kliker.com.ua Open in urlscan Pro
89.184.95.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://kliker.com.ua/
Effective URL:
https://kliker.com.ua/
Submission: On December 07 via api (December 7th 2022, 2:49:22 am UTC) from GB — Scanned from GB

Summary HTTP 109 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 24 IPs in 7 countries across 16 domains to perform 109 HTTP transactions. The main IP is 89.184.95.164, located in Ukraine and belongs to MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA. The main domain is kliker.com.ua.
TLS certificate: Issued by R3 on October 29th 2022. Valid for: 3 months.

This is the only time kliker.com.ua was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 36	89.184.95.164 89.184.95.164	28907 (MIROHOST ...) (MIROHOST Web hosting)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
1 3	88.212.202.52 88.212.202.52	39134 (UNITEDNET) (UNITEDNET)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
8	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2010	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
2	2800:3f0:4001... 2800:3f0:4001:82d::2003	15169 (GOOGLE) (GOOGLE)
1	64.233.166.155 64.233.166.155	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4009:19::8	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
109	24

36 89.184.95.164 (Ukraine) 1 redirects

ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA)
PTR: vs1689.mirohost.net

kliker.com.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 88.212.202.52 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host152.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

storage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2800:3f0:4001:82d::2003 (São Paulo, Brazil)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.233.166.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f155.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4009:19::8 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r3---sn-aigl6nzk.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	kliker.com.ua 1 redirects kliker.com.ua	1 MB
27	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 109 tpc.googlesyndication.com — Cisco Umbrella Rank: 144	444 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com csi.gstatic.com	101 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 51 storage.googleapis.com — Cisco Umbrella Rank: 436 imasdk.googleapis.com — Cisco Umbrella Rank: 437	141 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 39 bid.g.doubleclick.net — Cisco Umbrella Rank: 749	85 KB
4	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3018	74 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 38 region1.google-analytics.com — Cisco Umbrella Rank: 2448	21 KB
3	2mdn.net 1 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1080 r3---sn-aigl6nzk.c.2mdn.net — Cisco Umbrella Rank: 290027	1 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 87 www.google.com — Cisco Umbrella Rank: 2	2 KB
3	yadro.ru 1 redirects counter.yadro.ru — Cisco Umbrella Rank: 7875	1 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 65	161 KB
2	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 4931	914 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	47 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 942	699 B
1	gravatar.com secure.gravatar.com — Cisco Umbrella Rank: 2145	4 KB
0	flowpubdom.info Failed ww1.flowpubdom.info Failed
109	16

	Domain	Requested by
36	kliker.com.ua	1 redirects kliker.com.ua
14	tpc.googlesyndication.com	googleads.g.doubleclick.net imasdk.googleapis.com pagead2.googlesyndication.com tpc.googlesyndication.com
13	pagead2.googlesyndication.com	kliker.com.ua pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	fonts.gstatic.com	fonts.googleapis.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com kliker.com.ua
4	mc.yandex.ru	1 redirects kliker.com.ua
4	fonts.googleapis.com	kliker.com.ua googleads.g.doubleclick.net
3	counter.yadro.ru	1 redirects kliker.com.ua
3	www.google-analytics.com	kliker.com.ua www.google-analytics.com
3	www.googletagmanager.com	kliker.com.ua www.googletagmanager.com
2	r3---sn-aigl6nzk.c.2mdn.net
2	csi.gstatic.com	imasdk.googleapis.com
2	imasdk.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
1	www.google.com	tpc.googlesyndication.com
1	gcdn.2mdn.net	1 redirects
1	bid.g.doubleclick.net	imasdk.googleapis.com
1	www.gstatic.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	storage.googleapis.com	kliker.com.ua
1	region1.google-analytics.com	www.googletagmanager.com
1	secure.gravatar.com	kliker.com.ua
0	ww1.flowpubdom.info Failed	kliker.com.ua
109	25

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.youtube.com
www.instagram.com
www.liveinternet.ru

Subject Issuer	Validity	Valid
kliker.com.ua R3	`2022-10-29` - `2023-01-27`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gravatar.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-23` - `2023-12-24`	a year	crt.sh
counter.yadro.ru AlphaSSL CA - SHA256 - G2	`2022-10-29` - `2023-11-30`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
storage.googleapis.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-07` - `2023-01-30`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-11-29` - `2023-02-07`	2 months	crt.sh

This page contains 10 frames:

Primary Page: https://kliker.com.ua/
Frame ID: 6352F88E969378F7D36E88E42FA704D1
Requests: 71 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html
Frame ID: 79F147A5FD814FEA35185F117E14DFF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7704862409288776&output=html&adk=1812271804&adf=3025194257&lmt=1670375266&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkliker.com.ua%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670381356661&bpp=2&bdt=489&idt=283&shv=r20221129&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5455701845529&frm=20&pv=2&ga_vid=1921471452.1670381356&ga_sid=1670381357&ga_hid=1891568036&ga_fc=1&ga_cid=1354077192.1670381356&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31071078%2C44779957%2C21065725&oid=2&pvsid=1595447074186882&tmod=1310264617&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=299
Frame ID: FDF5FBB1D08DF6AD68E573364B5A2ECC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: A02E1EAD9EB9E6AB6B2BD3A999A1E37A
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
Frame ID: DC525BF4B96B1A46B1A835F27513FAF3
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js
Frame ID: 84C963CFE02500E680FDB3DD76B7A592
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js
Frame ID: 494BA2C21D2646147EAC6399376BA0EE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 564F57D4081EEB420A86DBF5AD8B4A36
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E758C4A949220ED5F7BDD9BACB0A3AE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7294AB9CB312AF0247225854B8381463
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Кликер

Page URL History Show full URLs

http://kliker.com.ua/ HTTP 301
https://kliker.com.ua/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

109
Requests

96 %
HTTPS

88 %
IPv6

16
Domains

25
Subdomains

24
IPs

7
Countries

2365 kB
Transfer

4589 kB
Size

18
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/kliker.com.ua

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Kliker2021/videos

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kliker400

Search URL Search Domain Scan URL

URL: https://www.liveinternet.ru/click

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://kliker.com.ua/ HTTP 301
https://kliker.com.ua/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://flowpubdom.info/j/60ded74ede4422e9c9fd89be HTTP 0
http://ww1.flowpubdom.info/

Request Chain 28

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//kliker.com.ua/;h%u041A%u043B%u0438%u043A%u0435%u0440;0.966371333564823 HTTP 302
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kliker.com.ua/;h%u041A%u043B%u0438%u043A%u0435%u0440;0.966371333564823

