uchinfo.com.ua Open in urlscan Pro
87.236.16.254 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://uchinfo.com.ua/
Submission: On December 12 via api (December 12th 2022, 5:10:24 am UTC) from GB — Scanned from GB

Summary HTTP 153 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 36 IPs in 6 countries across 33 domains to perform 153 HTTP transactions. The main IP is 87.236.16.254, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is uchinfo.com.ua.

This is the only time uchinfo.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	87.236.16.254 87.236.16.254	198610 (BEGET-AS) (BEGET-AS)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2 22	95.163.37.253 95.163.37.253	47764 (VK-AS) (VK-AS)
13	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::90 2a02:6b8::90	208722 (GLOBAL_DC) (GLOBAL_DC)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7 15	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
1 3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
13	95.163.114.203 95.163.114.203	12695 (DINET-AS) (DINET-AS)
1 1	87.240.129.133 87.240.129.133	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
3	87.240.132.78 87.240.132.78	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
1 2	80.239.201.34 80.239.201.34	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2 2	93.95.102.105 93.95.102.105	48347 (MTW-AS) (MTW-AS)
1	185.26.97.53 185.26.97.53	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	138.201.139.144 138.201.139.144	24940 (HETZNER-AS) (HETZNER-AS)
22	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
18	2a00:1450:400... 2a00:1450:4001:813::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 3	2a02:26f0:480... 2a02:26f0:480:9::210:ee0e	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a03:2880:f04... 2a03:2880:f045:f:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
1	92.63.102.100 92.63.102.100	29182 (RU-JSCIOT) (RU-JSCIOT)
1	62.109.6.15 62.109.6.15	29182 (RU-JSCIOT) (RU-JSCIOT)
1	95.217.109.66 95.217.109.66	24940 (HETZNER-AS) (HETZNER-AS)
1	217.197.112.80 217.197.112.80	20655 (E-STYLEIS...) (E-STYLEISP-AS)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
3	213.254.244.112 213.254.244.112	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2	94.100.180.55 94.100.180.55	47764 (VK-AS) (VK-AS)
2	151.101.64.84 151.101.64.84	54113 (FASTLY) (FASTLY)
2	217.20.155.208 217.20.155.208	47764 (VK-AS) (VK-AS)
153	36

8 87.236.16.254 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.sumo.beget.com

uchinfo.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 95.163.37.253 (Russian Federation) 2 redirects

ASN47764 (VK-AS, RU)
PTR: relap.io

relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.relap.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
relap.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::90 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

bs.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:6b8::1:119 (Moscow, Russian Federation) 7 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation) 1 redirects

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

d4.c9.b6.a1.top.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 95.163.114.203 (Russian Federation)

ASN12695 (DINET-AS, RU)

w.uptolike.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.240.129.133 (Russian Federation) 1 redirects

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv133-129-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 87.240.132.78 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv78-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 80.239.201.34 (Sweden) 1 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 80-239-201-34.teliacarrier-cust.com

mc.webvisor.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.95.102.105 (Russian Federation) 2 redirects

ASN48347 (MTW-AS, RU)
PTR: unspecified.mtw.ru

fcgi4.gnezdo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.26.97.53 (Frankfurt am Main, Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde981.fornex.org

ia-dmp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 138.201.139.144 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de

cm.p.altergeo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:9::210:ee0e (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f045:f:face:b00c:0:8c (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.63.102.100 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1022.ru

cntrsync.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.109.6.15 (Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: belesta1024.ru

supraneet.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.217.109.66 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.66.109.217.95.clients.your-server.de

cdn.smntq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.197.112.80 (Russian Federation)

ASN20655 (E-STYLEISP-AS, RU)
PTR: seopult.ru

af.click.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.112 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-frc.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 94.100.180.55 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: connect.mail.ru

connect.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.64.84 (United States)

ASN54113 (FASTLY, US)

api.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.20.155.208 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: ip208.155.odnoklassniki.ru

connect.ok.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 tpc.googlesyndication.com — Cisco Umbrella Rank: 139	458 KB
21	relap.io 1 redirects relap.io — Cisco Umbrella Rank: 52154 s.relap.io — Cisco Umbrella Rank: 92982	253 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 269	266 KB
13	uptolike.com w.uptolike.com — Cisco Umbrella Rank: 196231	74 KB
12	yandex.ru 5 redirects bs.yandex.ru — Cisco Umbrella Rank: 50772 mc.yandex.ru — Cisco Umbrella Rank: 4242	134 KB
10	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 297	71 KB
8	uchinfo.com.ua uchinfo.com.ua	74 KB
6	doubleverify.com 1 redirects cdn.doubleverify.com — Cisco Umbrella Rank: 429 tps.doubleverify.com — Cisco Umbrella Rank: 454 tpsc-frc.doubleverify.com — Cisco Umbrella Rank: 20684	111 KB
6	mail.ru 2 redirects d4.c9.b6.a1.top.mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 11989 relap.mail.ru — Cisco Umbrella Rank: 81159 connect.mail.ru — Cisco Umbrella Rank: 99587	5 KB
4	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9046	2 KB
4	vk.com 1 redirects vk.com — Cisco Umbrella Rank: 7048	2 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 72	3 KB
2	ok.ru connect.ok.ru — Cisco Umbrella Rank: 39267	4 KB
2	pinterest.com api.pinterest.com — Cisco Umbrella Rank: 2974	526 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	94 KB
2	gnezdo.ru 2 redirects fcgi4.gnezdo.ru — Cisco Umbrella Rank: 83330	633 B
2	webvisor.org 1 redirects mc.webvisor.org — Cisco Umbrella Rank: 30978	862 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 28	20 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	52 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 311 fonts.googleapis.com — Cisco Umbrella Rank: 37	96 KB
1	click.ru af.click.ru — Cisco Umbrella Rank: 263180	1 KB
1	smntq.com cdn.smntq.com — Cisco Umbrella Rank: 211589	490 B
1	supraneet.ru supraneet.ru — Cisco Umbrella Rank: 274494	319 B
1	cntrsync.ru cntrsync.ru — Cisco Umbrella Rank: 271398	319 B
1	atdmt.com ad.atdmt.com — Cisco Umbrella Rank: 3929
1	altergeo.ru 1 redirects cm.p.altergeo.ru — Cisco Umbrella Rank: 104333	528 B
1	ia-dmp.com ia-dmp.com — Cisco Umbrella Rank: 140321	238 B
1	google.de adservice.google.de — Cisco Umbrella Rank: 11832	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 840	694 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 396	85 KB
1	google.com.ua 1 redirects www.google.com.ua — Cisco Umbrella Rank: 24472	325 B
0	yandex.ua Failed mc.yandex.ua Failed
0	cloudfront.net Failed d31j93rd8oukbv.cloudfront.net Failed
153	33

	Domain	Requested by
22	tpc.googlesyndication.com	googleads.g.doubleclick.net uchinfo.com.ua tpc.googlesyndication.com pagead2.googlesyndication.com
20	relap.io	1 redirects uchinfo.com.ua relap.io
18	s0.2mdn.net	uchinfo.com.ua s0.2mdn.net
13	w.uptolike.com	uchinfo.com.ua w.uptolike.com
13	pagead2.googlesyndication.com	uchinfo.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
11	mc.yandex.ru	5 redirects uchinfo.com.ua cdn.jsdelivr.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
8	uchinfo.com.ua	uchinfo.com.ua
4	mc.yandex.com	2 redirects uchinfo.com.ua
4	vk.com	1 redirects uchinfo.com.ua w.uptolike.com
3	cdn.doubleverify.com	1 redirects s0.2mdn.net uchinfo.com.ua
3	www.google.com	1 redirects uchinfo.com.ua tpc.googlesyndication.com
2	connect.ok.ru	w.uptolike.com
2	api.pinterest.com	w.uptolike.com
2	connect.mail.ru	w.uptolike.com
2	tpsc-frc.doubleverify.com	googleads.g.doubleclick.net cdn.doubleverify.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fcgi4.gnezdo.ru	2 redirects
2	mc.webvisor.org	1 redirects uchinfo.com.ua
2	top-fwz1.mail.ru	uchinfo.com.ua
2	www.google-analytics.com	uchinfo.com.ua www.google-analytics.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	fonts.gstatic.com	fonts.googleapis.com
1	af.click.ru	w.uptolike.com
1	cdn.smntq.com	w.uptolike.com
1	supraneet.ru	w.uptolike.com
1	cntrsync.ru	w.uptolike.com
1	ad.atdmt.com	googleads.g.doubleclick.net
1	fonts.googleapis.com	tpc.googlesyndication.com
1	googleads4.g.doubleclick.net	uchinfo.com.ua
1	cm.p.altergeo.ru	1 redirects
1	ia-dmp.com	uchinfo.com.ua
1	relap.mail.ru	1 redirects
1	s.relap.io	relap.io
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	d4.c9.b6.a1.top.mail.ru	1 redirects
1	cdn.jsdelivr.net	uchinfo.com.ua
1	bs.yandex.ru	uchinfo.com.ua
1	www.gstatic.com	uchinfo.com.ua
1	www.google.com.ua	1 redirects
1	ajax.googleapis.com	uchinfo.com.ua
0	mc.yandex.ua Failed	uchinfo.com.ua
0	d31j93rd8oukbv.cloudfront.net Failed	uchinfo.com.ua
153	45

This site contains links to these domains. Also see Links.

Domain
metrika.yandex.ru
top.mail.ru
uptolike.ru
promopult.ru

Subject Issuer	Validity	Valid
uchinfo.com.ua R3	`2022-12-09` - `2023-03-09`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.relap.io GlobalSign RSA OV SSL CA 2018	`2022-08-24` - `2023-09-25`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
uptolike.com R3	`2022-10-23` - `2023-01-21`	3 months	crt.sh
ia-dmp.com R3	`2022-12-08` - `2023-03-08`	3 months	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.doubleverify.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-05` - `2023-07-07`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2022-09-20` - `2022-12-19`	3 months	crt.sh
cntrsync.ru R3	`2022-11-23` - `2023-02-21`	3 months	crt.sh
supraneet.ru R3	`2022-12-04` - `2023-03-04`	3 months	crt.sh
smntq.com R3	`2022-11-18` - `2023-02-16`	3 months	crt.sh
*.click.ru R3	`2022-11-21` - `2023-02-19`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.tps.doubleverify.com Go Daddy Secure Certificate Authority - G2	`2022-09-28` - `2023-10-30`	a year	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-08`	a year	crt.sh
*.ok.ru GlobalSign RSA OV SSL CA 2018	`2022-10-11` - `2023-11-12`	a year	crt.sh

This page contains 19 frames:

Primary Page: http://uchinfo.com.ua/
Frame ID: E430FFA4C3C830E291E285391701AE48
Requests: 48 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html
Frame ID: 8E38BC6BE4E051E0AEE28964BA0009ED
Requests: 1 HTTP requests in this frame

Frame: https://relap.io/v7/relap.js
Frame ID: 220D64460F86F456B78B81E1B42E32D5
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&adk=1812271804&adf=3025194257&lmt=1670821817&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fuchinfo.com.ua%2F&ea=0&pra=5&wgl=1&dt=1670821817321&bpp=3&bdt=615&idt=367&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8201544243553&frm=20&pv=2&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=385
Frame ID: 0BE8E603F0E96648E6BCA80692936932
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=280&slotname=8665141523&adk=4286089063&adf=1529264140&pi=t.ma~as.8665141523&w=728&fwrn=4&fwrnh=100&lmt=1670821817&rafmt=1&format=728x280&url=http%3A%2F%2Fuchinfo.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670821817324&bpp=3&bdt=619&idt=389&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3XMyMvprdW&p=http%3A//uchinfo.com.ua&dtd=395
Frame ID: 0E7446F2BE8EF8ACCECFE94AB83C9D28
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=150&slotname=7467609929&adk=2897559523&adf=2868007232&pi=t.ma~as.7467609929&w=725&lmt=1670821817&format=725x150&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817327&bpp=1&bdt=622&idt=396&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=438&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ZEfbkVAn6G&p=http%3A//uchinfo.com.ua&dtd=401
Frame ID: 4F270A1C5A8C782FFF5CCCF9122D3F5E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=600&slotname=1806198321&adk=3549580170&adf=397168664&pi=t.ma~as.1806198321&w=160&lmt=1670821817&format=160x600&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817422&bpp=2&bdt=716&idt=309&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C725x150&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=JqT6iu61jT&p=http%3A//uchinfo.com.ua&dtd=312
Frame ID: 2AE6C52D7BAE39F2C3D19D9098014777
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=600&slotname=1560677129&adk=2043355264&adf=1586735369&pi=t.ma~as.1560677129&w=160&lmt=1670821817&format=160x600&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817424&bpp=1&bdt=718&idt=312&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C725x150%2C160x600&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1194&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=p83kHT4sDH&p=http%3A//uchinfo.com.ua&dtd=315
Frame ID: A4FCEC5EFC12D6A4A29C8B8E690BB05C
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html
Frame ID: 4282DF8E831ED2C0DA381598E1998AB6
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C820F2D6686A52BADAFD7FE6BC33BEBD
Requests: 2 HTTP requests in this frame

Frame: https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5_bBUjenwJw4wedYO7JurXtuGtd-XUsFBh3EFnyEVRnIGwFHUvOKqADunkSHIYBvq_q8Ba-Dgb55kuCPZHN797lLp2WL-_kzoSyKPTccOOdcpx0Mwv6F3JnORkBfKOv5hopA_foiZM2K3y_VSIsyrUaOLvyPgbBmMgL37iEGXnqFCVqMYpqjxMTgvqK1J2ziPDaFEl4EWzEF2oMaoE_M6Bz9BS-lb945jQjxCUCB8hEHQTCqJr1LQQvOMUn5iEmNLZndgMvUH0laaWF0B31H4S22B9-igPbhmo_zWo7dc8-2eDNWXTgcgzoa_W-ECKcGCmsWM6SAq-4ZnZYYOP-5Z9lMh5AykrEgSjT3EQ52m13dh7Cx8EjXBA0kR9DOVm6ifF606QbA-MG1l-o-0im_L2v_awaF2_QKC5HDkeHBS-NjoQt16UVK3A7uifedheDn6RY8360klT_p3_eNx7f-qKNLGTx93GwK2kEVpruO_xnbTNzC-H6lhlDIsRg3fBaizFl6yDa9G4Q7OfT2esbxRzyQ9UJLCJaP3qtm1umZhwIInjBxBsrbotYucz_KWjTLN3FckUGg-l_1YBp2F_R2J_gJOqWwFEJkbj5waQZjEsuER4t5REc0b9Iu39RRGO5JUSAYYCZQCQygp1r9H4BqgkpIGywlGdF6zBiBU1Ua7oCQS3mx02tH2zPPNEc-_xsj22ZvWZZi3jSaPZhpESLgHke8tHSg4VQf_YfIrDM3SDpYcveuY0xQJYZtKDV_g0ErMApqa_vE4r6q7nHVTxrh17YWkktHwd9-wz1v95WGrKd1K68y1-nsgx6AL7Nc_NwzOmPgMpwo2hw-i79EP7BXGlgG3GFtBDxYt-eLXmJf0NChnIiYs9lDSpYbSMKTojgsu1bvmfF5xhXHz6ASpTiqDMS2TAaLuCPp6cHKtr0KFir3NLt8iKkeu5cNUqlPgZk5se243eDUQ3JYZkHG6PBG7pa2D1_-ykNC75A&sai=AMfl-YTPfXR3_u7M991enc50lXIq-X3zlAluuM6F7VIqRGPqSqjEFoAAernCTjr4vVcVuYE8uUn5st0y2JjnCZ8Vh_jzZGtJAhWKZV3F4R5bafWYL3_MKDTUlKaN9ph78zvNddtld0fq4NJjqTx41QZ3HikOoBMQYIfYhWRyoXzAuImsF-T1-zJdS0Qov-SlZnW0j95slfD6j_4otxI4fyZ7wBPYlSqSotSKltqMJjrYud4ZrVBdXPKRMg&sig=Cg0ArKJSzPhAFpPc1s69EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Frame ID: 17C1B7CA48A3BB41D5AFDE5D2500262F
Requests: 13 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: AAD3171B8AE7FE1BF1FFBE49BACD064D
Requests: 13 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Frame ID: 1A24FA3A85AC42799C39E6B983B6146D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F0205C38981C8646CA636340E1078E56
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
Frame ID: C292488C49C3F61CA18BF52D2FD0835D
Requests: 18 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements3317.js
Frame ID: 484D032B32B8428A167BA101666CD9F0
Requests: 4 HTTP requests in this frame

