578b3397542d9669f2549d2a3cec259b7d393f84fc1eaf73a6
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
9daac0e62821cf68114e60a5c62b8af98a346903c169f18c7742d4524b2a71ba
9eaaa997629f8fc061bbcbc5f9cf6232f1b46cb4d591e190434e83781a73db29
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2d513ad4834c985a84c1e970b81ddac6bee700ce02e8995b071fc52057ccf9e
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa2434524a3020b0671f2d48851bc8bc6526392b08f041096056860346aebdbf
aac6daa347859a560426ce92eee895aaba712abb1ee7b544a936d20ed4e3843c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b26f0d833d11d5d3be164466b3d5326796770d2ce3223735cf83bdee983eba06
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b7e474f3a45a66c12987cc808e4305e42ad415ef8b30e2918fdf31b562082b3a
b9fc4d3698220097826e6b53cda0d56bed2a014dc9c52f295970ec50d8c21b28
bcbc50adc436543f0b4874fe7d42264c6fa9ac12f11f87d8b94a6c9dd1bdea85
bf58d83de7d38ff3e65e9a6076ca3062e9c5bd96aae704cd389b74aec951676f
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c3da9b0eee213bed9116bb01b489af9d89823bf86c33e603c0d1073070a6c739
cc3ecfb71694fbfdbd40b6a7df2c0fcd6e7f69bbf42f7ca2c7b63eecc59afeaf
ce00b26f4267f0c29387f4b62b5e47fc8aa13c45bd26ef560019f1ef05b7842c
cea45b482e31aee7bb96168cd800f18a75747b7432c496e9b2ecc936a9054d49
ceb31079d569d5f3095a2b2a77577e830577b2c489df259342bc7d175a911eab
cef07ea91264b3d27051351541610878827f3d6a6f2be878a26bfe9ae5a233e0
cf3d144dff6e5ae834e25ee0cb1dce7a7dc5532438a3368b52070d4a505e71f9
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b
d75622e91ff6be9c24a3d08afc6255e327201233e97a8b533f6edf48f9095c36
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
da8d797761e49ba013fbc263697f7ded456154509ddd3ebad10d6f4072b7cec2
de2e3dd787bd56c483604a37e4543acee5e7e2489020fe5b51f03024853b624e
deaa9ddaf9a473255dab8f310a30f4e5d4632b37fed8b8c76cef38df02ea7e71
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1798824a85a976219bbafc3864fbcb11d3c263562465283dfe5b73ad9ed530b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4caab9f4b88d575eff123a6dd8d1f3fdf1732933bcc921bc3ba25d5be93cc2a
e65cb1ef42d03ebc4c1e045db5ae8a445bf622dde48e4d04e3278d4acf30b77d
e7adfb77791d93651a2e79f059c60b6d5e802b6236af3e324809d0204a00a5e6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f05663405ef941e61d4650e6b6a8c6b83d273e42ecc960fdfb174acea3826062
f167267f79edbc5b0916ee78a308824e7b309f97b40103483ec490050e5d004b
f4f14765c93c88d165338fe7e50f03cac5597b7b9788010bd717db6ddb4245b7
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
ff5b869affc9fee89a38dae4b60b2f654a8f3bd938e3846f64caf1167bb645c6

ogolosha.ua Open in urlscan Pro 37.187.135.210 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

162 Requests

86 %HTTPS

67 %IPv6

32 Domains

47 Subdomains

38 IPs

7 Countries

2258 kBTransfer

5451 kBSize

33 Cookies

20 Outgoing links

Page URL History

Redirected requests

162 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ogolosha.ua Open in urlscan Pro
37.187.135.210 Public Scan

Screenshot
Live screenshot

Full Image

162
Requests

86 %
HTTPS

67 %
IPv6

32
Domains

47
Subdomains

38
IPs

7
Countries

2258 kB
Transfer

5451 kB
Size

33
Cookies

162 HTTP transactions
2 data transactions