Request Chain 60

https://mc.yandex.ru/watch/62172709?wmode=7&page-url=https%3A%2F%2Fkliker.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A652363698044%3Ahid%3A78557868%3Az%3A0%3Ai%3A20221207024916%3Aet%3A1670381357%3Ac%3A1%3Arn%3A179510003%3Arqn%3A1%3Au%3A1670381357651080018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C180%2C165%2C2%2C230%2C0%2C%2C342%2C0%2C%2C%2C%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1670381355589%3Arqnl%3A1%3Ast%3A1670381357%3At%3A%D0%9A%D0%BB%D0%B8%D0%BA%D0%B5%D1%80&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.ru/watch/62172709/1?wmode=7&page-url=https%3A%2F%2Fkliker.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A652363698044%3Ahid%3A78557868%3Az%3A0%3Ai%3A20221207024916%3Aet%3A1670381357%3Ac%3A1%3Arn%3A179510003%3Arqn%3A1%3Au%3A1670381357651080018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C180%2C165%2C2%2C230%2C0%2C%2C342%2C0%2C%2C%2C%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1670381355589%3Arqnl%3A1%3Ast%3A1670381357%3At%3A%D0%9A%D0%BB%D0%B8%D0%BA%D0%B5%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 95

https://gcdn.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701917358/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/4827D875412A3F4956EDE76091E901BD3F9A4506.9DF4174F02826D9EC698AA7CAE0C87552018094C/key/ck2/file/file.mp4 HTTP 302
https://r3---sn-aigl6nzk.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701917358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/80F9DA19B53E74635FF31446EF2E387A864695DD.0B2D6C33D03C42084D0A0B66480F5D952598B441/key/cms1/cms_redirect/yes/mh/wz/mip/2001:ac8:21:e::10/mm/42/mn/sn-aigl6nzk/ms/onc/mt/1670381095/mv/m/mvi/3/pl/48/file/file.mp4

109 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
kliker.com.ua/
Redirect Chain

http://kliker.com.ua/
https://kliker.com.ua/

84 KB
16 KB

349ms
165ms

Document
text/html

89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),

Reverse DNS

vs1689.mirohost.net

Software

nginx /

Resource Hash

edcf8085e81a4ccbb762bfe723b38a41d30d1ea8e86c9bf5d9b10bea731d30fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 15673
content-type: text/html; charset=UTF-8
date: Wed, 07 Dec 2022 02:49:16 GMT
etag: "3d39-5ef328c6019be"
front-end-https: on
last-modified: Wed, 07 Dec 2022 01:07:46 GMT
referrer-policy: no-referrer-when-downgrade
server: nginx
strict-transport-security: max-age=300;
vary: X-Forwarded-Proto,Accept-Encoding
x-pingback: https://kliker.com.ua/xmlrpc.php

Redirect headers

Connection: keep-alive
Content-Length: 230
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 07 Dec 2022 02:49:15 GMT
Location: https://kliker.com.ua/
Server: nginx

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 163ms
63ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-ZB0QFYGMDT

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

16927bb5a2fba3a5a0060f163af30944adbb881a79a5d8ccb47b3a052937ca72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76899
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 07 Dec 2022 02:49:16 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 147ms
45ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 07 Dec 2022 01:24:40 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5076
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 07 Dec 2022 03:24:40 GMT

GET
H2 200 style.min.css
kliker.com.ua/wp-includes/css/dist/block-library/ 93 KB
12 KB 89ms
86ms Stylesheet
text/css 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Tue, 15 Nov 2022 21:12:46 GMT
server: nginx
etag: W/"637400ce-172a9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 classic-themes.min.css
kliker.com.ua/wp-includes/css/ 217 B
430 B 116ms
113ms Stylesheet
text/css 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Wed, 02 Nov 2022 13:04:46 GMT
server: nginx
etag: "63626aee-d9"
content-type: text/css
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 217
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 a2hs.css
kliker.com.ua/wp-content/plugins/hyper-pwa/css/ 600 B
813 B 116ms
114ms Stylesheet
text/css 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-content/plugins/hyper-pwa/css/a2hs.css?ver=2.13.0
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 3e4683676bacff5f6430f771cdd4f310a7683eec6000984194681831359009f8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Mon, 14 Nov 2022 09:12:32 GMT
server: nginx
etag: "63720680-258"
content-type: text/css
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 600
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 font-awesome.min.css
kliker.com.ua/wp-content/themes/bam/assets/css/ 30 KB
7 KB 118ms
116ms Stylesheet
text/css 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 10:27:33 GMT
server: nginx
etag: W/"5d63b415-791c"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 style.css
kliker.com.ua/wp-content/themes/bam/ 54 KB
10 KB 171ms
169ms Stylesheet
text/css 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-content/themes/bam/style.css?ver=6.1.1
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 9d43a78b5d18f8f5b3d52f262b13914ae95e8a49b71e2b876a92d574e130b933

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 10:27:33 GMT
server: nginx
etag: W/"5d63b415-d6b9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 css
fonts.googleapis.com/ 39 KB
2 KB 157ms
57ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

19f83db5567274922feb4a7400bfc7997264aa52dc235ffc24b786623f71911f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 02:49:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 02:49:16 GMT

GET
H2 200 jquery.min.js Show response
kliker.com.ua/wp-includes/js/jquery/ 88 KB
30 KB 173ms
171ms Script
application/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 13:04:47 GMT
server: nginx
etag: W/"63626aef-15e54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 jquery-migrate.min.js Show response
kliker.com.ua/wp-includes/js/jquery/ 11 KB
4 KB 200ms
198ms Script
application/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Wed, 09 Dec 2020 19:21:46 GMT
server: nginx
etag: W/"5fd123ca-2bd8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 178ms
66ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7704862409288776&host=ca-host-pub-2644536267352236

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d39e3702e708400920ed40f04d3bc33cbac5951d12a1faa45abacfdafd396d9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kliker.com.ua/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49280
x-xss-protection: 0
server: cafe
etag: 6149414211246733132
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 02:49:16 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 143 KB
49 KB 197ms
85ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

72f6ab28270934c3d9d123416c8bf36cab7844881720bbe63fc11b7c924f3f8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49456
x-xss-protection: 0
server: cafe
etag: 2158263506198934423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 02:49:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 62ms
59ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146527585-1

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

45b8b06d5cd6e04024b5b4fb305a533025d68b07961da0c133b095960ea1627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43652
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 02:49:16 GMT

GET

/
ww1.flowpubdom.info/
Redirect Chain

https://flowpubdom.info/j/60ded74ede4422e9c9fd89be
http://ww1.flowpubdom.info/

0
0

GET
H2 200 cropped-untitled_2-1.png
kliker.com.ua/wp-content/uploads/2021/05/ 4 KB
4 KB 87ms
85ms Image
image/png 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2021/05/cropped-untitled_2-1.png
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: ce512c069192915dce2cd9b2af72ee4f71700be3a72c0ac9fdb80e725e50331d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Fri, 21 May 2021 13:29:57 GMT
server: nginx
etag: "60a7b5d5-fe6"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 4070
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 alymenty2-890x530.jpeg
kliker.com.ua/wp-content/uploads/2022/12/ 31 KB
31 KB 87ms
85ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/12/alymenty2-890x530.jpeg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: e336907f730fcb547492ddce6aa21ad4c60c7e21ee4f9c99e4f9e581ce60b739

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Mon, 05 Dec 2022 15:06:23 GMT
server: nginx
etag: "638e08ef-7ca9"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 31913
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 9fc58f09e11a4b0e5f9f712bd426566d
secure.gravatar.com/avatar/ 4 KB
4 KB 119ms
34ms Image
image/jpeg 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/9fc58f09e11a4b0e5f9f712bd426566d?s=96&d=mm&r=g
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ebb9fd715d4b0eaf5c43e9e7f36ae6adfd5aa2a9540a9df736d3e464d404a352