Frame: https://w.uptolike.com/widgets/v1/zp/support.html
Frame ID: 54D249B5955A2635252BEF6AA958DC2D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 7CDA56F6497F713FF8E69FEED5467CC6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 45CCD7884E75A9191820683035E32194
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Уроки информатики

Detected technologies

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

153
Requests

85 %
HTTPS

51 %
IPv6

33
Domains

45
Subdomains

36
IPs

6
Countries

1803 kB
Transfer

5223 kB
Size

49
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://metrika.yandex.ru/stat/?id=27035070&from=informer

Search URL Search Domain Scan URL

URL: https://top.mail.ru/jump?from=1479756

Search URL Search Domain Scan URL

URL: http://uptolike.ru/?ref=widgets_popup&lng=
Title: Uptolike

Search URL Search Domain Scan URL

URL: http://uptolike.ru/?ref=widgets_popup&lng=ru

Search URL Search Domain Scan URL

URL: https://promopult.ru/ref/9c0d1fe44f8f79c7

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://relap.io/api/v6/head.js?token=nOScmByYrtUoinF0 HTTP 301
https://relap.io/v7/relap.js?token=nOScmByYrtUoinF0

Request Chain 7

https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 10

http://www.google-analytics.com/analytics.js HTTP 307
https://www.google-analytics.com/analytics.js

Request Chain 16

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A740257780061%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A184506128%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Ast%3A1670821817&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A740257780061%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A184506128%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Ast%3A1670821817&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 17

https://mc.yandex.ru/watch/27035070?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A296557785154%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A891538173%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Arqnl%3A1%3Ast%3A1670821817%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/27035070/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A296557785154%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A891538173%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Arqnl%3A1%3Ast%3A1670821817%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 21

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 22

https://d4.c9.b6.a1.top.mail.ru/counter?id=1479756;t=54;js=13;r=;j=false;s=1600*1200;d=24;rand=0.85053765239938 HTTP 302
https://top-fwz1.mail.ru/counter?id=1479756;t=54;js=13;r=;j=false;s=1600*1200;d=24;rand=0.85053765239938

Request Chain 24

http://vk.com/rtrg?r=Xqkta7x23P2yV2FjgrzlpHaXjKV4AuslbpvGeB16/N**KC9AmtZUllON1PIedgg/A80mKCv0/GknPH9abp*ZT/4Tu09AyWaIfs2gGbyyTx/yiJqSSQ5fA8IB5K8Vz1ALlKZGaIRALo7a355w*OZa3ChW0X0x7XlPijX3Y1nYI7Q- HTTP 301
https://vk.com/rtrg?r=Xqkta7x23P2yV2FjgrzlpHaXjKV4AuslbpvGeB16/N**KC9AmtZUllON1PIedgg/A80mKCv0/GknPH9abp*ZT/4Tu09AyWaIfs2gGbyyTx/yiJqSSQ5fA8IB5K8Vz1ALlKZGaIRALo7a355w*OZa3ChW0X0x7XlPijX3Y1nYI7Q-

Request Chain 28

https://mc.webvisor.org/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9850.mW-Bl-Wk9Rqk66luviiKw_silzOsgZXkBl7MFXHmXcoXHGknqO_sXeMKMqlbC0yp.sbhw-ZodhcWJOXKq8vU-uOKCQXQ%2C HTTP 302
https://mc.webvisor.org/sync_cookie_image_decide?token=9850.FlMVLL2c0An7I_TDCduPEdr7oMvNpSZfm1_2VpOfsNghkD-i-ZqjcoWtdEkODhws7M7c68_q2zC_otZNnlpsVv4lqbv52QNyt1US1we7v55epCFuMlwDj6D8O4UsH2k6CWEzx9sv1eBiXUyrQItnnfQiJ278H3OcIzD4PKPDo_itoVl_qT_uwc81D-raa6mvP7xEDDZdr5JNdo6qZk4eeJck_ro0Ywwak63fnF3pbU4%2C.At79-kB9_75YlzA78lrzHpwBPkU%2C

Request Chain 55

https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/r1xjiQfw HTTP 302
https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/r1xjiQfw/?redirect=1 HTTP 302
https://relap.mail.ru/partners/gnezdocs?uid=XV9maWOWt7qayZs3CUHPAg== HTTP 302
https://relap.io/partners/gnezdocs?uid=XV9maWOWt7qayZs3CUHPAg%3D%3D

Request Chain 57

https://cm.p.altergeo.ru/relap?aid=r1xjiQfw&nc=O5H3Cgyc&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D HTTP 302
https://relap.io/partners/altergeocs?uid=CMtTIPgmFYRZqAnuM8GgNKJg==

Request Chain 79

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 94

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9850.Ivbq3R05YxWnzgIGhQMx2FyUoMiyPN4GOcRh5mOlQcUthUpXfNF3C0m0FBGttO1w.NwrHw73HLuoTW9789PnN70lfgM8%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9850.HGHq4B5NN4-GPePw7UyA2CcV7B1pCQiR-C_UbkRrUEoN-GMnar3-4g6zYJKWT9zvIk3t7GQDXZh4Hr-aCsX6FV96Z-0eC1o--Y9fi_cRoKsxI550eBdtt1D4-w8KggAwGRTLOYiUQ1fTuYSEnx8_r-Pu08DqJ76PADz7N5-dXKRnSwaHi4vXA_myfa4LdmnrO6H9ezEbjJ7DXcY-HdjaIbuyPvckEPhtlWDXjCy7p7E%2C.JpCddlDYAJXhRm101GP_QhX0ivQ%2C

Request Chain 113

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A4%3Adp%3A0%3Als%3A477804107124%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051018%3Aet%3A1670821819%3Ac%3A1%3Arn%3A659452476%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C730%2C10%2C%2C%2C%2C1412%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1670821816020%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670821819%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)lt(5500)aw(1)ecs(1)ti(2) HTTP 302
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A4%3Adp%3A0%3Als%3A477804107124%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051018%3Aet%3A1670821819%3Ac%3A1%3Arn%3A659452476%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C730%2C10%2C%2C%2C%2C1412%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1670821816020%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670821819%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29lt%285500%29aw%281%29ecs%281%29ti%282%29

Request Chain 128

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=b35a0ee633564c4fa4c204c603485023&dup=&cbust=1670821819856529 HTTP 302
https://tpsc-frc.doubleverify.com/event.png?impid=b35a0ee633564c4fa4c204c603485023&akipv6=2a01:4a0:2c::7&dup=

153 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
uchinfo.com.ua/ 18 KB
7 KB 679ms
135ms Document
text/html 87.236.16.254
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://uchinfo.com.ua/
Protocol: HTTP/1.1
Server: 87.236.16.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.sumo.beget.com
Software: nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash: 2da066561313ddb9a16022853e55b14cbf349fae0f231412ad9ce1e45196051a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Mon, 12 Dec 2022 05:10:16 GMT
Keep-Alive: timeout=30
Server: nginx-reuseport/1.21.1
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40

GET
H2 200 left_content_right.css
uchinfo.com.ua/css/ 1 KB
777 B 315ms
102ms Stylesheet
text/css 87.236.16.254
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uchinfo.com.ua/css/left_content_right.css
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.sumo.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: be12e84a82c40bc0b087f63d836b91ed1599d91bba73e06968605375d5138649

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:16 GMT
content-encoding: gzip
last-modified: Tue, 15 Jan 2019 13:48:13 GMT
server: nginx-reuseport/1.21.1
etag: W/"5c3de49d-59c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 19 Dec 2022 05:10:16 GMT

GET
H2 200 nano_default.css
uchinfo.com.ua/css/ 10 KB
3 KB 316ms
102ms Stylesheet
text/css 87.236.16.254
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://uchinfo.com.ua/css/nano_default.css
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.sumo.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: bbbd7c7c871d3bab4497a5f5586fc6b52f969fd624b6e3e4a8a91b11567909be

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:16 GMT
content-encoding: gzip
last-modified: Thu, 28 Dec 2017 10:12:03 GMT
server: nginx-reuseport/1.21.1
etag: W/"5a44c373-277a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Mon, 19 Dec 2022 05:10:16 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
94 KB 176ms
54ms Script
text/javascript 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 02:20:54 GMT
x-content-type-options: nosniff
age: 10162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95992
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Dec 2023 02:20:54 GMT

GET
H2

200

relap.js Show response
relap.io/v7/
Redirect Chain

https://relap.io/api/v6/head.js?token=nOScmByYrtUoinF0
https://relap.io/v7/relap.js?token=nOScmByYrtUoinF0

54 KB
17 KB

91ms
89ms

Script
application/javascript

95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js?token=nOScmByYrtUoinF0

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

a59e0af079a0f1aff9d51c1e7e41e339e66dc8b1d5ffceff54661aafc4bea533

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
strict-transport-security: max-age=5184000; includeSubdomains;
last-modified: Thu, 08 Dec 2022 05:41:21 GMT
server: nginx
etag: "63917901-4318"
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 17176
expires: Mon, 12 Dec 2022 05:11:17 GMT

Redirect headers

location: /v7/relap.js?token=nOScmByYrtUoinF0
date: Mon, 12 Dec 2022 05:10:17 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
server: nginx
content-length: 0

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
51 KB 134ms
73ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3a943ad9951d54a20b420b0d5a2a4c5c9dc1a3a17ec57da4920f24f145385d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:17 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 52063
X-XSS-Protection: 0
Server: cafe
ETag: 5174905280908907374
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Mon, 12 Dec 2022 05:10:17 GMT

GET
H/1.1 200
OK uchinfo.jpg
uchinfo.com.ua/image/ 23 KB
23 KB 104ms
102ms Image
image/jpeg 87.236.16.254
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uchinfo.com.ua/image/uchinfo.jpg
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: HTTP/1.1
Server: 87.236.16.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.sumo.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d2bf56d119171034dbc01dbb929f251f96a15e7acc664ed373ed1deddea732f6

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:17 GMT
Last-Modified: Sat, 11 Oct 2014 04:33:01 GMT
Server: nginx-reuseport/1.21.1
ETag: "5438b2fd-5a5a"
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 23130
Expires: Wed, 11 Jan 2023 05:10:17 GMT

GET
H2 200 bookm.png
uchinfo.com.ua/img/ 15 KB
15 KB 120ms
118ms Image
image/png 87.236.16.254
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uchinfo.com.ua/img/bookm.png
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.sumo.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 9044043912944584d5351015e51e898521aba4ed88f5fc5c6b9d12cf40d1f16b

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
last-modified: Wed, 25 Nov 2015 12:32:47 GMT
server: nginx-reuseport/1.21.1
etag: "5655aa6f-3ba3"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15267
expires: Wed, 11 Jan 2023 05:10:17 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

https://www.google.com.ua/coop/cse/brand?form=cse-search-box&lang=ru
https://www.gstatic.com/prose/brandjs.js

14 KB
6 KB

171ms
54ms

Script
text/javascript

2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 00:58:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15124
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5807
x-xss-protection: 0
last-modified: Tue, 06 Apr 2021 15:14:29 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Tue, 13 Dec 2022 00:58:13 GMT

Redirect headers

date: Mon, 12 Dec 2022 04:47:42 GMT
x-content-type-options: nosniff
server: sffe
age: 1355
content-type: text/html; charset=UTF-8
location: https://www.gstatic.com/prose/brandjs.js
cache-control: public, max-age=1800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
expires: Mon, 12 Dec 2022 05:17:42 GMT

GET
H/1.1 404
Not Found 3_1_FFFFFFFF_EFEFEFFF_0_pageviews
bs.yandex.ru/informer/27035070/ 10 B
340 B 253ms
97ms Image
text/plain 2a02:6b8::90
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://bs.yandex.ru/informer/27035070/3_1_FFFFFFFF_EFEFEFFF_0_pageviews

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

HTTP/1.1

Server

2a02:6b8::90 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:17 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Content-Type: text/plain; charset=UTF-8
P3P: CP="NOI DEVa TAIa OUR BUS UNI STA"
Timing-Allow-Origin: *
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK 18pl.png
uchinfo.com.ua/img/ 2 KB
2 KB 108ms
106ms Image
image/png 87.236.16.254
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://uchinfo.com.ua/img/18pl.png
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: HTTP/1.1
Server: 87.236.16.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.sumo.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2e5165f975a9ad1497a399a7b02a3dfbf4fc14abcf6044d8a75c923ebcc1ea7d

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:17 GMT
Last-Modified: Fri, 23 Mar 2018 11:02:21 GMT
Server: nginx-reuseport/1.21.1
ETag: "5ab4debd-848"
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=30
Content-Length: 2120
Expires: Wed, 11 Jan 2023 05:10:17 GMT

GET
H2

200

analytics.js Show response
www.google-analytics.com/
Redirect Chain

http://www.google-analytics.com/analytics.js
https://www.google-analytics.com/analytics.js

49 KB
20 KB

179ms
57ms

Script
text/javascript

2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 12 Dec 2022 03:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6871
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Mon, 12 Dec 2022 05:15:46 GMT

Redirect headers

Location: https://www.google-analytics.com/analytics.js
Non-Authoritative-Reason: HSTS
Cross-Origin-Resource-Policy: Cross-Origin

GET
H2 200 tag.js Show response
cdn.jsdelivr.net/npm/yandex-metrica-watch/ 211 KB
85 KB 157ms
57ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9418fa386b30c9844c9b25831f0cf6b0349ade98edd18d756ff4cd3f48420966

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 18452
x-jsd-version: 1.253.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230060-FRA, cache-yyz4565-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"34dc7-QN+lYHnjJ+PpkS6+fgpqfPCXGHE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFSBSSwZ0NA%2BDk9vCLiIZS2Gx7%2BOmddTbzXFJ5x6HiJu0yNqZ%2FEeEQvLiFQIJExSUB4Z1hr9lIa6iCJNnD3S78P%2FQEi9iuRCBOOeGiAdsGYmMoxkf3TYSbqKOkEMRtp3puRMHUj00eYX5SCd974%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 7783f3e54b6b76bd-LHR

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
72 KB 428ms
194ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

f0bfa347530a3b4724c4778982581a448a01c3051cfa4e25eefea88b769abdef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Dec 2022 11:09:06 GMT
etag: "6392ed22-11fad"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73645
expires: Mon, 12 Dec 2022 06:10:17 GMT

GET
H2 200 mtop.png
uchinfo.com.ua/i/ 267 B
453 B 119ms
119ms Image
image/png 87.236.16.254
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uchinfo.com.ua/i/mtop.png
Requested by: Host: uchinfo.com.ua
URL: https://uchinfo.com.ua/css/nano_default.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.sumo.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7d4664eb215eb5de157d3505f2d128769700e217d417982326bda584d841de8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://uchinfo.com.ua/css/nano_default.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
last-modified: Sat, 11 Oct 2014 04:31:52 GMT
server: nginx-reuseport/1.21.1
etag: "5438b2b8-10b"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 267
expires: Wed, 11 Jan 2023 05:10:17 GMT

GET watch_ua.js
d31j93rd8oukbv.cloudfront.net/metrika/ 0
0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
205 B 64ms
64ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=120283779&t=pageview&_s=1&dl=http%3A%2F%2Fuchinfo.com.ua%2F&ul=en-us&de=windows-1251&dt=%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1713627291&gjid=808931234&cid=1793492060.1670821817&tid=UA-58707128-1&_gid=745638030.1670821817&_r=1&_slc=1&z=992980789

Requested by

Host: www.google-analytics.com
URL: http://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://uchinfo.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:17 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://uchinfo.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/3/
Redirect Chain

https://mc.yandex.ru/watch/3?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&page-ref=&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%...
https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala...