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

x-nc: HIT lhr 1
date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Thu, 16 Sep 2021 11:41:50 GMT
server: nginx
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="9fc58f09e11a4b0e5f9f712bd426566d.jpeg"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/9fc58f09e11a4b0e5f9f712bd426566d?s=96&d=mm&r=g>; rel="canonical"
content-length: 3596
expires: Wed, 07 Dec 2022 02:54:16 GMT

GET
H/1.1 200
OK logo
counter.yadro.ru/ 104 B
380 B 230ms
76ms Image
image/gif 88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/logo?45.6

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 02:49:16 GMT
Strict-Transport-Security: max-age=86400
Last-Modified: Sun, 09 Sep 2001 01:46:40 GMT
Server: nginx/1.17.9
Content-Type: image/gif
Connection: keep-alive
Content-Length: 104
Expires: Wed, 06 Dec 2023 21:00:00 GMT

GET
H2 200 icon-192.png
kliker.com.ua/wp-content/plugins/hyper-pwa/img/ 5 KB
5 KB 165ms
163ms Image
image/png 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/plugins/hyper-pwa/img/icon-192.png
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: a35deaebcd564fb0055f1b986b5c592ece8f221a5b1a7d18ff7792d6251c3106

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Mon, 14 Nov 2022 09:12:32 GMT
server: nginx
etag: "63720680-13e6"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 5094
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 hyper-pwa-register.js Show response
kliker.com.ua/ 4 KB
2 KB 169ms
167ms Script
text/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://kliker.com.ua/hyper-pwa-register.js?ver=2.13.0

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),

Reverse DNS

vs1689.mirohost.net

Software

nginx /

Resource Hash

0c565a9c08a35bfe5e913a1f90b2607afe6ba6aa200acadff8904829f938fea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=300;
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
front-end-https: on
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
content-length: 1385
expires: Thu, 07 Dec 2023 02:49:16 GMT

GET
H2 200 scripts.js Show response
kliker.com.ua/wp-content/themes/bam/assets/js/ 145 B
368 B 83ms
82ms Script
application/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-content/themes/bam/assets/js/scripts.js?ver=6.1.1
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 0b5e75f6bab547a4e517bd37e44d3b7e31ec2aeb7c0182690b08931d48d048b4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Mon, 26 Aug 2019 10:27:33 GMT
server: nginx
etag: "5d63b415-91"
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 145
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 main-navigation.js Show response
kliker.com.ua/wp-content/themes/bam/assets/js/ 4 KB
1 KB 85ms
82ms Script
application/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-content/themes/bam/assets/js/main-navigation.js?ver=6.1.1
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 72095a2ac4b41e27247edb0f65e195bb1cf3774b2e12b79ce663f386d9c23dac

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 10:27:33 GMT
server: nginx
etag: W/"5d63b415-ee8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 skip-link-focus-fix.js Show response
kliker.com.ua/wp-content/themes/bam/assets/js/ 716 B
939 B 86ms
83ms Script
application/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-content/themes/bam/assets/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 93c964e1bd5719c525c73073cf64f4c2b03dd6d4fa846d5bce3142596b3f1e97

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Mon, 26 Aug 2019 10:27:33 GMT
server: nginx
etag: "5d63b415-2cc"
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 716
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 core.min.js Show response
kliker.com.ua/wp-includes/js/jquery/ui/ 21 KB
7 KB 87ms
84ms Script
application/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 13:04:47 GMT
server: nginx
etag: W/"63626aef-53c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 tabs.min.js Show response
kliker.com.ua/wp-includes/js/jquery/ui/ 12 KB
4 KB 87ms
84ms Script
application/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 13:04:47 GMT
server: nginx
etag: W/"63626aef-2ea1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

GET
H2 200 wp-emoji-release.min.js Show response
kliker.com.ua/wp-includes/js/ 18 KB
5 KB 165ms
164ms Script
application/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Wed, 25 May 2022 12:58:55 GMT
server: nginx
etag: W/"628e280f-48b9"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=950400, public, must-revalidate, proxy-revalidate
expires: Sun, 18 Dec 2022 02:49:16 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
206 B 55ms
54ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1891568036&t=pageview&_s=1&dl=https%3A%2F%2Fkliker.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BB%D0%B8%D0%BA%D0%B5%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=285327459&gjid=1046693567&cid=1921471452.1670381356&tid=UA-146527585-1&_gid=1354077192.1670381356&_r=1&_slc=1&z=769987575

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kliker.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kliker.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 209 KB
72 KB 367ms
182ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

b93d3ad05d5001b63a353f35b5a76fe1f34032b67f6a9ef426611c285fe7ffc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
etag: "638eb36c-11e32"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73266
expires: Wed, 07 Dec 2022 03:49:16 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?r;s1600*1200*24;uhttps%3A//kliker.com.ua/;h%u041A%u043B%u0438%u043A%u0435%u0440;0.966371333564823
https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kliker.com.ua/;h%u041A%u043B%u0438%u043A%u0435%u0440;0.966371333564823

43 B
528 B

76ms
76ms

Image
image/gif

88.212.202.52
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kliker.com.ua/;h%u041A%u043B%u0438%u043A%u0435%u0440;0.966371333564823

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

HTTP/1.1

Server

88.212.202.52 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host152.rax.ru

Software

nginx/1.17.9 /

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 02:49:16 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: image/gif
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Length: 43
Expires: Mon, 06 Dec 2021 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 07 Dec 2022 02:49:16 GMT
Strict-Transport-Security: max-age=86400
Server: nginx/1.17.9
Content-Type: text/html
Location: https://counter.yadro.ru/hit?q;r;s1600*1200*24;uhttps%3A//kliker.com.ua/;h%u041A%u043B%u0438%u043A%u0435%u0440;0.966371333564823
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Cache-control: no-cache
Connection: keep-alive
Content-Length: 32
Expires: Mon, 06 Dec 2021 21:00:00 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
7 KB 217ms
120ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7lqDY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i|Roboto+Condensed%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100i%2C200i%2C300i%2C400i%2C500i%2C600i%2C700i%2C800i%2C900i%26subset%3Dlatin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:31:03 GMT
x-content-type-options: nosniff
age: 544693
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7448
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:14:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 19:31:03 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 145ms
47ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 18:50:20 GMT
x-content-type-options: nosniff
age: 374336
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 18:50:20 GMT

GET
H2 200 fontawesome-webfont.woff2
kliker.com.ua/wp-content/themes/bam/assets/fonts/ 75 KB
76 KB 163ms
163ms Font
application/font-woff2 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://kliker.com.ua/wp-content/themes/bam/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://kliker.com.ua/wp-content/themes/bam/assets/css/font-awesome.min.css?ver=4.7.0
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
last-modified: Mon, 26 Aug 2019 10:27:33 GMT
server: nginx
etag: W/"5d63b415-12d68"
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: max-age=315360000, public, must-revalidate, proxy-revalidate
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 182ms
89ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 05 Dec 2022 17:43:57 GMT
x-content-type-options: nosniff
age: 119119
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Dec 2023 17:43:57 GMT

GET
H2 200 hyper-pwa-register.js Show response
kliker.com.ua/ 4 KB
2 KB 157ms
157ms Script
text/javascript 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://kliker.com.ua/hyper-pwa-register.js?ver=2.13.0

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),

Reverse DNS

vs1689.mirohost.net

Software

nginx /

Resource Hash

0c565a9c08a35bfe5e913a1f90b2607afe6ba6aa200acadff8904829f938fea4

Security Headers

Name	Value
Strict-Transport-Security	max-age=300;

Request headers

Referer: https://kliker.com.ua/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=300;
server: nginx
vary: X-Forwarded-Proto,Accept-Encoding
front-end-https: on
content-type: text/javascript; charset=UTF-8
cache-control: max-age=31536000
content-length: 1385
expires: Thu, 07 Dec 2023 02:49:16 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 9 KB
10 KB 194ms
111ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19a7DRs5.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:44:26 GMT
x-content-type-options: nosniff
age: 392690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9692
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:44:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 13:44:26 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 215ms
133ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 08:45:21 GMT
x-content-type-options: nosniff
age: 65035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Dec 2023 08:45:21 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
7 KB 138ms
56ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxduz8A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150e4d03ae35f998288f482393fd255f8a698ed1a83540cb58a03cbd36ad5f44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 05:06:40 GMT
x-content-type-options: nosniff
age: 423756
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7428
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:20:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 05:06:40 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 178ms
99ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 09:39:30 GMT
x-content-type-options: nosniff
age: 320986
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 09:39:30 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 7 KB
7 KB 219ms
141ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxduz8A.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 18:52:51 GMT
x-content-type-options: nosniff
age: 546985
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7360
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:09:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 30 Nov 2023 18:52:51 GMT

GET
H2 200 1-1-890x530.jpg
kliker.com.ua/wp-content/uploads/2022/12/ 42 KB
42 KB 135ms
133ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/12/1-1-890x530.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 8ab2e60becd45c5ed2486fe13f0af8e7da1d98282c51fd57160bb60ab4e4f594

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Fri, 02 Dec 2022 14:32:21 GMT
server: nginx
etag: "638a0c75-a6fe"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 42750
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 1-890x530.jpg
kliker.com.ua/wp-content/uploads/2022/12/ 51 KB
52 KB 135ms
133ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/12/1-890x530.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: f894f56e01eab5955aac08b6be39128d70cd567be21c8cc02a5107b7c16c5ea1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Fri, 02 Dec 2022 13:55:16 GMT
server: nginx
etag: "638a03c4-cd16"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 52502
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 electrician-g41b69163d_1280-890x506.jpg
kliker.com.ua/wp-content/uploads/2022/11/ 50 KB
50 KB 136ms
133ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/11/electrician-g41b69163d_1280-890x506.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 758924e86b39dd6198b7956899347fd8032d9a2aca56c709fa813fc44ad7dc06

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Wed, 30 Nov 2022 20:44:58 GMT
server: nginx
etag: "6387c0ca-c814"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 51220
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 chasy-890x530.png
kliker.com.ua/wp-content/uploads/2022/11/ 410 KB
410 KB 136ms
133ms Image
image/png 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/11/chasy-890x530.png
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 960754b4add2aec3ca05d371cdee7db11a2b8114f6bfd3ebd281d6ee2016c033

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Wed, 30 Nov 2022 11:25:49 GMT
server: nginx
etag: "63873dbd-666de"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 419550
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 vytyazhka-890x500.png
kliker.com.ua/wp-content/uploads/2022/11/ 449 KB
450 KB 136ms
133ms Image
image/png 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/11/vytyazhka-890x500.png
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 1cb86dfdbdb8e438de8a04cf733711fae1a7c42211e6267331e5e8eb1e0a7027

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Wed, 30 Nov 2022 11:25:37 GMT
server: nginx
etag: "63873db1-7046f"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 459887
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 1-22-120x85.jpg
kliker.com.ua/wp-content/uploads/2022/02/ 2 KB
2 KB 136ms
134ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/02/1-22-120x85.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 77d4e8ad1cf69b85dc88901f546ed1ad9c3052f9eccdc3d95200fe3469ff1e39

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Sat, 12 Feb 2022 17:29:46 GMT
server: nginx
etag: "6207ee8a-751"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 1873
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 screenshot_5-120x85.jpg
kliker.com.ua/wp-content/uploads/2020/03/ 2 KB
3 KB 136ms
134ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2020/03/screenshot_5-120x85.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 47e2723818e46066a228356fa268098f836fb17d3eec61100744564a88b87c06

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Mon, 23 Mar 2020 13:05:10 GMT
server: nginx
etag: "5e78b406-971"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2417
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 screenshot_3-120x85.jpg
kliker.com.ua/wp-content/uploads/2020/05/ 2 KB
2 KB 136ms
134ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2020/05/screenshot_3-120x85.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 34d87f8b24baa9175ecb619a49b312f27b7a2ec9c978459013a79de282418225

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Thu, 07 May 2020 07:39:59 GMT
server: nginx
etag: "5eb3bb4f-724"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 1828
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 1-11-120x85.jpg
kliker.com.ua/wp-content/uploads/2021/08/ 3 KB
3 KB 136ms
134ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2021/08/1-11-120x85.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: b0e90ee02e1586f41abb6bb505cc66b0d8c69bfc51b6d87ea8d802e3856c2963

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Wed, 04 Aug 2021 09:52:09 GMT
server: nginx
etag: "610a6349-a8a"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2698
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 woman-5466643_1280-120x85.png
kliker.com.ua/wp-content/uploads/2020/11/ 22 KB
22 KB 136ms
134ms Image
image/png 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2020/11/woman-5466643_1280-120x85.png
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: c77f26d10dae5f111bcd58bcde6ab92260a5dde0e9bf4d8b34e4bd53af00213b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Mon, 02 Nov 2020 19:27:26 GMT
server: nginx
etag: "5fa05d9e-5832"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 22578
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 alymenty2-120x85.jpeg
kliker.com.ua/wp-content/uploads/2022/12/ 2 KB
2 KB 136ms
135ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/12/alymenty2-120x85.jpeg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 4aae30e2ce1c63a1bbf71a6d8597e1d81a7097090ecef7e6c344cf2e01f2f43d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Mon, 05 Dec 2022 15:06:24 GMT
server: nginx
etag: "638e08f0-80e"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2062
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 1-1-120x85.jpg
kliker.com.ua/wp-content/uploads/2022/12/ 3 KB
3 KB 136ms
135ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/12/1-1-120x85.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 6ad6f5c04d78b4e36a284c22ee58a3948836aec53c4c796c6c999f732d9665d0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Fri, 02 Dec 2022 14:32:21 GMT
server: nginx
etag: "638a0c75-b2d"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2861
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 1-120x85.jpg
kliker.com.ua/wp-content/uploads/2022/12/ 3 KB
3 KB 136ms
135ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/12/1-120x85.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 2ddc75f3a84b109b0c5fb8d44310362dfdb088acde5765eafd0f80bc3bb372cf