264 B
299 B

103ms
101ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/3/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A740257780061%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A184506128%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Ast%3A1670821817&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

10a47c587656afad583fe46cc5e93994ebdeb08b0cf0b9dc16b7b8970238bb3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 12-Dec-2022 05:10:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://uchinfo.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 264
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 05:10:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:17 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 12-Dec-2022 05:10:17 GMT
location: /watch/3/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&page-ref&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A2%3Adp%3A0%3Als%3A740257780061%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A184506128%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Ast%3A1670821817&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://uchinfo.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 05:10:17 GMT

GET
H2

200

1 Show response
mc.yandex.ru/watch/27035070/
Redirect Chain

https://mc.yandex.ru/watch/27035070?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Ae...
https://mc.yandex.ru/watch/27035070/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3...

428 B
537 B

99ms
98ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/27035070/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A296557785154%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A891538173%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Arqnl%3A1%3Ast%3A1670821817%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

69892f6e7ffe7a0e978c7f3503719b27ae654757996cfc2220031d75b8313c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 12-Dec-2022 05:10:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://uchinfo.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 428
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 05:10:17 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:17 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 12-Dec-2022 05:10:17 GMT
location: /watch/27035070/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A296557785154%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A891538173%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Arqnl%3A1%3Ast%3A1670821817%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: http://uchinfo.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 05:10:17 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/ 356 KB
118 KB 212ms
96ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9822521094126336&plah=uchinfo.com.ua&bust=31071219

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21f3b0554c4bd505971a2dc8cb5cb12622c6792ee9d64583458547a2412939b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119970
x-xss-protection: 0
server: cafe
etag: 17004454458805292640
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 05:10:17 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/ Frame 8E38 10 KB
5 KB 180ms
56ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221206/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 54892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 13:55:25 GMT
etag: 10353107486223812946
expires: Sun, 25 Dec 2022 13:55:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
2 KB 179ms
56ms Image
image/png 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 08:46:06 GMT
x-content-type-options: nosniff
age: 505451
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
report-to: {"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="prose-team"
expires: Wed, 06 Dec 2023 08:46:06 GMT

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

162 KB
57 KB

99ms
98ms

Script
application/javascript

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

63c5cd29f58c48289d6023748334dda62503bb7b56c8f2a28b7890b5147f64e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Dec 2022 11:09:06 GMT
etag: "6392ed22-e328"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 58152
expires: Mon, 12 Dec 2022 06:10:17 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H2

200

counter
top-fwz1.mail.ru/
Redirect Chain

https://d4.c9.b6.a1.top.mail.ru/counter?id=1479756;t=54;js=13;r=;j=false;s=1600*1200;d=24;rand=0.85053765239938
https://top-fwz1.mail.ru/counter?id=1479756;t=54;js=13;r=;j=false;s=1600*1200;d=24;rand=0.85053765239938

632 B
2 KB

270ms
88ms

Image
image/gif

95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=1479756;t=54;js=13;r=;j=false;s=1600*1200;d=24;rand=0.85053765239938

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

b77d6e848d3bf71cc3c269d9f0fdfde8d74d03bb78f28ecfccf0e10d34fa0f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 632
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

Redirect headers

date: Mon, 12 Dec 2022 05:10:17 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 0
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
accept-ch-lifetime: 86400
location: https://top-fwz1.mail.ru/counter?id=1479756;t=54;js=13;r=;j=false;s=1600*1200;d=24;rand=0.85053765239938
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK uptolike.js Show response
w.uptolike.com/widgets/v1/ 21 KB
9 KB 297ms
100ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://w.uptolike.com/widgets/v1/uptolike.js
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: HTTP/1.1
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:17 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Expires: Mon, 12 Dec 2022 05:40:17 GMT

GET
H2

200

rtrg
vk.com/
Redirect Chain

http://vk.com/rtrg?r=Xqkta7x23P2yV2FjgrzlpHaXjKV4AuslbpvGeB16/N**KC9AmtZUllON1PIedgg/A80mKCv0/GknPH9abp*ZT/4Tu09AyWaIfs2gGbyyTx/yiJqSSQ5fA8IB5K8Vz1ALlKZGaIRALo7a355w*OZa3ChW0X0x7XlPijX3Y1nYI7Q-
https://vk.com/rtrg?r=Xqkta7x23P2yV2FjgrzlpHaXjKV4AuslbpvGeB16/N**KC9AmtZUllON1PIedgg/A80mKCv0/GknPH9abp*ZT/4Tu09AyWaIfs2gGbyyTx/yiJqSSQ5fA8IB5K8Vz1ALlKZGaIRALo7a355w*OZa3ChW0X0x7XlPijX3Y1nYI7Q-

49 B
577 B

307ms
100ms

Image
image/gif

87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?r=Xqkta7x23P2yV2FjgrzlpHaXjKV4AuslbpvGeB16/N**KC9AmtZUllON1PIedgg/A80mKCv0/GknPH9abp*ZT/4Tu09AyWaIfs2gGbyyTx/yiJqSSQ5fA8IB5K8Vz1ALlKZGaIRALo7a355w*OZa3ChW0X0x7XlPijX3Y1nYI7Q-

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112830

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112830
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

Redirect headers

Date: Mon, 12 Dec 2022 05:10:17 GMT
X-Frontend: front623304
Server: kittenx
Content-Type: text/html
Location: https://vk.com/rtrg?r=Xqkta7x23P2yV2FjgrzlpHaXjKV4AuslbpvGeB16/N**KC9AmtZUllON1PIedgg/A80mKCv0/GknPH9abp*ZT/4Tu09AyWaIfs2gGbyyTx/yiJqSSQ5fA8IB5K8Vz1ALlKZGaIRALo7a355w*OZa3ChW0X0x7XlPijX3Y1nYI7Q-
Access-Control-Expose-Headers: X-Frontend
Connection: keep-alive
Content-Length: 164

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 136ms
135ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 09 Dec 2022 11:09:06 GMT
etag: "6392ed22-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Mon, 12 Dec 2022 06:10:17 GMT

GET
H2 200 titlenew.jpg
uchinfo.com.ua/i/ 22 KB
22 KB 103ms
102ms Image
image/jpeg 87.236.16.254
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uchinfo.com.ua/i/titlenew.jpg
Requested by: Host: uchinfo.com.ua
URL: https://uchinfo.com.ua/css/left_content_right.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.254 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.sumo.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a5d6e95495623b4f8bce52c0fcbb207f3f2050177ea4d33ddb731a82c6e924fc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://uchinfo.com.ua/css/left_content_right.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
last-modified: Sat, 11 Oct 2014 04:31:52 GMT
server: nginx-reuseport/1.21.1
etag: "5438b2b8-5929"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 22825
expires: Wed, 11 Jan 2023 05:10:17 GMT

GET
H2 200 relap.js Show response
relap.io/v7/ Frame 220D 54 KB
17 KB 89ms
88ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/v7/relap.js

Requested by

Host: relap.io
URL: https://relap.io/api/v6/head.js?token=nOScmByYrtUoinF0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

a59e0af079a0f1aff9d51c1e7e41e339e66dc8b1d5ffceff54661aafc4bea533

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
strict-transport-security: max-age=5184000; includeSubdomains;
last-modified: Thu, 08 Dec 2022 05:41:21 GMT
server: nginx
etag: "63917901-4318"
content-type: application/javascript; charset=utf-8
cache-control: max-age=60
content-length: 17176
expires: Mon, 12 Dec 2022 05:11:17 GMT

GET
H2

200

sync_cookie_image_decide
mc.webvisor.org/
Redirect Chain

https://mc.webvisor.org/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.webvisor.org&token=9850.mW-Bl-Wk9Rqk66luviiKw_silzOsgZXkBl7MFXHmXcoXHGknqO_sXeMKMqlbC0yp.sbhw-ZodhcWJOXKq8vU-uOKCQXQ%2C
https://mc.webvisor.org/sync_cookie_image_decide?token=9850.FlMVLL2c0An7I_TDCduPEdr7oMvNpSZfm1_2VpOfsNghkD-i-ZqjcoWtdEkODhws7M7c68_q2zC_otZNnlpsVv4lqbv52QNyt1US1we7v55epCFuMlwDj6D8O4UsH2k6CWEzx9sv1...

43 B
507 B

99ms
99ms

Image
image/gif

80.239.201.34
TWELVE99 Arelion

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.webvisor.org/sync_cookie_image_decide?token=9850.FlMVLL2c0An7I_TDCduPEdr7oMvNpSZfm1_2VpOfsNghkD-i-ZqjcoWtdEkODhws7M7c68_q2zC_otZNnlpsVv4lqbv52QNyt1US1we7v55epCFuMlwDj6D8O4UsH2k6CWEzx9sv1eBiXUyrQItnnfQiJ278H3OcIzD4PKPDo_itoVl_qT_uwc81D-raa6mvP7xEDDZdr5JNdo6qZk4eeJck_ro0Ywwak63fnF3pbU4%2C.At79-kB9_75YlzA78lrzHpwBPkU%2C

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

80.239.201.34 , Sweden, ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE),

Reverse DNS

80-239-201-34.teliacarrier-cust.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.webvisor.org/sync_cookie_image_decide?token=9850.FlMVLL2c0An7I_TDCduPEdr7oMvNpSZfm1_2VpOfsNghkD-i-ZqjcoWtdEkODhws7M7c68_q2zC_otZNnlpsVv4lqbv52QNyt1US1we7v55epCFuMlwDj6D8O4UsH2k6CWEzx9sv1eBiXUyrQItnnfQiJ278H3OcIzD4PKPDo_itoVl_qT_uwc81D-raa6mvP7xEDDZdr5JNdo6qZk4eeJck_ro0Ywwak63fnF3pbU4%2C.At79-kB9_75YlzA78lrzHpwBPkU%2C
date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET sync_cookie_image_check
mc.yandex.ua/ 0
0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 395 B
694 B 201ms
65ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=uchinfo.com.ua&callback=_gfp_s_&client=ca-pub-9822521094126336&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212050101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9822521094126336&plah=uchinfo.com.ua&bust=31071219

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

780676be17f05546c6d72b96e39064520b1dbac3d44fe6bd55cb024202ce6bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 266ms
64ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=uchinfo.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 201ms
71ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=uchinfo.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0BE8 0
19 B 334ms
102ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&adk=1812271804&adf=3025194257&lmt=1670821817&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=http%3A%2F%2Fuchinfo.com.ua%2F&ea=0&pra=5&wgl=1&dt=1670821817321&bpp=3&bdt=615&idt=367&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8201544243553&frm=20&pv=2&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=385

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 05:10:18 GMT
expires: Mon, 12 Dec 2022 05:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0E74 113 KB
39 KB 688ms
457ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=280&slotname=8665141523&adk=4286089063&adf=1529264140&pi=t.ma~as.8665141523&w=728&fwrn=4&fwrnh=100&lmt=1670821817&rafmt=1&format=728x280&url=http%3A%2F%2Fuchinfo.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670821817324&bpp=3&bdt=619&idt=389&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3XMyMvprdW&p=http%3A//uchinfo.com.ua&dtd=395

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b779c1419a06e2472734389e8c8b7f631e1708cc69bf93312bd9f5b06b8ea428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 40354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 05:10:18 GMT
expires: Mon, 12 Dec 2022 05:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4F27 430 B
229 B 391ms
160ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=150&slotname=7467609929&adk=2897559523&adf=2868007232&pi=t.ma~as.7467609929&w=725&lmt=1670821817&format=725x150&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817327&bpp=1&bdt=622&idt=396&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=438&ady=1937&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=ZEfbkVAn6G&p=http%3A//uchinfo.com.ua&dtd=401

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd249afd61e6713d97966314c7f6907f257830e61c01701550f4b27e4f53295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 206
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 05:10:18 GMT
expires: Mon, 12 Dec 2022 05:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2AE6 430 B
228 B 459ms
229ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=600&slotname=1806198321&adk=3549580170&adf=397168664&pi=t.ma~as.1806198321&w=160&lmt=1670821817&format=160x600&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817422&bpp=2&bdt=716&idt=309&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C725x150&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=250&ady=974&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=4&uci=a!4&fsb=1&xpc=JqT6iu61jT&p=http%3A//uchinfo.com.ua&dtd=312

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e4b9e999b72a5b10a4ac22536e3c1199747c7bc0e9d325bd061bad340e47d0a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 205
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 05:10:18 GMT
expires: Mon, 12 Dec 2022 05:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A4FC 80 KB
26 KB 599ms
369ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=600&slotname=1560677129&adk=2043355264&adf=1586735369&pi=t.ma~as.1560677129&w=160&lmt=1670821817&format=160x600&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817424&bpp=1&bdt=718&idt=312&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C725x150%2C160x600&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1194&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=p83kHT4sDH&p=http%3A//uchinfo.com.ua&dtd=315

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

61e97d5b753b6f12625d7d69024bd7f9141329f98fe3c862f8e9fb10f9b4537f

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CObCzaeo8_sCFVDvEQgdzO0LiA&gqi=ureWY821BZaD9u8Phre2-Aw&layout=/sadbundle/%24csp%253Der3%24/4687128324995022848/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 27097
content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CObCzaeo8_sCFVDvEQgdzO0LiA&gqi=ureWY821BZaD9u8Phre2-Aw&layout=/sadbundle/%24csp%253Der3%24/4687128324995022848/index.html
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 05:10:18 GMT
expires: Mon, 12 Dec 2022 05:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 app_index.9c45e68f243bcda08a26.js Show response
relap.io/v7/ Frame 220D 59 KB
20 KB 90ms
88ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/app_index.9c45e68f243bcda08a26.js
Requested by: Host: relap.io
URL: https://relap.io/v7/relap.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 3be77a5a009a7cde3989885fef2379a0969a56361186a3324763868a4839576d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
last-modified: Thu, 08 Dec 2022 05:41:21 GMT
server: nginx
etag: "63917901-4de7"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 19943
expires: Wed, 11 Jan 2023 05:10:17 GMT

GET
H2 200 init Show response
relap.io/api/v7/ Frame 220D 3 KB
1 KB 108ms
108ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=nOScmByYrtUoinF0&url=http%3A%2F%2Fuchinfo.com.ua%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

aced1a19563b185e8747c0942daccd24f10f3fcda4a897f98fd36001cb7e356b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://uchinfo.com.ua
x-relap-cookie: rlprp=M9jcIg:YF-NAA
access-control-expose-headers: X-Relap-Cookie
x-server: back26
access-control-allow-credentials: true
vary: Origin
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID

GET
H2 200 ext_cfgs Show response
relap.io/api/v7/ Frame 220D 570 B
1 KB 122ms
121ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=nOScmByYrtUoinF0&url=http%3A%2F%2Fuchinfo.com.ua%2F

Requested by

Host: relap.io
URL: https://relap.io/v7/relap.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

697f20c291baf46e886ce0f7e121a9dec8a3782620360e88e08f128d5b487ce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
vary: Origin
access-control-max-age: 1728000
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://uchinfo.com.ua
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-credentials: true
x-server: back20
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
content-length: 570
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK version.js Show response
w.uptolike.com/widgets/v1/ 70 B
844 B 398ms
97ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/version.js?cb=cb__utl_cb_share_1670821817758720
Requested by: Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 81d7621f6f4bd861bfa99b03060a59c44748d722412d7d9b82bef4e7c7dbcea9

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 05:10:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Wed, 23 Nov 2022 19:31:36 GMT

GET
H2 200 88795494 Show response
mc.yandex.ru/watch/ 435 B
582 B 98ms
98ms XHR
application/json 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/88795494?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A1931hwv4ldos2hv9k9dzvr%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A943%3Acn%3A3%3Adp%3A0%3Als%3A1368478287153%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051017%3Aet%3A1670821817%3Ac%3A1%3Arn%3A136422698%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1670821816020%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670821818%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2)

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yandex-metrica-watch/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

1ee8620ffcc6639a20e8c8463fb7987a52b37a746f1fd0c4016b6e47e87ad8aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 12-Dec-2022 05:10:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://uchinfo.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 05:10:17 GMT

OPTIONS
H2 200 init
relap.io/api/v7/ Frame 0
0 395ms
101ms Preflight
text/html 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/init?token=nOScmByYrtUoinF0&url=http%3A%2F%2Fuchinfo.com.ua%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://uchinfo.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: http://uchinfo.com.ua
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Mon, 12 Dec 2022 05:10:18 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back22
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

OPTIONS
H2 200 ext_cfgs
relap.io/api/v7/ Frame 0
0 394ms
101ms Preflight
text/html 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/ext_cfgs?token=nOScmByYrtUoinF0&url=http%3A%2F%2Fuchinfo.com.ua%2F

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: http://uchinfo.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: http://uchinfo.com.ua
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Mon, 12 Dec 2022 05:10:18 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back24
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 common_core.e1b4c1be114adfe8aeca.js Show response
relap.io/v7/ Frame 220D 331 KB
71 KB 89ms
88ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/common_core.e1b4c1be114adfe8aeca.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.9c45e68f243bcda08a26.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: c656d4355fa039fda2a2cfcb1e60bcc52e4cae212ebad51647b73ab96bee900f

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
last-modified: Thu, 08 Dec 2022 05:41:21 GMT
server: nginx
etag: "63917901-11944"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 72004
expires: Wed, 11 Jan 2023 05:10:17 GMT

GET
H2 200 vendor.da22aba93c3eb451c34d.js Show response
relap.io/v7/ Frame 220D 423 KB
116 KB 177ms
176ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/vendor.da22aba93c3eb451c34d.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.9c45e68f243bcda08a26.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 1e76749f0d1334b98923fc2d9fdfa9d5ae99b2c0be7004f34ffd65c12f952f4d

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
last-modified: Thu, 08 Dec 2022 05:41:21 GMT
server: nginx
etag: "63917901-1cc4f"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 117839
expires: Wed, 11 Jan 2023 05:10:17 GMT

GET
H2 200 app.6a625fd3b55b53e59caf.js Show response
relap.io/v7/ Frame 220D 52 KB
6 KB 177ms
177ms Script
application/javascript 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://relap.io/v7/app.6a625fd3b55b53e59caf.js
Requested by: Host: relap.io
URL: https://relap.io/v7/app_index.9c45e68f243bcda08a26.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 0908d8b4c9a6020aad8a26dd2aab6be4bcdde18264ef53732a3d73bd7bc5290b

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:17 GMT
content-encoding: br
last-modified: Thu, 08 Dec 2022 05:41:21 GMT
server: nginx
etag: "63917901-159d"
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-CSRF-TOKEN
content-length: 5533
expires: Wed, 11 Jan 2023 05:10:17 GMT

OPTIONS
H2 200 metrics
relap.io/api/v7/ Frame 0
0 96ms
96ms Preflight
text/html 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://uchinfo.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: http://uchinfo.com.ua
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Mon, 12 Dec 2022 05:10:18 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back04
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

POST
H2 200 / Show response
s.relap.io/api/8/envelope/ Frame 220D 2 B
175 B 253ms
96ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.relap.io/api/8/envelope/?sentry_key=de87b3f4168749e8889e7f7049c29c5d&sentry_version=7&sentry_client=sentry.javascript.react%2F7.15.0
Requested by: Host: relap.io
URL: https://relap.io/v7/vendor.da22aba93c3eb451c34d.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),
Reverse DNS: relap.io
Software: nginx /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: http://uchinfo.com.ua
date: Mon, 12 Dec 2022 05:10:18 GMT
access-control-expose-headers: retry-after, x-sentry-error, x-sentry-rate-limits
server: nginx
content-length: 2
vary: Origin
content-type: application/json

POST
H2 200 metrics Show response
relap.io/api/v7/ Frame 220D 2 B
1 KB 98ms
97ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/metrics

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.da22aba93c3eb451c34d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Referer
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
vary: Origin
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-max-age: 1728000
access-control-allow-origin: http://uchinfo.com.ua
cache-control: max-age=1, no-cache
x-server: back05
access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID

GET
H2 200 abp.gif
relap.io/ Frame 220D 43 B
208 B 89ms
88ms Image
image/gif 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=1&rn=7.909225127436213

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
last-modified: Wed, 21 Apr 2021 14:05:07 GMT
server: nginx
etag: "60803113-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H2 200 abp.gif
relap.io/ Frame 220D 43 B
208 B 90ms
89ms Image
image/gif 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/abp.gif?ch=2&rn=7.909225127436213

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
last-modified: Wed, 21 Apr 2021 14:05:07 GMT
server: nginx
etag: "60803113-2b"
content-type: image/gif
accept-ranges: bytes
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 197ms
87ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=2897559523&adf=2868007232&fmt=725x150&str=true&ad_y=1937.171875&vph=1200&r_nh=0&r_ifr=true&qid=CNixzaeo8_sCFaDBEQgd9MMA0Q&w=725&h=150&nh=0&rsz=o%7C%7CoeE%7C&abl=CS&frsz=false&err=0&url=http%3A%2F%2Fuchinfo.com.ua%2F&eid=44759875%2C44759926%2C44759842%2C31071219

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widgetsModule.js Show response
w.uptolike.com/widgets/v1/ 172 KB
42 KB 198ms
198ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: http://w.uptolike.com/widgets/v1/uptolike.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Cache-Control: max-age=1800
Connection: keep-alive
Expires: Mon, 12 Dec 2022 05:40:18 GMT

GET
H2

200

gnezdocs
relap.io/partners/ Frame 220D
Redirect Chain

https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/r1xjiQfw
https://fcgi4.gnezdo.ru/cookie_matching/relap_ssp/r1xjiQfw/?redirect=1
https://relap.mail.ru/partners/gnezdocs?uid=XV9maWOWt7qayZs3CUHPAg==
https://relap.io/partners/gnezdocs?uid=XV9maWOWt7qayZs3CUHPAg%3D%3D

43 B
532 B

94ms
94ms

Image
image/gif

95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/gnezdocs?uid=XV9maWOWt7qayZs3CUHPAg%3D%3D

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:19 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back02
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

location: https://relap.io/partners/gnezdocs?uid=XV9maWOWt7qayZs3CUHPAg%3D%3D
date: Mon, 12 Dec 2022 05:10:19 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
server: nginx
content-length: 0

GET
H/1.1 204
No Content r1xjiQfw
ia-dmp.com/cm/3/ Frame 220D 0
238 B 242ms
56ms Image
text/plain 185.26.97.53
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ia-dmp.com/cm/3/r1xjiQfw?redirect_url=https%3A%2F%2Frelap.io%2Fpartners%2Frusnewcs%3Fuid%3D%24%7BUSER_ID%7D

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

185.26.97.53 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),

Reverse DNS

dsde981.fornex.org

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:18 GMT
Strict-Transport-Security: max-age=31536000;
X-Content-Type-Options: nosniff
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block

GET
H2

200

altergeocs
relap.io/partners/ Frame 220D
Redirect Chain

https://cm.p.altergeo.ru/relap?aid=r1xjiQfw&nc=O5H3Cgyc&url=https%3A%2F%2Frelap.io%2Fpartners%2Faltergeocs%3Fuid%3D%24%7BUSER_ID%7D
https://relap.io/partners/altergeocs?uid=CMtTIPgmFYRZqAnuM8GgNKJg==

43 B
531 B

93ms
93ms

Image
image/gif

95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/partners/altergeocs?uid=CMtTIPgmFYRZqAnuM8GgNKJg==

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back07
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Redirect headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 05:10:18 GMT
Server: nginx/1.16.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://relap.io/partners/altergeocs?uid=CMtTIPgmFYRZqAnuM8GgNKJg==
Cache-Control: max-age=0, no-cache, no-store
Connection: close
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 img_checker
relap.io/api/v7/ Frame 220D 43 B
412 B 93ms
93ms Image
image/gif 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://relap.io/api/v7/img_checker

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
server: nginx
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-server: back09
content-length: 43
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 counter
top-fwz1.mail.ru/ Frame 220D 43 B
873 B 89ms
88ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?id=3136989

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 141ms
88ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=resize&scrl=0&adk=3549580170&adf=397168664&fmt=160x600&str=false&ad_y=973.5625&vph=1200&r_nh=0&r_ifr=true&qid=CK_Ezaeo8_sCFQ7sEQgd2GAHnw&w=160&h=600&err=1&url=http%3A%2F%2Fuchinfo.com.ua%2F&eid=44759875%2C44759926%2C44759842%2C31071219

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 728 KB
64 KB 252ms
130ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=600&slotname=1560677129&adk=2043355264&adf=1586735369&pi=t.ma~as.1560677129&w=160&lmt=1670821817&format=160x600&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817424&bpp=1&bdt=718&idt=312&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C725x150%2C160x600&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1194&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=p83kHT4sDH&p=http%3A//uchinfo.com.ua&dtd=315

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22dc7c8c81b9f9f71547187665865406a2b782c54b0bc43d26f3a823987abd32

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 392931
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 63764
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 16:01:27 GMT
expires: Thu, 07 Dec 2023 16:01:27 GMT
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A4FC 0
0 97ms
96ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5nkPureWY-b9BdDex_APzNuvwAiu08_vbcD-lsijEJu9qYbANRABIOGtrB5glQKgAbrV4-UByAEJqQKaklmJ-a6xPqgDAcgDAqoEzgFP0LU9S1GZLMdOwTWoWQQf0JXjGPKEwLktjuDqIH0wVAH7L79TH2bLJw5QuZ2960gCVx-UXzm4JXgYwFKZkojgsIz_70f3cS6PYQM3yIXrKqgoIAmj5dvjtYDcVbTWSIY9H5jR0M-EgSx1WJDiVbvClmVs7_tvtcxrIgPqa7aPABJj0GkFDQL3fDW9vECo956LTLNyYAprSQXUeF_E7xm3yxb-I8l9KNmA_BHMOWLKrjeJIGGKWaVrJtfwsethhT413FeY2Ep2PSl3K-1Ug8AEqqy8n5gEkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBl2AB66qnJoCqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQnYoF0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItOTgyMjUyMTA5NDEyNjMzNhgA&sigh=p-8hncZD-s8&uach_m=[UACH]&cid=CAQSGwDq26N9AJnHbthwTgqPE-B7dLgZ0iE1a68rFxgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=600&slotname=1560677129&adk=2043355264&adf=1586735369&pi=t.ma~as.1560677129&w=160&lmt=1670821817&format=160x600&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817424&bpp=1&bdt=718&idt=312&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C725x150%2C160x600&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1194&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=p83kHT4sDH&p=http%3A//uchinfo.com.ua&dtd=315
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 12 Dec 2022 05:10:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Dec 2022 05:10:18 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C820 143 B
166 B 73ms
69ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=600&slotname=1560677129&adk=2043355264&adf=1586735369&pi=t.ma~as.1560677129&w=160&lmt=1670821817&format=160x600&url=http%3A%2F%2Fuchinfo.com.ua%2F&wgl=1&dt=1670821817424&bpp=1&bdt=718&idt=312&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x280%2C725x150%2C160x600&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=1194&ady=125&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=5&uci=a!5&fsb=1&xpc=p83kHT4sDH&p=http%3A//uchinfo.com.ua&dtd=315
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 04:56:25 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame A4FC 3 KB
1 KB 247ms
128ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 20:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 20:19:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame A4FC 18 KB
7 KB 189ms
70ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 12:10:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A4FC 153 KB
47 KB 194ms
65ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 05:10:18 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 17C1 0
0 233ms
98ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv5_bBUjenwJw4wedYO7JurXtuGtd-XUsFBh3EFnyEVRnIGwFHUvOKqADunkSHIYBvq_q8Ba-Dgb55kuCPZHN797lLp2WL-_kzoSyKPTccOOdcpx0Mwv6F3JnORkBfKOv5hopA_foiZM2K3y_VSIsyrUaOLvyPgbBmMgL37iEGXnqFCVqMYpqjxMTgvqK1J2ziPDaFEl4EWzEF2oMaoE_M6Bz9BS-lb945jQjxCUCB8hEHQTCqJr1LQQvOMUn5iEmNLZndgMvUH0laaWF0B31H4S22B9-igPbhmo_zWo7dc8-2eDNWXTgcgzoa_W-ECKcGCmsWM6SAq-4ZnZYYOP-5Z9lMh5AykrEgSjT3EQ52m13dh7Cx8EjXBA0kR9DOVm6ifF606QbA-MG1l-o-0im_L2v_awaF2_QKC5HDkeHBS-NjoQt16UVK3A7uifedheDn6RY8360klT_p3_eNx7f-qKNLGTx93GwK2kEVpruO_xnbTNzC-H6lhlDIsRg3fBaizFl6yDa9G4Q7OfT2esbxRzyQ9UJLCJaP3qtm1umZhwIInjBxBsrbotYucz_KWjTLN3FckUGg-l_1YBp2F_R2J_gJOqWwFEJkbj5waQZjEsuER4t5REc0b9Iu39RRGO5JUSAYYCZQCQygp1r9H4BqgkpIGywlGdF6zBiBU1Ua7oCQS3mx02tH2zPPNEc-_xsj22ZvWZZi3jSaPZhpESLgHke8tHSg4VQf_YfIrDM3SDpYcveuY0xQJYZtKDV_g0ErMApqa_vE4r6q7nHVTxrh17YWkktHwd9-wz1v95WGrKd1K68y1-nsgx6AL7Nc_NwzOmPgMpwo2hw-i79EP7BXGlgG3GFtBDxYt-eLXmJf0NChnIiYs9lDSpYbSMKTojgsu1bvmfF5xhXHz6ASpTiqDMS2TAaLuCPp6cHKtr0KFir3NLt8iKkeu5cNUqlPgZk5se243eDUQ3JYZkHG6PBG7pa2D1_-ykNC75A&sai=AMfl-YTPfXR3_u7M991enc50lXIq-X3zlAluuM6F7VIqRGPqSqjEFoAAernCTjr4vVcVuYE8uUn5st0y2JjnCZ8Vh_jzZGtJAhWKZV3F4R5bafWYL3_MKDTUlKaN9ph78zvNddtld0fq4NJjqTx41QZ3HikOoBMQYIfYhWRyoXzAuImsF-T1-zJdS0Qov-SlZnW0j95slfD6j_4otxI4fyZ7wBPYlSqSotSKltqMJjrYud4ZrVBdXPKRMg&sig=Cg0ArKJSzPhAFpPc1s69EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 12 Dec 2022 05:10:18 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 12 Dec 2022 05:10:18 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 17C1 106 KB
38 KB 185ms
57ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 15:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Dec 2022 15:32:31 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/ Frame 17C1 6 KB
2 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20221206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=280&slotname=8665141523&adk=4286089063&adf=1529264140&pi=t.ma~as.8665141523&w=728&fwrn=4&fwrnh=100&lmt=1670821817&rafmt=1&format=728x280&url=http%3A%2F%2Fuchinfo.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670821817324&bpp=3&bdt=619&idt=389&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3XMyMvprdW&p=http%3A//uchinfo.com.ua&dtd=395

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 19:35:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34482
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 19:35:36 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 17C1 41 KB
15 KB 135ms
109ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 07:06:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 252233
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 07:06:25 GMT

GET
H2 200 m_js_controller_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 17C1 35 KB
14 KB 215ms
189ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/m_js_controller_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 18:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39069
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14217
x-xss-protection: 0
server: cafe
etag: 13612117104345174519
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 18:19:09 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 17C1 3 KB
1 KB 132ms
106ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 20:19:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31832
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 20:19:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/ Frame 17C1 18 KB
7 KB 88ms
62ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7480
x-xss-protection: 0
server: cafe
etag: 15631949847000551034
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 12:10:29 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 17C1 153 KB
47 KB 182ms
146ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47725
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670417373259609"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 05:10:18 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221206/r20110914/ Frame 17C1 23 KB
10 KB 79ms
54ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 12:10:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61189
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9443
x-xss-protection: 0
server: cafe
etag: 9828741834572772835
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Dec 2022 12:10:29 GMT

GET
H/1.1 200
OK share-counter.html Show response
w.uptolike.com/widgets/v1/ Frame AAD3 17 KB
5 KB 97ms
97ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 12 Dec 2022 05:10:18 GMT
Expires: Mon, 12 Dec 2022 05:40:18 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK impression.html Show response
w.uptolike.com/widgets/v1/ Frame 1A24 1023 B
914 B 197ms
100ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 12 Dec 2022 05:10:18 GMT
Expires: Mon, 12 Dec 2022 05:40:18 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H/1.1 200
OK icomoon.woff
w.uptolike.com/static/buttons/fonts/ 9 KB
9 KB 284ms
93ms Font
font/woff 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/static/buttons/fonts/icomoon.woff?qq11232333=1232131231321
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29