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Fri, 02 Dec 2022 13:55:16 GMT
server: nginx
etag: "638a03c4-a4f"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 2639
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 electrician-g41b69163d_1280-120x85.jpg
kliker.com.ua/wp-content/uploads/2022/11/ 3 KB
3 KB 136ms
135ms Image
image/jpeg 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/11/electrician-g41b69163d_1280-120x85.jpg
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 78c32311df19b4def51b5084072d10b38e4a14944f307149f7b96bba3f6758cc

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Wed, 30 Nov 2022 20:44:58 GMT
server: nginx
etag: "6387c0ca-ce3"
content-type: image/jpeg
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 3299
expires: Tue, 07 Mar 2023 02:49:16 GMT

GET
H2 200 chasy-120x85.png
kliker.com.ua/wp-content/uploads/2022/11/ 17 KB
18 KB 136ms
135ms Image
image/png 89.184.95.164
MIROHOST Web hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kliker.com.ua/wp-content/uploads/2022/11/chasy-120x85.png
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 89.184.95.164 , Ukraine, ASN28907 (MIROHOST Web hosting, datacenter and domain names registration in Ukraine, UA),
Reverse DNS: vs1689.mirohost.net
Software: nginx /
Resource Hash: 6f18a81e2e835a5f04b0d7921134f69b767f14066dd791b6fcfeaf29b94770ee

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
last-modified: Wed, 30 Nov 2022 11:25:50 GMT
server: nginx
etag: "63873dbe-45ad"
content-type: image/png
cache-control: max-age=7776000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
content-length: 17837
expires: Tue, 07 Mar 2023 02:49:16 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
337 B 120ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-ZB0QFYGMDT&gtm=2oebu0&_p=1891568036&cid=1921471452.1670381356&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1670381356&sct=1&seg=0&dl=https%3A%2F%2Fkliker.com.ua%2F&dt=%D0%9A%D0%BB%D0%B8%D0%BA%D0%B5%D1%80&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZB0QFYGMDT
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kliker.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 58ms
58ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-146527585-1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZB0QFYGMDT

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fc1c46ccd9c66ec3a5050e7a5708ee85bed00c703176543eaf04e87d6c8981e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43668
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 07 Dec 2022 02:49:16 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 51ms
51ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1891568036&t=pageview&_s=1&dl=https%3A%2F%2Fkliker.com.ua%2F&ul=en-us&de=UTF-8&dt=%D0%9A%D0%BB%D0%B8%D0%BA%D0%B5%D1%80&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAUABAAAAACAAI~&jid=505142006&gjid=545451623&cid=1921471452.1670381356&tid=UA-146527585-1&_gid=1354077192.1670381356&_r=1&gtm=2oubu0&z=403449640

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://kliker.com.ua/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://kliker.com.ua
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 workbox-window.prod.mjs Show response
storage.googleapis.com/workbox-cdn/releases/6.4.1/ 3 KB
2 KB 143ms
45ms Script
application/javascript 2a00:1450:4001:82b::2010
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://storage.googleapis.com/workbox-cdn/releases/6.4.1/workbox-window.prod.mjs
Requested by: Host: kliker.com.ua
URL: https://kliker.com.ua/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 119bcb44daa9c25cfff1b097e51d4ed98425a2c525b934200d949900e1dc671e

Request headers

Referer: https://kliker.com.ua/hyper-pwa-register.js?ver=2.13.0
Origin: https://kliker.com.ua
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:01:21 GMT
content-encoding: gzip
age: 2875
x-guploader-uploadid: ADPycdufSRk8GyqNRmjPXzJsX9hso4V48vqq2Vq7VZhg-DdRnCoH82amRMnrzSiM0IPPtH2zDETqKRh7Wxo30Lb18DnA4Q
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1329
last-modified: Tue, 16 Nov 2021 15:29:33 GMT
server: UploadServer
etag: "c80d99b0d990e15320368339d0e8665d"
vary: Accept-Encoding
x-goog-generation: 1637076573833386
x-goog-hash: crc32c=zOVSdQ==, md5=yA2ZsNmQ4VMgNoM50OhmXQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1329
accept-ranges: bytes
content-type: application/javascript
expires: Thu, 07 Dec 2023 02:01:21 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/ 356 KB
117 KB 173ms
82ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7704862409288776&plah=kliker.com.ua&bust=31071078

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7704862409288776&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ff3606675bfa134715b899c11cac8409df84cfbc01881b84434017e6353dd4d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119783
x-xss-protection: 0
server: cafe
etag: 2462344815942463746
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 02:49:16 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/ Frame 79F1 10 KB
5 KB 151ms
46ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7704862409288776&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kliker.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 75290
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 05:54:26 GMT
etag: 10353107486223812946
expires: Tue, 20 Dec 2022 05:54:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.ru/watch/62172709/
Redirect Chain

https://mc.yandex.ru/watch/62172709?wmode=7&page-url=https%3A%2F%2Fkliker.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%...
https://mc.yandex.ru/watch/62172709/1?wmode=7&page-url=https%3A%2F%2Fkliker.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...

435 B
589 B

100ms
100ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/62172709/1?wmode=7&page-url=https%3A%2F%2Fkliker.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A652363698044%3Ahid%3A78557868%3Az%3A0%3Ai%3A20221207024916%3Aet%3A1670381357%3Ac%3A1%3Arn%3A179510003%3Arqn%3A1%3Au%3A1670381357651080018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C180%2C165%2C2%2C230%2C0%2C%2C342%2C0%2C%2C%2C%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1670381355589%3Arqnl%3A1%3Ast%3A1670381357%3At%3A%D0%9A%D0%BB%D0%B8%D0%BA%D0%B5%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

bfedfa468780fef8f326272cf4b1ba8e8dcd7685347bdf2be553b37dce1525b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Wed, 07-Dec-2022 02:49:17 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://kliker.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 435
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 02:49:17 GMT

Redirect headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:16 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 07-Dec-2022 02:49:16 GMT
location: /watch/62172709/1?wmode=7&page-url=https%3A%2F%2Fkliker.com.ua%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Aynz2f7f3y7l8rj188tipo%3Afp%3A829%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A933%3Acn%3A1%3Adp%3A0%3Als%3A652363698044%3Ahid%3A78557868%3Az%3A0%3Ai%3A20221207024916%3Aet%3A1670381357%3Ac%3A1%3Arn%3A179510003%3Arqn%3A1%3Au%3A1670381357651080018%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A1%2C180%2C165%2C2%2C230%2C0%2C%2C342%2C0%2C%2C%2C%2C923%3Aco%3A0%3Acpf%3A1%3Ans%3A1670381355589%3Arqnl%3A1%3Ast%3A1670381357%3At%3A%D0%9A%D0%BB%D0%B8%D0%BA%D0%B5%D1%80&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://kliker.com.ua
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 07-Dec-2022 02:49:16 GMT

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 91ms
91ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:16 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 06 Dec 2022 06:13:48 GMT
etag: "638eb36c-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 07 Dec 2022 03:49:16 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
699 B 152ms
54ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=kliker.com.ua&callback=_gfp_s_&client=ca-pub-7704862409288776&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7704862409288776&plah=kliker.com.ua&bust=31071078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4e26a8f1d17f04e49ef5329df4e72cc8de0fc7a0bb002837c6e667bab1e4e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 173ms
55ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kliker.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 152ms
55ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kliker.com.ua