Request headers

Referer: http://uchinfo.com.ua/
Origin: http://uchinfo.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:18 GMT
Last-Modified: Wed, 16 Aug 2017 14:30:13 GMT
Server: nginx
ETag: "599456f5-23b8"
Content-Type: font/woff
Access-Control-Allow-Origin: *
Cache-Control: max-age=15552000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 9144
Expires: Tue, 16 May 2023 07:48:50 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C820
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

67ms
67ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 05:10:18 GMT
expires: Mon, 12 Dec 2022 05:10:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 05:10:18 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK widgets-batch.js Show response
w.uptolike.com/widgets/v1/ Frame AAD3 427 B
669 B 174ms
98ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/widgets-batch.js?params=JTVCJTdCJTIycGlkJTIyJTNBJTIyMTI4NjY2MiUyMiUyQyUyMnVybCUyMiUzQSUyMmh0dHAlM0ElMkYlMkZ1Y2hpbmZvLmNvbS51YSUyRiUyMiU3RCU1RA==&mode=0&callback=callback__utl_cb_share_1670821818683804
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 64f8e91517626cb8e9787f9e2a43292c19018db66d88a8d057179b4537bb4276

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 05:10:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Wed, 23 Nov 2022 19:31:36 GMT

GET
DATA 200
OK truncated
/ Frame A4FC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bcba833ce83810b4c8ff8d72366e02c258a452b913bf3ed982c22424b6305923

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 css
fonts.googleapis.com/ Frame 4282 6 KB
1 KB 180ms
64ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:800,300,600,700

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 12 Dec 2022 05:10:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 12 Dec 2022 05:10:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 12 Dec 2022 05:10:18 GMT

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4282 16 KB
6 KB 187ms
68ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 04:14:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 13 Dec 2022 04:14:04 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 4282 34 KB
13 KB 171ms
53ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sun, 11 Dec 2022 19:53:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 33432
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Mon, 12 Dec 2022 19:53:06 GMT

POST
H2 200 stat Show response
relap.io/api/v7/ Frame 220D 2 B
748 B 111ms
111ms Fetch
application/json 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Requested by

Host: relap.io
URL: https://relap.io/v7/vendor.da22aba93c3eb451c34d.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

x-relap-cookie: rlprp=M9jcIg:YF-NAA
Referer
X-Relap-UUID: 1614a9c0-a609-404b-81d3-2182241d6a07
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 12 Dec 2022 05:10:18 GMT
strict-transport-security: max-age=5184000; includeSubdomains;
x-content-type-options: nosniff
content-length: 2
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection
pragma: no-cache
server: nginx
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
content-type: application/json;charset=UTF-8
access-control-allow-origin: http://uchinfo.com.ua
access-control-expose-headers: X-Relap-Cookie
cache-control: max-age=1, no-cache
access-control-allow-credentials: true
x-server: back26
vary: Origin
x-relap-cookie: rlprp=M9jcIg:YF-NAA
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID

OPTIONS
H2 200 stat
relap.io/api/v7/ Frame 0
0 97ms
96ms Preflight
text/html 95.163.37.253
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://relap.io/api/v7/stat

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

95.163.37.253 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

relap.io

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=5184000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-relap-cookie,x-relap-uuid
Access-Control-Request-Method: POST
Origin: http://uchinfo.com.ua
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Authorization,Content-Type,Origin,User-Agent,DNT,Cache-Control,Range,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cookie,X-Csrf-Token,X-Relap-Unique,X-Relap-Cookie,X-Relap-UUID
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS, PATCH
access-control-allow-origin: http://uchinfo.com.ua
access-control-max-age: 1728000
content-length: 0
content-type: text/html;charset=UTF-8
date: Mon, 12 Dec 2022 05:10:18 GMT
server: nginx
strict-transport-security: max-age=5184000; includeSubdomains;
vary: Origin
x-content-type-options: nosniff
x-server: back25
x-xss-protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F020 22 KB
8 KB 152ms
54ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 119104
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Dec 2022 20:05:14 GMT
expires: Sun, 10 Dec 2023 20:05:14 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 17C1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a45cbe26ba211d13c36dd029da58b7f30ca02ee8f5d6684392e1141d84e7dc7

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 17C1 8 KB
4 KB 210ms
55ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=13361095&cmp=28887302&sid=443002&plc=352921664&num=&adid=&advid=8650961&adsrv=1&btreg=544401823&btadsrv=doubleclick&crt=182019147&crtname=&chnl=&unit=&pid=&uid=&tagtype=&dvtagver=6.1.src
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 11:39:13 GMT
Server: Microsoft-IIS/10.0
ETag: "8065f8730ad91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3315

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/ Frame C292 6 KB
2 KB 163ms
54ms Document
text/html 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f8c4d264207df6dadfc6b486b5eef90c6d1b13cb77345fd064e8381f6221464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 416854
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1762
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 09:22:45 GMT
expires: Thu, 07 Dec 2023 09:22:45 GMT
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 400 img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921664;a.a=544401823;cache=2906761052;
ad.atdmt.com/i/ Frame 17C1 0
0 191ms
66ms Image
text/html 2a03:2880:f045:f:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921664;a.a=544401823;cache=2906761052;
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=280&slotname=8665141523&adk=4286089063&adf=1529264140&pi=t.ma~as.8665141523&w=728&fwrn=4&fwrnh=100&lmt=1670821817&rafmt=1&format=728x280&url=http%3A%2F%2Fuchinfo.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670821817324&bpp=3&bdt=619&idt=389&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3XMyMvprdW&p=http%3A//uchinfo.com.ua&dtd=395
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f045:f:face:b00c:0:8c Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 204
No Content imp
w.uptolike.com/widgets/v1/ Frame 1A24 0
154 B 97ms
97ms Image
text/plain 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://w.uptolike.com/widgets/v1/imp?pid=1286662&url=http%3A%2F%2Fuchinfo.com.ua%2F&vp=ff69b659-7420-40f0-9e5a-81f0fb27a6a5&ttl=JUQwJUEzJUQxJTgwJUQwJUJFJUQwJUJBJUQwJUI4JTIwJUQwJUI4JUQwJUJEJUQxJTg0JUQwJUJFJUQxJTgwJUQwJUJDJUQwJUIwJUQxJTgyJUQwJUI4JUQwJUJBJUQwJUI4&rnd=0.30644959063419686
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/impression.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 05:10:18 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK extra.js Show response
w.uptolike.com/widgets/v1/ 4 KB
3 KB 99ms
98ms Script
application/javascript 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.756484873481434
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 41a92a9ba380e93e747a915f98090102b1e38534331c28d8231ffac22422a564

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 05:10:18 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript;charset=utf-8
P3P: CP='IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT'
Access-Control-Allow-Origin: *
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Expires: Wed, 23 Nov 2022 19:31:36 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9850.Ivbq3R05YxWnzgIGhQMx2FyUoMiyPN4GOcRh5mOlQcUthUpXfNF3C0m0FBGttO1w.NwrHw73HLuoTW9789PnN70lfgM8%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9850.HGHq4B5NN4-GPePw7UyA2CcV7B1pCQiR-C_UbkRrUEoN-GMnar3-4g6zYJKWT9zvIk3t7GQDXZh4Hr-aCsX6FV96Z-0eC1o--Y9fi_cRoKsxI550eBdtt1D4-w8KggAwGRTLOYiUQ1f...

43 B
479 B

106ms
106ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9850.HGHq4B5NN4-GPePw7UyA2CcV7B1pCQiR-C_UbkRrUEoN-GMnar3-4g6zYJKWT9zvIk3t7GQDXZh4Hr-aCsX6FV96Z-0eC1o--Y9fi_cRoKsxI550eBdtt1D4-w8KggAwGRTLOYiUQ1fTuYSEnx8_r-Pu08DqJ76PADz7N5-dXKRnSwaHi4vXA_myfa4LdmnrO6H9ezEbjJ7DXcY-HdjaIbuyPvckEPhtlWDXjCy7p7E%2C.JpCddlDYAJXhRm101GP_QhX0ivQ%2C

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:19 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9850.HGHq4B5NN4-GPePw7UyA2CcV7B1pCQiR-C_UbkRrUEoN-GMnar3-4g6zYJKWT9zvIk3t7GQDXZh4Hr-aCsX6FV96Z-0eC1o--Y9fi_cRoKsxI550eBdtt1D4-w8KggAwGRTLOYiUQ1fTuYSEnx8_r-Pu08DqJ76PADz7N5-dXKRnSwaHi4vXA_myfa4LdmnrO6H9ezEbjJ7DXcY-HdjaIbuyPvckEPhtlWDXjCy7p7E%2C.JpCddlDYAJXhRm101GP_QhX0ivQ%2C
date: Mon, 12 Dec 2022 05:10:19 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame F020 36 KB
16 KB 56ms
53ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 22:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110551
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 22:27:48 GMT

GET
H/1.1 200
OK alt.js Show response
cntrsync.ru/ 0
319 B 409ms
121ms Script
application/javascript 92.63.102.100
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://cntrsync.ru/alt.js

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.756484873481434

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

92.63.102.100 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1022.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:19 GMT
Last-Modified: Monday, 12-Dec-2022 05:10:19 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H/1.1 200
OK / Show response
supraneet.ru/minus/ 0
319 B 337ms
99ms Script
application/javascript 62.109.6.15
RU-JSCIOT

General

Check archive.org

Show headers Download Go to

Full URL

https://supraneet.ru/minus/

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.756484873481434

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

62.109.6.15 , Russian Federation, ASN29182 (RU-JSCIOT, RU),

Reverse DNS

belesta1024.ru

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:19 GMT
Last-Modified: Monday, 12-Dec-2022 05:10:19 GMT
Server: nginx/1.13.12
X-Frame-Options: SAMEORIGIN
Content-Type: application/javascript
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Connection: keep-alive
Content-Length: 0

GET
H2 200 smart.js Show response
cdn.smntq.com/c83ul/ 6 B
490 B 292ms
78ms Script
text/javascript 95.217.109.66
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smntq.com/c83ul/smart.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.756484873481434
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 95.217.109.66 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.66.109.217.95.clients.your-server.de
Software: nginx/1.20.1 /
Resource Hash: b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:19 GMT
mode: no-cors
content-encoding: gzip
server: nginx/1.20.1
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: Access-Control-Allow-Headers, Origin,Accept, x-compress, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H/1.1 200
OK collect_stat.js Show response
af.click.ru/ 913 B
1 KB 388ms
94ms Script
application/javascript 217.197.112.80
E-STYLEISP-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://af.click.ru/collect_stat.js
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/extra.js?rnd=0.756484873481434
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 217.197.112.80 , Russian Federation, ASN20655 (E-STYLEISP-AS, RU),
Reverse DNS: seopult.ru
Software: nginx /
Resource Hash: a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:19 GMT
Last-Modified: Fri, 18 Nov 2022 09:50:15 GMT
Server: nginx
ETag: "63775557-391"
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 913

GET
H2 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 4282 45 KB
46 KB 169ms
54ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:800,300,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 09 Dec 2022 08:23:46 GMT
x-content-type-options: nosniff
age: 247593
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46524
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Dec 2023 08:23:46 GMT

GET
H3 200 style.css
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/styles/ Frame C292 6 KB
2 KB 54ms
53ms Stylesheet
text/css 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/styles/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18f5fa8c02617f100815ea12b8986d0ac015159688c199e6009f767ddf76dbcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1744
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:45 GMT

GET brand.css
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/ Frame C292 0
0

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C292 60 KB
24 KB 64ms
62ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Dec 2022 05:10:19 GMT

GET
H3 200 easepack_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame C292 2 KB
1 KB 87ms
85ms Script
text/javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/easepack_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1356
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:22:46 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Dec 2022 05:10:19 GMT

GET
H3 200 initialLoader.min.js Show response
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/ Frame C292 4 KB
2 KB 56ms
54ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/initialLoader.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1989
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:45 GMT

GET
H3 200 fontfaceobserver.standalone.js Show response
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/ Frame C292 4 KB
2 KB 58ms
57ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/fontfaceobserver.standalone.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1674
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:45 GMT

GET
H3 200 custom.js Show response
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/ Frame C292 3 KB
1 KB 57ms
55ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/custom.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ca93279690edc66f2712fc78da024d32d2595832d5cee891c6ce8d12b27d39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1204
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:45 GMT

GET
H3 200 logic.js Show response
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/ Frame C292 7 KB
2 KB 61ms
59ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03e4dca6fc35b9df28bf591662be9028ecb050f0460c3d0438cf519d546e7a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2249
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:45 GMT

GET
H3 200 messaging.js Show response
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/ Frame C292 3 KB
970 B 56ms
55ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/messaging.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 416854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 941
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:45 GMT

GET
H/1.1 200
OK dv-measurements3317.js Show response
cdn.doubleverify.com/ Frame 484D 552 KB
106 KB 59ms
59ms Script
application/javascript 2a02:26f0:480:9::210:ee0e
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements3317.js
Requested by: Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:9::210:ee0e Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:19 GMT
Content-Encoding: gzip
Last-Modified: Wed, 07 Dec 2022 09:45:11 GMT
Server: Microsoft-IIS/10.0
ETag: "80ad389920ad91:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 108147

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F020 0
20 B 92ms
91ms Image
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVmmhureWY9r3BbuGx_APl76w6A0AAAAAOAHgBAI&bg=!IiGlIWXNAAYgquz3AKo7ACkAdvg8WsBHvfPbOxBQDzZs1g-F_t8cdIzGeqm3aUHsJEYpq-YtbFEhkgIAAABcUgAAAAJoAQcKAGCjLlO1sIXqtlZMMcG_JvVt1-pC74zaa8o4kMV1eah95RHn_nO09usvnSJfOhnYeLC5U-epcbk-JcXDDVaNI4VlolpZ0xrXp3c4rB1Ws9imUxHsR_0Z70_uQum_zY-5tbyZAwNsPkuDaaiDvZQTss9sODSspTGoCWV9WzY74YeWxt6dqDVDt8oyODPAXvCSMHpYxeDFFvz_-SAzyMh5ZlIGux7zruJYytgZky7spgWPRP7J-US10t9eQst-WYoML9UFiyYCzIGVOEy1zxbgDMgOJvXTOlckieq0jamPMCLtvyzIQT-w5d2iFybWo4oLXnQEj54WEwH4SRHCA8amIX4XF_96B_c0xEBCqVJFjgCnBdCswIuYtZzW1LUcWOgO5LjlWGD2YalpmBShloPXm0TTQ7z4IaZz50HmN-T2j7ByF6YBVf5Kn5HneAgIUgnw_uf_34ZcjG1uxjg3S-JN-1bc76Uc9YIdBzkoF8cDoIiSLd8LgjXCbYPruluIITDZ_WuycykFlMt1MGes0J0f-d1btsWd-mCyiE4gfOeh-pKLkYX9qt_8l7lWUoFj43i4yU-WAnab7BF49ACM6NHslWmO-G2ql9DliO97QD5k4-9HkD4xwvgYHqmRRvXaUyetx5CIa3YpBngU4IyNp2pIiLFB99ur5f6RXz3igSApMQ5bMbd-WM2hGrx4mZcQd2sQy_tyjOZQHn7rV1MVZAPTGJIn2-AvRsXz4ULuXxFAz3KgTejKehWtYeosilPefYmiFBXzCs31JDMWk1BOV3uqD3dz5ofTbGI4h1epwoqf8VR5FDbMY9-0xrlkCisGvFkuwodmoUu-cCZ3At0tDJCYRzj2zN7H5U4AsFfMLkU0zTkGMIkG8hf2xdPYTqI4xa9p21IDLGlNpnNWIN2HoIg3cPvyrNbQT4AQLF-6awugI3ASQPhdrS0IZn3d5uoAMSrt7rXwm1CfdX4cJyY1-5ZTCsyzMU5yUYlcsxqcu3W5nZgdHrqYfo6BnIUZd3jzoLjfKhTKkKe1_z-RxzUN4JSNge3bx9bJVDXSzPWWcJYdZnoRTioDeIYo6qKgGaiuLNz1STzsvRbRSAEGkkWmTd4MVJPlojwPRHvfVGOVp6_mCPAN1jsiNYF8THNLedHZfxJVwFODDcNSawc

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 484D 1 KB
1 KB 596ms
63ms Script
text/javascript 213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&flvr=0&ttmms=145&ttfrms=31&brid=3&brver=99.0.4844.51&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEATbpTauTauF49%3A%3F7%40%5D4%40%3E%5DF2TauU2%3F4r92%3A%3Fl9EEATbpTauTauF49%3A%3F7%40%5D4%40%3E%5DF2Tar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6ETar9EEADTbpTauTau8%40%408%3D625D%5D8%5D5%40F3%3D64%3D%3A4%3C%5D%3F6E&srcurlD=0&aUrlD=0&ssl=https:&dfs=337&ddur=211&uid=1670821819253838&jsCallback=dvCallback_1670821819253676&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F99.0.4844.51%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=188&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=3317&tgjsver=3317&lvvn=28&m1=13&refD=2&referrer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9822521094126336%26output%3Dhtml%26h%3D280%26slotname%3D8665141523%26adk%3D4286089063%26adf%3D1529264140%26pi%3Dt.ma~as.8665141523%26w%3D728%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1670821817%26rafmt%3D1%26format%3D728x280%26url%3Dhttp%253A%252F%252Fuchinfo.com.ua%252F%26fwr%3D0%26rpe%3D1%26resp_fmts%3D3%26wgl%3D1%26dt%3D1670821817324%26bpp%3D3%26bdt%3D619%26idt%3D389%26shv%3Dr20221206%26mjsv%3Dm202212050101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D8201544243553%26frm%3D20%26pv%3D1%26ga_vid%3D1793492060.1670821817%26ga_sid%3D1670821818%26ga_hid%3D120283779%26ga_fc%3D1%26u_tz%3D0%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26adx%3D436%26ady%3D135%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759875%252C44759926%252C44759842%252C31071219%26oid%3D2%26pvsid%3D1033736123224925%26tmod%3D1344007007%26uas%3D0%26nvt%3D1%26eae%3D0%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3Do%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D23%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3D3XMyMvprdW%26p%3Dhttp%253A%2F%2Fuchinfo.com.ua%26dtd%3D395&fcifrms=9&brh=2&sdf=2&dvp_epl=246&noc=4&nav_pltfrm=Win32&ctx=13361095&cmp=28887302&sid=443002&plc=352921664&crt=182019147&btreg=544401823&btadsrv=doubleclick&adsrv=1&advid=8650961&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=29364692087.14064&dvp_tukv=141273095421.88046&dvp_uuid=114228243882.51456&dvp_strhd=0.8999996185302734&dvpx_strhd=0.8999996185302734&dvp_tuid=291260287530&jurtd=3200363901
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 8c426e883d97a62f7de0947df12491e3bcdad01a12a43fc462ee0ba441416d8f

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 05:10:19 GMT
Content-Encoding: br
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Expires: 12/11/2022 05:10:19

GET
H2

200

1 Show response
mc.yandex.com/watch/23414332/
Redirect Chain

https://mc.yandex.com/watch/23414332?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Ae...
https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3...

427 B
518 B

102ms
102ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A4%3Adp%3A0%3Als%3A477804107124%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051018%3Aet%3A1670821819%3Ac%3A1%3Arn%3A659452476%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C730%2C10%2C%2C%2C%2C1412%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1670821816020%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670821819%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29lt%285500%29aw%281%29ecs%281%29ti%282%29

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

9c5c3d5e418b326d6f41973bebeab7f2300a640911c341c4ba9a4c4c5b491107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:19 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Mon, 12-Dec-2022 05:10:19 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://uchinfo.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 427
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 05:10:19 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:19 GMT
strict-transport-security: max-age=31536000
last-modified: Mon, 12-Dec-2022 05:10:19 GMT
location: /watch/23414332/1?wmode=7&page-url=http%3A%2F%2Fuchinfo.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A776n41m7q3df66onruy8z%3Afp%3A1050%3Afu%3A0%3Aen%3Awindows-1251%3Ala%3Aen-US%3Av%3A942%3Acn%3A4%3Adp%3A0%3Als%3A477804107124%3Ahid%3A11868309%3Az%3A0%3Ai%3A20221212051018%3Aet%3A1670821819%3Ac%3A1%3Arn%3A659452476%3Arqn%3A1%3Au%3A1670821817610162851%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A442%2C102%2C135%2C1%2C0%2C0%2C%2C730%2C10%2C%2C%2C%2C1412%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Aeu%3A1%3Ans%3A1670821816020%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1670821819%3At%3A%D0%A3%D1%80%D0%BE%D0%BA%D0%B8%20%D0%B8%D0%BD%D1%84%D0%BE%D1%80%D0%BC%D0%B0%D1%82%D0%B8%D0%BA%D0%B8&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29lt%285500%29aw%281%29ecs%281%29ti%282%29
access-control-allow-origin: http://uchinfo.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Mon, 12-Dec-2022 05:10:19 GMT

GET
H3 200 config.js Show response
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/config/ Frame C292 807 B
533 B 76ms
75ms Script
application/x-javascript 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/config/config.js?r=0.14800064003088442

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/logic.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f14491ec2be7f626cea791d73b0d32f98d97069c74351c470000d80638666ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 505
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 12 Dec 2023 05:10:19 GMT

GET
H3 200 chevron.png
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/images/ Frame C292 190 B
217 B 54ms
54ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/images/chevron.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/styles/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:46 GMT
x-content-type-options: nosniff
age: 416853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:46 GMT

GET
H3 200 Algovir_Packagings.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 26 KB
26 KB 54ms
54ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Algovir_Packagings.png

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Fri, 09 Dec 2022 09:25:49 GMT
x-content-type-options: nosniff
age: 243870
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27097
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 09 Dec 2023 09:25:49 GMT

GET
H3 200 Check.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 585 B
390 B 65ms
64ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Check.svg

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 16:01:46 GMT
age: 392913
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Dec 2023 16:01:46 GMT

GET
H3 200 CTA_mehr_erfahren_einzeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 5 KB
2 KB 65ms
64ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/CTA_mehr_erfahren_einzeilig.svg

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 16:01:46 GMT
age: 392913
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1689
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Dec 2023 16:01:46 GMT

GET
H3 200 CTA_mehr_erfahren_zweizeilig.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 4 KB
1 KB 77ms
76ms Image
image/svg+xml 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/CTA_mehr_erfahren_zweizeilig.svg

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 06 Dec 2022 19:21:37 GMT
age: 467322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1265
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Dec 2023 19:21:37 GMT

GET
H3 200 Bubbles.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 15 KB
15 KB 90ms
89ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Bubbles.png

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Sat, 10 Dec 2022 16:56:30 GMT
x-content-type-options: nosniff
age: 130429
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15028
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 10 Dec 2023 16:56:30 GMT

GET
H3 200 algovir_Visual_Spruehstoss.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 14 KB
14 KB 67ms
66ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/algovir_Visual_Spruehstoss.png

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 07 Dec 2022 16:01:39 GMT
x-content-type-options: nosniff
age: 392920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14241
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Dec 2023 16:01:39 GMT

GET
H3 200 algovir_flasche.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 20 KB
20 KB 77ms
77ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/algovir_flasche.png

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Tue, 06 Dec 2022 19:21:37 GMT
x-content-type-options: nosniff
age: 467322
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20835
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 06 Dec 2023 19:21:37 GMT

GET
H3 200 Viren.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/ Frame 4282 8 KB
8 KB 100ms
100ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4687128324995022848/Viren.png

Requested by

Host: uchinfo.com.ua
URL: http://uchinfo.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date: Wed, 07 Dec 2022 16:01:39 GMT
x-content-type-options: nosniff
age: 392920
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7856
x-xss-protection: 0
last-modified: Wed, 12 Oct 2022 11:17:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 07 Dec 2023 16:01:39 GMT

GET
H3 200 aldine_light.woff2
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/fonts/ Frame C292 24 KB
24 KB 54ms
54ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/fonts/aldine_light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/styles/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:46 GMT
x-content-type-options: nosniff
age: 416853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24316
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:46 GMT

GET
H3 200 coupleHoldingHands-tier1-1164x300.jpg
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/images/ Frame C292 64 KB
64 KB 55ms
54ms Image
image/jpeg 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/images/coupleHoldingHands-tier1-1164x300.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2c2ca99d94d31b791852486a401d3de0dc7158c72bc2d646747c7df25466944

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:46 GMT
x-content-type-options: nosniff
age: 416853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 65829
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:46 GMT

GET
H3 200 connector.png
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/images/ Frame C292 74 KB
74 KB 72ms
71ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/images/connector.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:46 GMT
x-content-type-options: nosniff
age: 416853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 76141
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:46 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A4FC 42 B
64 B 222ms
112ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvClvt_eWEG93Vrzy4M-VdiYp2JTYEDpz0eUxQreiL1C5qT-zu_tIAIISwmVLIrksOcIFsUOEGOgCaLIDHW2SCyeEDY76kPoG4_D43cAkz3BcIhuephITTzEEvOM0oGLwXlPCLDbg&sai=AMfl-YTB4uk7WkR3EX2ilK9Smo2trpNE_RoYv1zX5cwVao4FtzuYpYKY0BkHFZJ9PJfju1-zcgxgRPdLmi0GAQY&sig=Cg0ArKJSzKDE4TEsicvaEAE&cid=CAQSGwDq26N9AJnHbthwTgqPE-B7dLgZ0iE1a68rFxgBIBM&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=2043355264&rs=2&la=0&cr=0&vs=4&r=v&rst=1670821817740&rpt=1042&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

event.png
tpsc-frc.doubleverify.com/ Frame 484D
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-frc&param=akipv6&impid=b35a0ee633564c4fa4c204c603485023&dup=&cbust=1670821819856529
https://tpsc-frc.doubleverify.com/event.png?impid=b35a0ee633564c4fa4c204c603485023&akipv6=2a01:4a0:2c::7&dup=

0
138 B

187ms
64ms

Image
text/plain

213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=b35a0ee633564c4fa4c204c603485023&akipv6=2a01:4a0:2c::7&dup=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9822521094126336&output=html&h=280&slotname=8665141523&adk=4286089063&adf=1529264140&pi=t.ma~as.8665141523&w=728&fwrn=4&fwrnh=100&lmt=1670821817&rafmt=1&format=728x280&url=http%3A%2F%2Fuchinfo.com.ua%2F&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1670821817324&bpp=3&bdt=619&idt=389&shv=r20221206&mjsv=m202212050101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8201544243553&frm=20&pv=1&ga_vid=1793492060.1670821817&ga_sid=1670821818&ga_hid=120283779&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=436&ady=135&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31071219&oid=2&pvsid=1033736123224925&tmod=1344007007&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=2&uci=a!2&fsb=1&xpc=3XMyMvprdW&p=http%3A//uchinfo.com.ua&dtd=395
Protocol: HTTP/1.1
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 12 Dec 2022 05:10:18 GMT
Cache-Control: max-age=0
Expires: 12/11/2022 05:10:20

Redirect headers

Location: https://tpsc-frc.doubleverify.com/event.png?impid=b35a0ee633564c4fa4c204c603485023&akipv6=2a01:4a0:2c::7&dup=
Date: Mon, 12 Dec 2022 05:10:19 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H2 200 share.php Show response
vk.com/ Frame AAD3 22 B
355 B 100ms
98ms Script
text/html 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fuchinfo.com.ua%2F&callback=callback__utl_cb_share_1670821819896282

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112830

Resource Hash

c562c26e391f8b8bc7e995db915519006653b8ae659d7ba34e5aadad736f91ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:19 GMT
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112830
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 42

GET
H2 200 share.php Show response
vk.com/ Frame AAD3 21 B
354 B 103ms
101ms Script
text/html 87.240.132.78
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL

https://vk.com/share.php?act=count&format=json&url=http%3A%2F%2Fuchinfo.com.ua%2F%3F_utl_t%3Dvk&callback=callback__utl_cb_share_1670821819896753

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.78 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv78-132-240-87.vk.com

Software

kittenx / KPHP/7.4.112830

Resource Hash

09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:19 GMT
content-encoding: gzip
x-frontend: front226205
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.112830
content-type: text/html; charset=windows-1251
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 41

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame AAD3 79 B
666 B 585ms
96ms Script
text/javascript 94.100.180.55
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit58&url_list=http%3A%2F%2Fuchinfo.com.ua%2F&callback=callback__utl_cb_share_167082181989692

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.55 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

57f99a282439a903fd8cd031721795b16b4bf882a1c3bca5d0944c52d6d36ddc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Length: 79
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H/1.1 200
OK share_count Show response
connect.mail.ru/ Frame AAD3 89 B
676 B 586ms
93ms Script
text/javascript 94.100.180.55
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.mail.ru/share_count?func=mrc__shareInit32&url_list=http%3A%2F%2Fuchinfo.com.ua%2F%3F_utl_t%3Dmr&callback=callback__utl_cb_share_1670821819897649

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

94.100.180.55 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

connect.mail.ru

Software

nginx /

Resource Hash

dd74179e06b64ecb0b4e1b55019d12bc2cfe0d339fd3c9f63e54dfbefe2a4f84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block; report=https://cspreport.mail.ru/xxssprotection

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 05:10:20 GMT
X-Content-Type-Options: nosniff
Server: nginx
X-WebKit-CSP-Report-Only: default-src https: 'unsafe-inline' 'unsafe-eval'; img-src https://* data: ; frame-src https://* about: javascript:
X-Frame-Options: DENY
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="/w3c/p3p.xml", CP="NON CUR ADM DEV PSA PSD OUR IND UNI NAV INT STA"
Cache-Control: no-cache, no-store, must-revalidate, private
Connection: keep-alive
Content-Length: 89
X-XSS-Protection: 1; mode=block; report=https://cspreport.mail.ru/xxssprotection

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame AAD3 83 B
133 B 300ms
148ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fuchinfo.com.ua%2F&callback=callback__utl_cb_share_1670821819897799

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c07c1a0fb18908b919c9ff0e5ba67edb963635b25abe6260f1b32108af7f83f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:20 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
x-pinterest-rid: 1471014692925438
content-length: 83
expires: Mon, 12 Dec 2022 05:25:20 GMT

GET
H2 200 count.json Show response
api.pinterest.com/v1/urls/ Frame AAD3 93 B
393 B 297ms
145ms Script
application/javascript 151.101.64.84
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.pinterest.com/v1/urls/count.json?&url=http%3A%2F%2Fuchinfo.com.ua%2F%3F_utl_t%3Dps&callback=callback__utl_cb_share_1670821819897555

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.84 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4115ec96a91b8cd65cb888475c87fda33f4975e96c0a06304d83cfe57a02c1bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:20 GMT
x-content-type-options: nosniff
x-cdn: fastly
age: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
x-pinterest-rid: 4284154859759931
content-length: 93
expires: Mon, 12 Dec 2022 05:25:20 GMT

GET
H2 200 dk Show response
connect.ok.ru/ Frame AAD3 25 B
2 KB 332ms
91ms Script
application/javascript 217.20.155.208
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fuchinfo.com.ua&callback=callback__utl_cb_share_1670821819897681

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.155.208 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

ip208.155.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:20 GMT
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-encoding: br
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
rendered-blocks: WidgetExtLike
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 dk Show response
connect.ok.ru/ Frame AAD3 25 B
2 KB 372ms
132ms Script
application/javascript 217.20.155.208
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.ok.ru/dk?st.cmd=extLike&uid=odklcnt0&ref=http%3A%2F%2Fuchinfo.com.ua%2F%3F_utl_t%3Dok&callback=callback__utl_cb_share_1670821819898620