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDF5 218 KB
56 KB 410ms
317ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7704862409288776&output=html&adk=1812271804&adf=3025194257&lmt=1670375266&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fkliker.com.ua%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1670381356661&bpp=2&bdt=489&idt=283&shv=r20221129&mjsv=m202211300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5455701845529&frm=20&pv=2&ga_vid=1921471452.1670381356&ga_sid=1670381357&ga_hid=1891568036&ga_fc=1&ga_cid=1354077192.1670381356&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705%2C31071078%2C44779957%2C21065725&oid=2&pvsid=1595447074186882&tmod=1310264617&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=299

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc6904d3681638e082d05fe84b948953200f8c480aa0c03be4f4db08c163595

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kliker.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 57561
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 02:49:17 GMT
expires: Wed, 07 Dec 2022 02:49:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/ 150 KB
51 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211300101/reactive_library_fy2021.js?bust=31071078

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d8c4e625a7d5dca069c1663ed6a83698639680102c5a0c03b70179e92f6f1008

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52353
x-xss-protection: 0
server: cafe
etag: 11072028048610142862
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 07 Dec 2022 02:49:17 GMT

GET
H3 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
122 B 148ms
55ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=kliker.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 146ms
54ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=kliker.com.ua

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame A02E 10 KB
4 KB 46ms
45ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kliker.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 02:26:18 GMT
etag: 10353107486223812946
expires: Wed, 21 Dec 2022 02:26:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/ Frame DC52 10 KB
4 KB 45ms
45ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kliker.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 1379
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 02:26:18 GMT
etag: 10353107486223812946
expires: Wed, 21 Dec 2022 02:26:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame DC52 4 KB
621 B 148ms
55ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 02:43:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 02:49:17 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame DC52 2 KB
845 B 195ms
89ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:44:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 285
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 02:44:32 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DC52 0
0 91ms
91ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CKs-gLf-PY960BYS1gQfzu77IB9Go6Jhswb6ku4MQ29keEAEgzf_2eGC7hoCA0AqgAa2ypvMDyAEJqQJAAhqI4JCxPqgDAcgDywSqBNMBT9D6GJ2GXV834Qcj4B0oBVViuPH9W8FqNq-7h0dleNWiDj1W1FjfgsBmF0wEIP3J6RrOHacGLUtcozQCT-DvdrvJ543B20V1qxyHydSrfP0SR6kWvp5nBTvNU5tc1_0bZH5AqA24lZCMqAKV7t8t7rS19Nnvs2RnhgmiBZTcReTWUn2y1OfqQfcyTd1FzGj0nOQhSjZ91i83ec9PSvtE9E8V_34j_GZhG-f5afxsHF2i5fGpHk0wPigo3DfWM1zNhByB6esuwbVQ3fuOC25Rg8UoxcAEzMGLgPoDkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB7vN2QyoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBC0xQXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw2IFAfQFQGYFgGAFwGyFxwKGggAEhRwdWItNzcwNDg2MjQwOTI4ODc3NhgA&sigh=C6fSf0OWoA4&uach_m=[UACH]&cid=CAQSGwDq26N9QuoR--W85SYc3-Uoi0TOpABl8-e5dBgBIBM&template_id=484

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 07 Dec 2022 02:49:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 07 Dec 2022 02:49:17 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame DC52 23 KB
10 KB 150ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 01:16:39 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame DC52 3 KB
1 KB 194ms
90ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 19:16:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 19:16:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame DC52 18 KB
7 KB 155ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 01:16:39 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DC52 153 KB
47 KB 169ms
57ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47692
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1670243872199174"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 02:49:17 GMT

GET
H2 200 83de75e735dabeddf4e705de6f0a2f41.js Show response
www.gstatic.com/mysidia/ Frame DC52 34 KB
14 KB 148ms
44ms Script
text/javascript 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/83de75e735dabeddf4e705de6f0a2f41.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 14:56:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 301988
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14157
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 21:37:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 03 Mar 2023 14:56:09 GMT

GET
H2 200 6592766407814317453
tpc.googlesyndication.com/simgad/4425413979428672632/ Frame DC52 38 KB
38 KB 194ms
91ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4425413979428672632/6592766407814317453

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69dca4e90b2243ec438947640f9d8f6f08c5d99c7f5b74de8378063cf08a591b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 05:09:08 GMT
x-content-type-options: nosniff
age: 337209
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38808
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:36:37 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Dec 2023 05:09:08 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/17532716794231349553/ Frame DC52 3 KB
3 KB 222ms
120ms Image
image/jpeg 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17532716794231349553/downsize_200k_v1?w=100&h=100

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

566095a1c69338676a3f53beb877e8f3f3af2d1947235247e87c4996d003d618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 04:04:38 GMT
x-content-type-options: nosniff
age: 427479
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3339
x-xss-protection: 0
last-modified: Mon, 02 Dec 2019 15:01:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 02 Dec 2023 04:04:38 GMT

GET
H3 200 css2
fonts.googleapis.com/ Frame A02E 4 KB
636 B 100ms
55ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 01:39:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 02:49:17 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/ Frame A02E 19 KB
8 KB 116ms
57ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 04:22:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 80809
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8084
x-xss-protection: 0
server: cafe
etag: 2222875591315018765
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 20 Dec 2022 04:22:28 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/ Frame 84C9 23 KB
9 KB 138ms
46ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9421
x-xss-protection: 0
server: cafe
etag: 8437175705735068947
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 01:16:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 84C9 8 KB
716 B 55ms
54ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 07 Dec 2022 02:49:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 07 Dec 2022 01:26:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 07 Dec 2022 02:49:17 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 84C9 14 KB
3 KB 275ms
170ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 10:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319623
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 10:02:14 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/ Frame 84C9 388 KB
132 KB 149ms
45ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 03 Dec 2022 10:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 319622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 134376
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 11:42:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 03 Dec 2023 10:02:15 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/ Frame 84C9 18 KB
7 KB 135ms
44ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221129/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 01:16:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
server: cafe
etag: 629801499763588852
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 21 Dec 2022 01:16:39 GMT

GET
DATA 200
OK truncated
/ Frame DC52 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60fe48b557b6e5eb1aca620b62986e22e59dfc1db5bd7c81cce35bf46e201a1e

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js Show response
pagead2.googlesyndication.com/bg/ Frame 494B 36 KB
16 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js