Requested by

Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

217.20.155.208 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

ip208.155.odnoklassniki.ru

Software

apache /

Resource Hash

48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me wss://ad.mail.ru .mail.ru .imgsmail.ru .mradx.net .serving-sys.com .googleapis.com .gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st .doubleverify.com .adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru .google.ru .google.com .googlesyndication.com .yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' .mail.ru https://.mail.ru .imgsmail.ru .mradx.net ok.ru .ok.ru odnoklassniki.ru .odnoklassniki.ru mycdn.me http://.mycdn.me https://.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st .google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru .googleapis.com .gstatic.com www.google.com www.youtube.com https://www.youtube.com .ytimg.com https://.ytimg.com .doubleverify.com .dvtps.com .doubleclick.net .googletagservices.com .googlesyndication.com .googleadservices.com .goodgame.ru https://.goodgame.ru https://.moatads.com .adlooxtracking.com .adlooxtracking.ru .adsafeprotected.com .serving-sys.com .serving-sys.ru .weborama.fr .weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru .googletagmanager.com connect.facebook.net .google.ru .google.com .googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
Strict-Transport-Security	max-age=63072000;includeSubdomains;preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:20 GMT
content-security-policy: default-src data: 'self' 'unsafe-inline' 'unsafe-eval' ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me wss://ad.mail.ru *.mail.ru *.imgsmail.ru *.mradx.net *.serving-sys.com *.googleapis.com *.gstatic.com www.google.com https://api-maps.yandex.ru yastatic.net yandex.st *.doubleverify.com *.adsafeprotected.com https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://football.sportmail.ru *.google.ru *.google.com *.googlesyndication.com *.yandex.ru blob:; script-src 'unsafe-inline' 'unsafe-eval' *.mail.ru https://*.mail.ru *.imgsmail.ru *.mradx.net ok.ru *.ok.ru odnoklassniki.ru *.odnoklassniki.ru mycdn.me http://*.mycdn.me https://*.mycdn.me mc.yandex.ru an.yandex.ru yastatic.net yandex.st *.google-analytics.com api-maps.yandex.ru https://api-maps.yandex.ru https://clck.yandex.ru *.googleapis.com *.gstatic.com www.google.com www.youtube.com https://www.youtube.com *.ytimg.com https://*.ytimg.com *.doubleverify.com *.dvtps.com *.doubleclick.net *.googletagservices.com *.googlesyndication.com *.googleadservices.com *.goodgame.ru https://*.goodgame.ru https://*.moatads.com *.adlooxtracking.com *.adlooxtracking.ru *.adsafeprotected.com *.serving-sys.com *.serving-sys.ru *.weborama.fr *.weborama-tech.ru https://enterprise.api-maps.yandex.ru https://suggest-maps.yandex.ru https://*.hit.gemius.pl https://consentmanager.mgr.consensu.org https://cdn.consentmanager.mgr.consensu.org https://gum.criteo.com https://football.sportmail.ru *.googletagmanager.com connect.facebook.net *.google.ru *.google.com *.googlesyndication.com yandex.ru; worker-src blob: 'self'; connect-src * wss: blob: data:; font-src * data: blob:; frame-src * blob: 'self'; img-src * data: blob: about:; media-src * data: blob:; object-src *; report-uri /csp/report;
x-content-type-options: nosniff
strict-transport-security: max-age=63072000;includeSubdomains;preload
content-encoding: br
content-security-policy-report-only: default-src data: blob: about: 'self' 'unsafe-inline' 'unsafe-eval' https: wss:; report-uri /csp/report?always;
rendered-blocks: WidgetExtLike
x-xss-protection: 1; mode=block
pragma: no-cache
server: apache
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK support.html Show response
w.uptolike.com/widgets/v1/zp/ Frame 54D2 14 KB
4 KB 98ms
98ms Document
text/html 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/zp/support.html
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/widgetsModule.js?v=622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=1800
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html;charset=utf-8
Date: Mon, 12 Dec 2022 05:10:19 GMT
Expires: Mon, 12 Dec 2022 05:40:19 GMT
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H3 200 aldine_light_italic.woff2
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/fonts/ Frame C292 26 KB
26 KB 72ms
72ms Font
font/woff2 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/fonts/aldine_light_italic.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/styles/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/styles/style.css
Origin: https://s0.2mdn.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:46 GMT
x-content-type-options: nosniff
age: 416853
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26720
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:46 GMT

GET
H3 404 hotel_names.json Show response
s0.2mdn.net/json/ Frame C292 43 B
62 B 61ms
60ms Fetch
image/gif 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/json/hotel_names.json

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/scripts/custom.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:03:56 GMT
x-content-type-options: nosniff
server: sffe
age: 384
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Mon, 12 Dec 2022 05:18:56 GMT

GET
H/1.1 204
No Content upd Show response
w.uptolike.com/widgets/v1/ Frame AAD3 0
154 B 97ms
97ms Script
text/plain 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/upd?id=vk&pid=1286662&url=http%3A%2F%2Fuchinfo.com.ua%2F%3F_utl_t%3Dvk&c=28&callback=callback__utl_cb_share_1670821820046721
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 05:10:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 102ms
101ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54867994116c663bbc2d9bbea1dbdb7d4ea7b20bbfc10683540ebd9de89817d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10981
x-xss-protection: 0

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/images/ Frame C292 3 KB
3 KB 54ms
54ms Image
image/png 2a00:1450:4001:813::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/images/logo.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

940b6c62a663346ceb4bd6c8ec2cebaf2729c974990f411fe74299a9f7860dc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 09:22:46 GMT
x-content-type-options: nosniff
age: 416854
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2699
x-xss-protection: 0
last-modified: Wed, 09 Nov 2022 04:14:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 07 Dec 2023 09:22:46 GMT

GET
H/1.1 204
No Content upd Show response
w.uptolike.com/widgets/v1/ Frame AAD3 0
154 B 104ms
104ms Script
text/plain 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/upd?id=ps&pid=1286662&url=http%3A%2F%2Fuchinfo.com.ua%2F&c=1&callback=callback__utl_cb_share_167082182019823
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 05:10:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 12 Dec 2022 05:10:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7CDA 13 KB
5 KB 55ms
54ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 31833
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Dec 2022 20:19:47 GMT
expires: Mon, 11 Dec 2023 20:19:47 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 45CC 783 B
536 B 64ms
64ms Document
text/html 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ff3c0ee44742960f40503f2df576a1579cfc3342899b6dc6f3254c99c45e2edb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xtLu6K5mBbZ-w_PU4OYjCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://uchinfo.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-xtLu6K5mBbZ-w_PU4OYjCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 12 Dec 2022 05:10:20 GMT
expires: Mon, 12 Dec 2022 05:10:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CDA 36 KB
16 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QDrzY6hqzGh0aYGUuTA1ex70oaN1LFGaXyg_pTqcRvs.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 10 Dec 2022 22:27:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 110552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15878
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 17:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Dec 2023 22:27:48 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 45CC 0
0 87ms
87ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221206&jk=1033736123224925&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H/1.1 204
No Content upd Show response
w.uptolike.com/widgets/v1/ Frame AAD3 0
154 B 97ms
96ms Script
text/plain 95.163.114.203
DINET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://w.uptolike.com/widgets/v1/upd?id=mr&pid=1286662&url=http%3A%2F%2Fuchinfo.com.ua%2F%3F_utl_t%3Dmr&c=1&callback=callback__utl_cb_share_1670821820488278
Requested by: Host: w.uptolike.com
URL: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 95.163.114.203 , Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://w.uptolike.com/widgets/v1/share-counter.html?622e27e5349ec1bb07f4f36fc56e7c84
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 12 Dec 2022 05:10:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 7CDA 0
10 B 53ms
53ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nm7ODw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 12 Dec 2022 05:10:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 91ms
91ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221206&jk=1033736123224925&bg=!hYalhsLNAAYgquz3AKo7ACkAdvg8WvZhzdlkso_3AvURxflMWHp4Ta2c6e1QcOir_CfXl9q62NmMLwIAAABYUgAAAAJoAQcKAKnSM3SB4iu5f4Tx6xlDnyDA35_se7_RGkjEiFqWy1VIl-vv_L3DnDOVEOxtJCRiE_tAGObs_RPywZ-VPFFx3ouJUUTVb0Izqaj8qIk7HY6YIzPSQepnaii_UYqOiPtQ5Pm9hMa4TB9JN6V6tPhNi-MCCkwONgDzFKsHzRoN4ugHF0fQcUmjxZC4FdVIxa43P_1eItt8uattoGPJ7MZ3OVQExjDwODZQYiYzmQKvoA8KvOFMZjF5i_NLjms4V-TdrX3UdaHniYhdJARIzXof4fXuVVubyiWiGsmYd7Ih3GNf_uXl97XTu70v8sLdUyP4w76KsO6eX7zQ6IE5ZUkEE1iLYzx8qxfvac1HtpEAyF2tAKKNaUhWNAt8lZLMbndmJ1ESj1k7ZlC3WZgGBsvE-uWU-1mA85-8yBq2R0syl7oI9ZJNj3Tv5rXY5jGCycstiaHCqg5iyK3XU_v6hTbwOSFzC-GxCcplRepnkLcuYghCo9xQ4moa6_9CMwgolGmRALaSqIF69mACDU66FVIVdYTFTIGYIOpC19Y8nJkDSNoOcChg9S8n5mbHi3xz0gAm881O35yalz0_4AXoK92_GC-FxKqyoP2DUMGP1mRRj6jtEZ5mQ67CfBjhfh0SO_VNZ20waa4i5dHGXRWDRcdKxkIowENUTLok0dj6CYtk9E7wRLxstcD3i_UsH3s7eP_m4SnGL5c3FEB_ZqcFs9L0kRJE4DGcWnnvTtJtal-pkzl83YXJVU68Zq3Tufpxgr39KhdXyBGRDlI1lrPex93xAP8nYkHogcyxk0p1Cbo9YA7D6O7WwvlF85obWORUmE3rz-j73w1UnzEaJHTzmgTWbmpmz1yJD5O9d6_b0gwg8vd9JdLMoKN0KVqjAC-Ccrd6vupfClrs-p2-LFbLvWGN3qbWkbCgVmSqfGRlbfmd-9bSv9guJ2jJ12owsKbQLn1SIjQZDsq9aXYfsF6ccNf6yxuPlCQQMR3eBRtbV2dRumgAVjh6CJadJGccnWfdUo0jy01W_yyYquH7efCQ-UAH81awecR4Vapffc9PK2aSwc1igM7GKQaY_9qBsWdhag2GGgLQekEuF-TQEIStjWzHjMJU-RxL_J2ROlzCwQAuMr0VMEzgPZuIkGTVz6GS
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://uchinfo.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 17C1 42 B
64 B 90ms
90ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsusLTrqYud6v03ZL1ZmK55F6R-5xG82ZeZw0opWYmBLDsoI6cwRCjKJYUqTY141J2dl-rXuG3tA_CG8cJqkTM22LScHLcFzf1B_G08QigBx3UN6lgbeyIzH1iXKahdl8zSxqy9uc7JxAuoXoI8lAcoa4mzl7lb4n_RZCkDPD9x_I56VJ-sA8AMFKCC5DR4XfQ&sai=AMfl-YQA-jUbb-TCbG7fhGSZr8pZeh5vFEx522c050zW93zZL4dNZp8qF1avGZH3kzzXN58_o8RlYB7tpCEAllg&sig=Cg0ArKJSzFiPF6Z7eSBmEAE&cid=CAQSGwDq26N91ALtHjPoQuFOcKJjoKDliiU6658A4RgBIBM&id=lidar2&mcvt=1000&p=0,0,187.65625,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4286089063&rs=2&la=0&cr=0&vs=4&r=v&rst=1670821818525&rpt=1589&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Dec 2022 05:10:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content event.png
tpsc-frc.doubleverify.com/ Frame 484D 0
210 B 58ms
57ms Ping
text/plain 213.254.244.112
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tpsc-frc.doubleverify.com/event.png?impid=b35a0ee633564c4fa4c204c603485023&flavor=0&gdpr=&gdpr_consent=&dvp_gdpr_Error=3&dvp_gdv2_Error=3&vdur=597&eoid=15&msrjs=3317&sdf=67108866&vit=2&isvelg=1&rmi=16&tltms=211&tetms=9&msltms=123&vltms=597&sei=290&vetms=5&engms=1&engisel=1&dvp_dtcov=4&msrcanlm=264&msrcannum=2&ismms=42&isumms=41&nvr=6&elmtp=4&isbxdms=2642&b0=218&b11=2509&adwdth=728&dvp_vsosnmr=2&lftb=2727&sftb=2727&naral=256&vct=512&vphgt=1200&vpwdth=1600&chgt=188&cwdth=728&invcs=false&scrhgt=1200&scrwdth=1600&strp=0&advisonl=false&isiabvms=1151&isuiabvms=1151&ispmxpms=1151&iscvmvms=1151&engalms=41&dvp_dpr=1&ee_dp_cvcmeeid=1&ee_dp_cvcmetp=1&metp=1&meeid=1&dvp_itg=HEAD:1,SCRIPT:26,STYLE:3,META:1,BODY:1,DIV:19,IFRAME:17,NOSCRIPT:1,svg:3,path:3,A:1,&ttfurm=3631&cbust=1670821822856716
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements3317.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.112 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Mon, 12 Dec 2022 05:09:29 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Expires: 12/11/2022 05:10:22

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: d31j93rd8oukbv.cloudfront.net
URL: https://d31j93rd8oukbv.cloudfront.net/metrika/watch_ua.js

Domain: mc.yandex.ua
URL: https://mc.yandex.ua/sync_cookie_image_check

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/brand.css

Verdicts & Comments Add Verdict or Comment

94 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

49 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.uchinfo.com.ua/	1970-01-20 17:43:01	Name: _ga Value: GA1.3.1793492060.1670821817
.uchinfo.com.ua/	1970-01-20 08:08:28	Name: _gid Value: GA1.3.745638030.1670821817
.uchinfo.com.ua/	1970-01-20 08:07:01	Name: _gat Value: 1
.uchinfo.com.ua/	1970-01-20 16:52:37	Name: _ym_uid Value: 1670821817610162851
.uchinfo.com.ua/	1970-01-20 16:52:37	Name: _ym_d Value: 1670821817
.relap.io/	1970-01-20 17:43:01	Name: unique Value: r1xjiQfw
.relap.io/	1970-01-20 17:43:01	Name: fsts Value: 1670821817
.relap.io/	1969-12-31 23:59:59	Name: suid Value: 5f2b19901883b93209f7e274b4861fa644558592--59cdc4c099ec1ed22a38699716ad1b5e2f5e348d7d5cae4c185b8a9edb2c286a
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 670401211670821817
.yandex.ru/	1970-01-20 17:43:01	Name: i Value: pGCUnxnBN9tNVuGlGhCXE5BEkXhqgtr+YdHG4Ld+LdbjuEeJnqFbW+xw+RY2zAa7f+fGor27IpoQld5B8pgs58fs6kE=
.yandex.ru/	1970-01-20 16:52:37	Name: yandexuid Value: 6623307651670821817
.yandex.ru/	1970-01-20 16:52:37	Name: yuidss Value: 6623307651670821817
.uchinfo.com.ua/	1970-01-20 08:08:13	Name: _ym_isad Value: 2
.yandex.ru/	1970-01-20 16:52:37	Name: ymex Value: 1702357817.yrts.1670821817#1702357817.yrtsi.1670821817
.uchinfo.com.ua/	1970-01-20 17:28:37	Name: __gads Value: ID=4721062ccccc49ad-22cd2c6f07d90022:T=1670821817:RT=1670821817:S=ALNI_MYN5gb0w777Wi_6hD2SoROOWt7wGA
.uchinfo.com.ua/	1970-01-20 17:28:37	Name: __gpi Value: UID=000008d010c9bb01:T=1670821817:RT=1670821817:S=ALNI_MYj2YVCblfha5D_8XXqe07q6fS0lQ
.vk.com/	1970-01-20 17:02:36	Name: remixlang Value: 3
.vk.com/	1970-01-20 16:52:37	Name: remixstlid Value: 9054433683956894294_YuNd0zzfzeO7fJusPbImSJGHEyDGvTXqMyt5aHO6Gi8
.mc.webvisor.org/	1970-01-20 08:07:02	Name: sync_cookie_csrf Value: 4176382063fake
.w.uptolike.com/	1970-01-20 17:43:01	Name: utl_id2 Value: 29931046922
.w.uptolike.com/	1970-01-20 17:43:01	Name: utl_dat Value: "CP7d9qXQMBAAIP6uwa7QMCj+rsGu0DAwACwcyRaieo6hD4bsLnKxT2M="
.relap.io/	1970-01-20 08:08:28	Name: hllc Value: 2
.relap.io/	1970-01-20 08:27:11	Name: rlprp Value: M9jcIg--b5f6e4533cb00f2eaf4907c827b6af4dac63037b046cb46e6348de1def0f8454
.relap.io/	1969-12-31 23:59:59	Name: 3rdpce Value: 1
.mail.ru/	1970-01-20 16:54:04	Name: VID Value: 3yJEh82V43YE00000k1SL4oE:::0-0-0-8b1107a:CAASEAFc2zul3bQCdZ4AAluFKPgaYLI1IiR_6TyspDCqxowda2n-SVfblKvfUKkUunfrZa7bqkO1kpyTQj9ap9C-C8qM6yGaC-o1XPmWtmFPfn6ZIiz2WDIbBWh0kjy606Mueu3VSRGlw-F7pgneuQEnWmzkvw
.webvisor.org/	1970-01-20 17:43:01	Name: yandexuid Value: 6623307651670821817
.webvisor.org/	1970-01-20 17:43:01	Name: yuidss Value: 6623307651670821817
.webvisor.org/	1970-01-20 17:43:01	Name: i Value: pGCUnxnBN9tNVuGlGhCXE5BEkXhqgtr+YdHG4Ld+LdbjuEeJnqFbW+xw+RY2zAa7f+fGor27IpoQld5B8pgs58fs6kE=
.mc.webvisor.org/	1970-01-20 08:08:28	Name: sync_cookie_ok Value: synced
.gnezdo.ru/	1970-01-20 17:43:01	Name: uid Value: XV9maWOWt7qayZs3CUHPAg==
.relap.io/	1970-01-20 16:52:37	Name: rlpagcs_2 Value: 1670821818:CMtTIPgmFYRZqAnuM8GgNKJg==
.doubleclick.net/	1970-01-20 17:28:37	Name: IDE Value: AHWqTUmvkz64O_t6up5iOor1mSpCmfzVTMzqUnlb8m3uNTauDbZ1AF9rLHI2dZItMOU
.doubleclick.net/	1970-01-20 08:07:05	Name: DSID Value: NO_DATA
.mc.yandex.com/	1970-01-20 08:07:02	Name: sync_cookie_csrf Value: 433679534fake
.mc.yandex.ru/	1970-01-20 08:07:02	Name: sync_cookie_csrf Value: 3631859349fake
.relap.mail.ru/	1970-01-20 17:43:01	Name: unique Value: SjjZqRLA
.relap.mail.ru/	1970-01-20 17:43:01	Name: fsts Value: 1670821819
.relap.mail.ru/	1970-01-20 17:43:01	Name: lsts Value: 1670821819
.relap.mail.ru/	1969-12-31 23:59:59	Name: suid Value: cae89dbee7626737a064309c661e20f82d68a762--dbf511cafd6b22534120a12c6b6ae062e5182725a73eb53d120d098a449de3a0
.relap.mail.ru/	1970-01-20 08:08:28	Name: hllc Value: 1
.yandex.com/	1970-01-20 16:52:37	Name: yandexuid Value: 6623307651670821817
.yandex.com/	1970-01-20 16:52:37	Name: yuidss Value: 6623307651670821817
.yandex.com/	1970-01-20 17:43:01	Name: i Value: pGCUnxnBN9tNVuGlGhCXE5BEkXhqgtr+YdHG4Ld+LdbjuEeJnqFbW+xw+RY2zAa7f+fGor27IpoQld5B8pgs58fs6kE=
.mc.yandex.com/	1970-01-20 08:08:28	Name: sync_cookie_ok Value: synced
.relap.io/	1970-01-20 17:43:01	Name: lsts Value: 1670821819
.relap.io/	1970-01-20 16:52:37	Name: rlpgnzd_2 Value: 1670821819:XV9maWOWt7qayZs3CUHPAg%3D%3D
.cdn.smntq.com/	1970-01-20 17:43:01	Name: smart Value: 63487c1a9c2e44409fb6b7c63f893344
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1052700711670821819
.yandex.com/	1970-01-20 16:52:37	Name: ymex Value: 1702357819.yrts.1670821819

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://d31j93rd8oukbv.cloudfront.net/metrika/watch_ua.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://bs.yandex.ru/informer/27035070/3_1_FFFFFFFF_EFEFEFFF_0_pageviews Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://mc.yandex.ua/sync_cookie_image_check Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://ad.atdmt.com/i/img;adv=11217209655101;ec=11217209657759;adv.a=8650961;c.a=28887302;s.a=443002;p.a=352921664;a.a=544401823;cache=2906761052; Message: Failed to load resource: the server responded with a status of 400 ()
security	error	URL: https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/index.html Message: Refused to apply style from 'https://s0.2mdn.net/sadbundle/128784224186105385/Marriott-Global_Marriott-APD-2022_Display-Tool_970x250_MMBohG/brand.css' because its MIME type ('image/gif') is not a supported stylesheet MIME type, and strict MIME checking is enabled.
network	error	URL: https://s0.2mdn.net/json/hotel_names.json Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.atdmt.com
adservice.google.com
adservice.google.de
af.click.ru
ajax.googleapis.com
api.pinterest.com
bs.yandex.ru
cdn.doubleverify.com
cdn.jsdelivr.net
cdn.smntq.com
cm.p.altergeo.ru
cntrsync.ru
connect.mail.ru
connect.ok.ru
d31j93rd8oukbv.cloudfront.net
d4.c9.b6.a1.top.mail.ru
fcgi4.gnezdo.ru
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ia-dmp.com
mc.webvisor.org
mc.yandex.com
mc.yandex.ru
mc.yandex.ua
pagead2.googlesyndication.com
partner.googleadservices.com
relap.io
relap.mail.ru
s.relap.io
s0.2mdn.net
supraneet.ru
top-fwz1.mail.ru
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-frc.doubleverify.com
uchinfo.com.ua
vk.com
w.uptolike.com
www.google-analytics.com
www.google.com
www.google.com.ua
www.googletagservices.com
www.gstatic.com
d31j93rd8oukbv.cloudfront.net
mc.yandex.ua
s0.2mdn.net
138.201.139.144
142.250.185.194
151.101.64.84
185.26.97.53
213.254.244.112
217.197.112.80
217.20.155.208
2606:4700::6810:5914
2a00:1450:4001:801::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2006
2a00:1450:4001:829::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
2a00:1450:4001:831::2004
2a02:26f0:480:9::210:ee0e
2a02:6b8::1:119
2a02:6b8::90
2a03:2880:f045:f:face:b00c:0:8c
62.109.6.15
80.239.201.34
87.236.16.254
87.240.129.133
87.240.132.78
92.63.102.100
93.95.102.105
94.100.180.55
95.163.114.203
95.163.37.253
95.163.52.67
95.217.109.66
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
03e4dca6fc35b9df28bf591662be9028ecb050f0460c3d0438cf519d546e7a65
0908d8b4c9a6020aad8a26dd2aab6be4bcdde18264ef53732a3d73bd7bc5290b
09b8585932e9851125c885d435a53f925d6b4d508b9f49b5cb929690509f1d85
10a47c587656afad583fe46cc5e93994ebdeb08b0cf0b9dc16b7b8970238bb3b
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14245eab55603b4b55aac867e5afeceeaf955a8157979939ce375e3fba70a8fe
173332e93cda257ff7e87e0e21b0b2d164217742f8002933ef6fb2f8f4e5c498
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18f5fa8c02617f100815ea12b8986d0ac015159688c199e6009f767ddf76dbcb
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a12532324261fcc9e92664b32cea31bf3a14a1128cf6a7531cc6a9ce9197cb9
1e76749f0d1334b98923fc2d9fdfa9d5ae99b2c0be7004f34ffd65c12f952f4d
1ee8620ffcc6639a20e8c8463fb7987a52b37a746f1fd0c4016b6e47e87ad8aa
1f8c4d264207df6dadfc6b486b5eef90c6d1b13cb77345fd064e8381f6221464
21b2c55e517d80205308da0a13befc68d57b05b7f077646058b1b584ee872a5c
21f3b0554c4bd505971a2dc8cb5cb12622c6792ee9d64583458547a2412939b7
22dc7c8c81b9f9f71547187665865406a2b782c54b0bc43d26f3a823987abd32
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
27f5b100c25a8ef97876750b81222227c7d5ff0da6626d5fdfa8d4819738d4d9
2b4fe6e33e24427ff09805210219fe3cc19e22ed637e003efeea9131ecbd9121
2da066561313ddb9a16022853e55b14cbf349fae0f231412ad9ce1e45196051a
2e5165f975a9ad1497a399a7b02a3dfbf4fc14abcf6044d8a75c923ebcc1ea7d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3a4961c1ae6e8496067150f54acfa06b0026a5525978c24075d5636d33531fb0
3be77a5a009a7cde3989885fef2379a0969a56361186a3324763868a4839576d
3f72dc1fd03fba15c9200144bf1df7286ad1e2560b50a5ecc12e68c9c1e36f29
403af363a86acc6874698194b930357b1ef4a1a3752c519a5f283fa53a9c46fb
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
4115ec96a91b8cd65cb888475c87fda33f4975e96c0a06304d83cfe57a02c1bb
41a92a9ba380e93e747a915f98090102b1e38534331c28d8231ffac22422a564
42e15b92dfd5ed76464a31a7e57706652db1f05e4287b112170f0f57c3aeb8f7
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
48d1186e375dd91148851d1b190b40e99f821b7258e175c3ac15f7c05673096a
4d648af4f9d9a671112b42da882063bace254931e0674e8700d59ed05ce526d3
4dd249afd61e6713d97966314c7f6907f257830e61c01701550f4b27e4f53295
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54867994116c663bbc2d9bbea1dbdb7d4ea7b20bbfc10683540ebd9de89817d8
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
573fcadc366e8f2230cee46d844a9d93ad5e63f103c1eec28bb802e2657345a6
57f99a282439a903fd8cd031721795b16b4bf882a1c3bca5d0944c52d6d36ddc
5a45cbe26ba211d13c36dd029da58b7f30ca02ee8f5d6684392e1141d84e7dc7
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e97d5b753b6f12625d7d69024bd7f9141329f98fe3c862f8e9fb10f9b4537f
624108d126aaea46f83bb807588d0fd9a1ad3ce8b237577f70cd5ee6232cbfb4
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
63c5cd29f58c48289d6023748334dda62503bb7b56c8f2a28b7890b5147f64e1
64f8e91517626cb8e9787f9e2a43292c19018db66d88a8d057179b4537bb4276
66e9c7e2345cb50b8e2eed66f19e4ca73427ec6b96b78ecf9387ad152003474b
697f20c291baf46e886ce0f7e121a9dec8a3782620360e88e08f128d5b487ce8
69892f6e7ffe7a0e978c7f3503719b27ae654757996cfc2220031d75b8313c0b
6f2847813534152374df0ae61a153d09fc73c4d3b654b8d4e65adce47ba4ad00
736fb641f5fababcf00f66eb53ef4bdff641a632bcea9a3d254b0b36e6271543
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6
780676be17f05546c6d72b96e39064520b1dbac3d44fe6bd55cb024202ce6bcf
7d4664eb215eb5de157d3505f2d128769700e217d417982326bda584d841de8a
7e1adee22626162c0fb089096a3bd419c5a57d50043e31bf6e7b2ea292f6341f
81d7621f6f4bd861bfa99b03060a59c44748d722412d7d9b82bef4e7c7dbcea9
829aefc2561d1da1496d88af2e9fdcda7d002eb568e8b59a636aaf49de2751de
84ca93279690edc66f2712fc78da024d32d2595832d5cee891c6ce8d12b27d39
86a2a3999c65a6ee0bbee35ac7515f04856e0fcbcebdffd56001c0dc924d887a
8c426e883d97a62f7de0947df12491e3bcdad01a12a43fc462ee0ba441416d8f
9044043912944584d5351015e51e898521aba4ed88f5fc5c6b9d12cf40d1f16b
940b6c62a663346ceb4bd6c8ec2cebaf2729c974990f411fe74299a9f7860dc0
9418fa386b30c9844c9b25831f0cf6b0349ade98edd18d756ff4cd3f48420966
97ce3fd5f5eee27ebe4513c4731c528cd845b819e865c2c487e23e6926df3ba8
98ba645c358687e7cd2018456d3691e703613aa27fa2fa2e54d9396cdf4c55b3
9c5c3d5e418b326d6f41973bebeab7f2300a640911c341c4ba9a4c4c5b491107
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a01ed62761c70d35a7f2dd5f497451e70b85e85bb8f1774cee68d53554e6ecaa
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a3a943ad9951d54a20b420b0d5a2a4c5c9dc1a3a17ec57da4920f24f145385d6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59e0af079a0f1aff9d51c1e7e41e339e66dc8b1d5ffceff54661aafc4bea533
a5d6e95495623b4f8bce52c0fcbb207f3f2050177ea4d33ddb731a82c6e924fc
aced1a19563b185e8747c0942daccd24f10f3fcda4a897f98fd36001cb7e356b
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1c08ac4601146baf8c5c89c7ce57be133c9fa8cf02d02904f0a20d57b0d1e99
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b779c1419a06e2472734389e8c8b7f631e1708cc69bf93312bd9f5b06b8ea428
b77d6e848d3bf71cc3c269d9f0fdfde8d74d03bb78f28ecfccf0e10d34fa0f1d
b98809417c0240085bf70f2a1127f0b622c1514651737e7e4ffac4b39e4da17e
bbbd7c7c871d3bab4497a5f5586fc6b52f969fd624b6e3e4a8a91b11567909be
bcba833ce83810b4c8ff8d72366e02c258a452b913bf3ed982c22424b6305923
be12e84a82c40bc0b087f63d836b91ed1599d91bba73e06968605375d5138649
c07c1a0fb18908b919c9ff0e5ba67edb963635b25abe6260f1b32108af7f83f4
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c23f13dc75521d634c0f19c8566969275e9e56cd3de9bb6652e38923d4ac99d2
c45eea5e6944436e8762d9c18bde4591ac33efd2bfbda1ff9d064712cadaa1ce
c562c26e391f8b8bc7e995db915519006653b8ae659d7ba34e5aadad736f91ea
c656d4355fa039fda2a2cfcb1e60bcc52e4cae212ebad51647b73ab96bee900f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2bf56d119171034dbc01dbb929f251f96a15e7acc664ed373ed1deddea732f6
dbb87754e7677c99a20c4603a88765b6cb926a78b79edb863fee5c9ea1c96ef4
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd74179e06b64ecb0b4e1b55019d12bc2cfe0d339fd3c9f63e54dfbefe2a4f84
e2c2ca99d94d31b791852486a401d3de0dc7158c72bc2d646747c7df25466944
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4b9e999b72a5b10a4ac22536e3c1199747c7bc0e9d325bd061bad340e47d0a3
e71922ba9eed9d98158859ef8fd8c83fd817943005acddd4166cde52a04f5aa4
eba07c8aaf4516406fe82ace06334844f851e93b3efb12ef6ee69f190a5c4f67
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0bfa347530a3b4724c4778982581a448a01c3051cfa4e25eefea88b769abdef
f14491ec2be7f626cea791d73b0d32f98d97069c74351c470000d80638666ae5
f60b30f2c5ddad9a137a0bebdbcdd2df24cf8e1c3f229764e987d72d56aed439
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff3c0ee44742960f40503f2df576a1579cfc3342899b6dc6f3254c99c45e2edb

uchinfo.com.ua Open in urlscan Pro 87.236.16.254 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

153 Requests

85 %HTTPS

51 %IPv6

33 Domains

45 Subdomains

36 IPs

6 Countries

1803 kBTransfer

5223 kBSize

49 Cookies

5 Outgoing links

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

uchinfo.com.ua Open in urlscan Pro
87.236.16.254 Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

85 %
HTTPS

51 %
IPv6

33
Domains

45
Subdomains

36
IPs

6
Countries

1803 kB
Transfer

5223 kB
Size

49
Cookies

153 HTTP transactions
2 data transactions