Requested by

Host: kliker.com.ua
URL: https://kliker.com.ua/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 13:18:11 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 84C9 0
327 B 769ms
271ms Ping
image/gif 2800:3f0:4001:82d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lbd1xko0&c=6499565186909&slotId=3249782593454.5&qqid=CJ3_tru_5vsCFYRa4Aod850PeQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:82d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:18 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 84C9 0
20 B 81ms
80ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C6qIHLf-PY920BYS1gQfzu77IB56wqptrifb7h6QQnriItoMDEAEgzf_2eGC7hoCA0AqgAbn3zr4oyAEFqQKAC6--p1y0PqgDAcgDmwSqBPIBT9BncVUJYW9RWXw_7Jwz2QKwQOsJPYE4ntmYh_WH-vXAnYBYOliTjPWukNzQv8_9ENhqs5_Q8NVe5vgc9ouuM8Zj4CgiBrfKawnDS08Os4xea-9UUfW7xJbUgyBgiHsfoEWKzDywdC7ZvTc0UMy8ixSSJAwn7_BTAGmLDoUFkpIIoVHWIDNtfJ4VYfYzKdUtzYeoEr-S5gkKMYPzKzFFEkqRl2_CHXl36ajkY6YhkbHVDld0YQDXjahylCYtWdp_FlYvnaV4naBKhEPk-fFjc104yIGVHpnelBH96DnUPsSqT8DZuQK5Kk5ypxv8oNwZcPPABPSuvJmlBOAEA5AGAaAGdoAHua-fngOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE4LD8A_QEwDYEwqIFATYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1670381358054&ai=C6qIHLf-PY920BYS1gQfzu77IB56wqptrifb7h6QQnriItoMDEAEgzf_2eGC7hoCA0AqgAbn3zr4oyAEFqQKAC6--p1y0PqgDAcgDmwSqBPIBT9BncVUJYW9RWXw_7Jwz2QKwQOsJPYE4ntmYh_WH-vXAnYBYOliTjPWukNzQv8_9ENhqs5_Q8NVe5vgc9ouuM8Zj4CgiBrfKawnDS08Os4xea-9UUfW7xJbUgyBgiHsfoEWKzDywdC7ZvTc0UMy8ixSSJAwn7_BTAGmLDoUFkpIIoVHWIDNtfJ4VYfYzKdUtzYeoEr-S5gkKMYPzKzFFEkqRl2_CHXl36ajkY6YhkbHVDld0YQDXjahylCYtWdp_FlYvnaV4naBKhEPk-fFjc104yIGVHpnelBH96DnUPsSqT8DZuQK5Kk5ypxv8oNwZcPPABPSuvJmlBOAEA5AGAaAGdoAHua-fngOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHgCwGADAGwE4LD8A_QEwDYEwqIFATYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 84C9 28 KB
16 KB 168ms
73ms XHR
text/xml 64.233.166.155
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CvMtEHSWhgcXzgKJVVG_uH4RzKBPnXPo5xVH5R4U6k8qo7mJZoByy16GH01Kt5TW7Ijl8miv9iq50tyDk8CXWMg9y-gw&cry=1&dbm_d=AKAmf-ADToXJz0DaItWrom7M6rMjKgZvtQyNAVM48SlMCUKWMUNSesglhvlVMPmMjiveNJqA8G90eYUxENR2nCcnTrGtmeQqEjgBfer-zh9WNnXCaOkmT7F2rH36a5gZMfeSK_PTAv1VoWRhuMCt9s1D04uDYEPbRZycvIlRHwOzQK9ivunXm1apA8SRpQtv8IvQ6rXmqKlswRY_nypgfzH2boabMRlp8yngUWaWqxXKYw3u80If5tNrTbQf5bkmcrkcuZQd3OpVFed4PmfVtpCudyMjcsXruIgnp6eVl-e5VrARLKzJbMY601HYRPvjLmGtDQupnbh8a6SHcdVLkWFsaRvAVai_VtBu5dffCQiZ-57KtvwuypVYS4Agef0gXsgN8QPoP63x7uHbnFrumngBV8kOLdgvld6mB1w1HvH942m18WQKghvHyzEqjI9UhbtY7MWIFTX0dKMp8R-8QCWsKYIDhAK9AxPLKJSXwCf5Ype02zhPe9G1k3ClfCgdw3Za_7zzK1zWUNzYiTZ31kTkAIq-gH7OuYj38Lu6LTXoP4xJg4eSLCpY7CjlzIqct-bZCNdOc-iY24P5XiRjP60ti_lTtS4xd840JA0HUdn7y8Ynxtjoh2kn1F0eGD7hCWg1KU7PfwWujmiKJY1Xr09wSBbxfnmoZn16Lnlzat20qb6bjXdni6leIt7fjn3uYMvk5vU0hnOfwdUwVbm9Pc0RI74QK3dhyfXP4iTDJ1v5TwF61Jpg4jANg6P6kpIxoCSjKmh1EqEn6wd8FhfVKg8b1usipqMCtA8v9Or5ulTpOHvxzBmtcj8KD8ugFJMj_n7GSvQF-D6Ycr6mOhrI7Q2gm7B5vu9_4pkELfoOBk4m8ekhLl1SjfwNrqE3L2_3yjVF_nI1qOOnLJgiTidRl_ODITEZxtycLlTSuIVUUMInUrC0hAPCHWbA9dwWVX-9v_pyidAtUDDGGNx2a1iiJN9L7YHvAYJQiNA6n5N_jbFiZXVlwoKRd7mvC30xMTji_AhEoDASaUyLbCojtGm9wJbZ3Bet8E6VJAGgfCvkqAkeEijeaWpTarq8_JCgbFtr_d2wjo46enI4_crdoqX9Bm3T2cg6_pBUKYXzae8Y5ZHxBmCMajbcpgqSi1zGxFJ9dpe_Y7OFLLNDoXkspcbCzuc1SAK6PyHJ6mS1Gp7KlmID6IqVXMbKHjZR-N5ck-SqK745UBZEsNZSi2FzUGtv-Kb85Ks9fpfUyRGv7hmGA12qUb55fVWtncCBbO0B-2JXe2LuGbdL2rFhRrKB4ygAXzitCLCq_JEXnbL4o_ESzjWi_jaIXF8gbhkq8biipfE_xaMiIKKCV2LugcoA_4N-F-DqttTKbr30cbrrstbmpvFvISUiTPFkRm4jdR3ZxIrkuS8qWjE4-aiVY-XJGtdoOf1r4trfi42vf1Mqs3ZvSnqakWXiFWeHtmPwM--muSvMPDEfxjnhxdRYIArUyS69bkgJc05AXJ011eSOTtr-ImlVdeyTvXb_3FXC_TkcGAuoU5FOHcIjLTZ6hz61-4IClqSF-ib2SRs15iVvIp61mrPIGkevpJuUjR8yEvOn5_m8zkMt9kH4p_-bfViVLhM68GmOY78__o8kHVaSunCocAE0XLMwzTWSoc-1GTfjjp0a4oyb0jnqlslYRbmSO99kAcS03Enxkzu3qWOIpHjbsYltpwfyTHQIhrw8azSVqn2QU53_6JyX6D1tZTyu21rwQbEKg1vGe2xsF9Sf46tt-bxPmfk-8zG0xdSf6crPo5sqGy6xZG6v9VAP49KazgdrjFLq-eoY3UtpV4wHKxE28RMU5rTRG1QNCIHCBsBIA3R6LCwgN3xXjss6Lx7GzVH7lCdqyDWMCpo8odjbTCzpli8JH_r_OBNehTlhvLPJv39ahElIKyEWjOwz3dx0-UgRzE6XyjsXvqM2zBR5ZKClmeiQuiQBpIekSd9VNw0hYgJ7059RScBshSIQY7-witayr9rFDr9G2wv_iXsyKsG0le0otKoZpkj1IPKX8avhSGYGTct2aSikCbuIeaM3zpXeZh0fRcy_FuTGLmRJZSPDAT2WPtR585bDETB6KrBxJQdJGIo8vgrsryToLFFlDWnFlFzqWjyC2esxvRuDfdlYQwM5wayocX1Z9kVN9hxj9uPuWJohCKEob8V5-5c4qnTlmXrup_k53AK2y2KTxby2aTaEPxaZUvBXY4izJRr1XREFSuNETkIimCYrUr6hT2xXnH3dJi4M2Lpl0BAMWkJr_TO4pnhDF-aM8Jg8-Ib_f6k9ixNEKs4Z6sLSX4MhYeVYQE6YbWULGkNVkL_a767ucFGCctnzACTzuqDFcwyy4_tB5pGJGlMNekPPh2uPo57OWuowOMPtenzCdskLwMQqgSqxRgZvOV6Zhy3UsixZeIMSZII-i1bcEZPBwJZ5gzR7Kp6SrE-icMLbgAS2ebFB0B7qcXZCFa8oFa7YFo52VB6crkgN5KILD7Um6ZZKs4V5vucc7Oag3cRrAM95P6SDoFj8cHhVOGOrR3lrhMk9Jg2l5K542CZd0jezrdBlVB4C7zrmZavJKqMYuRAF7D1rS04tdLE5f2Eq62zNIRf4J3uCp3OS7sPYP3bh428bQ6ddYMDqWmwk_Jt2AKEiNVpf4QBK96hGkwgQuoVQatJZota7FQMHJURSMp6jE2UDMo8XbMPd880OpWHqbvcsW3L42aGHZQJOyxOFjp7LpvNW1Us7xBfDhDL6SFM_X0Fx63buno_Ko6cCjgSRuGiDMrOTJP-DqrnzWgJNjoCEXmu6RCOvGF0asT0dvXZATWL9v5Umg4jv3zFsbo7AWXXBZkaTUdzpP0-2sAzcAjW2WgrhEbSSdZAgoawtFOMuzqRE3pFA0kyElaQs4rAbPWkYzxd9B6kH4Eh9D7kZYZDq7DvqoBcLGbB6JsoS3gYIA_hWz18Z8UFDxoXpluglHGryksJAeXxN-6GijNnqQZ4lIpVVHvPhx8aFWUjhyGTkSFPIMRH-4NJcpaVTqDvwvqmkeV7y6TeuHW-0wZFm8-8nsQSXLvCwoTjUTKxUpluLGUC6pe6qaN4m8-KeqNPTRv14CGXafGeMyn5wd0-qophMPC1iQsuosi5hI8razCU1qLhWVmZZy5f3E8EUVQxVw9KVycRijQJkIoHOrwkd0zzmS48GnSenC2zyFVSlg4k_ulKYEpWN3TetQaBoih6CLTKzAl8J4K_p0gOlpT7Wv2Uq8Kw1dSpDb2oCQR4D47ZB9CcP2JQlFM3WgaF-TbMerUZab0vGStE9E4tQAw9D9tA&cid=CAQSGwDq26N9QuoR--W85SYc3-Uoi0TOpABl8-e5dBgBIBM&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

64.233.166.155 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wm-in-f155.1e100.net

Software

cafe /

Resource Hash

6728b22a7a0d3b2b887db65f97239b33cfe6147f030c3132706a6535fc5af573

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15906
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 155ms
61ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221129&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

94548e017f5e503664d2c698c209abceae72079073d4f97f532ecb183f026cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11103
x-xss-protection: 0

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 84C9 41 KB
15 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 20:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 369302
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 20:14:16 GMT

HEAD
H/1.1

200
OK

file.mp4
r3---sn-aigl6nzk.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701917358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 84C9
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701917358/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r3---sn-aigl6nzk.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701917358/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

156ms
33ms

Fetch
video/mp4

2a00:1450:4009:19::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r3---sn-aigl6nzk.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701917358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/80F9DA19B53E74635FF31446EF2E387A864695DD.0B2D6C33D03C42084D0A0B66480F5D952598B441/key/cms1/cms_redirect/yes/mh/wz/mip/2001:ac8:21:e::10/mm/42/mn/sn-aigl6nzk/ms/onc/mt/1670381095/mv/m/mvi/3/pl/48/file/file.mp4

Protocol

HTTP/1.1

Server

2a00:1450:4009:19::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Date: Wed, 07 Dec 2022 02:49:18 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4022241
Last-Modified: Wed, 20 Jul 2022 09:30:26 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Wed, 07 Dec 2022 02:49:18 GMT

Redirect headers

date: Wed, 07 Dec 2022 02:49:18 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 647
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r3---sn-aigl6nzk.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701917358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/80F9DA19B53E74635FF31446EF2E387A864695DD.0B2D6C33D03C42084D0A0B66480F5D952598B441/key/cms1/cms_redirect/yes/mh/wz/mip/2001:ac8:21:e::10/mm/42/mn/sn-aigl6nzk/ms/onc/mt/1670381095/mv/m/mvi/3/pl/48/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 07 Dec 2022 02:49:18 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 564F 23 KB
9 KB 47ms
46ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 396118
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 02 Dec 2022 12:47:20 GMT
expires: Sat, 02 Dec 2023 12:47:20 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E758 13 KB
5 KB 45ms
45ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://kliker.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 18097
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 06 Dec 2022 21:47:41 GMT
expires: Wed, 06 Dec 2023 21:47:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7294 783 B
1 KB 151ms
54ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

543211bda69e16c5bd576df96c8dbaacbb576984945e139e3ed680ecc517233e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MSVDQsZ2UifAUXxuKfhEdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://kliker.com.ua/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MSVDQsZ2UifAUXxuKfhEdQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 07 Dec 2022 02:49:18 GMT
expires: Wed, 07 Dec 2022 02:49:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 A0RlYSVNidyzuuj9s3x_gihat09geBiINDRnkKmgVjk.js Show response
pagead2.googlesyndication.com/bg/ Frame 564F 36 KB
16 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A0RlYSVNidyzuuj9s3x_gihat09geBiINDRnkKmgVjk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03446561254d89dcb3bae8fdb37c7f82285ab74f6078188834346790a9a05639

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Tue, 06 Dec 2022 14:55:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42840
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16022
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 06 Dec 2023 14:55:18 GMT

GET
H3 200 T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js Show response
pagead2.googlesyndication.com/bg/ Frame E758 36 KB
16 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/T3BTWj-SqXOOtsP36vZJ1esojObpW8ivZm_viBadolo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 13:18:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 394267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Mon, 21 Nov 2022 11:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Dec 2023 13:18:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 564F 0
20 B 81ms
81ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BW0WILv-PY_mRC4-zzAaliZhIAAAAADgB4AQC&bg=!T0ylTAjNAAa7eOFIm3g7ACkAdvg8Wq84izScaomwxVVD747X3a2fvkZRi4Ubi_vNbLQk-z2TqehJwAIAAABVUgAAAAJoAQcKABN53bIe481RgQHIXex8MYmXR4homQLisHUBCSVW0Tn1fNJ4wgNbdxWS-vyISzQgH3CLsvepq3xTatECzX1DGFNqsgNHcJhLGAzsb4PlsaLt2LBfNaXcmuDsVddSDJZ6r5JSA-dbJRSXaGzMw2y5L4b_FzbCVTbe_ptHqdUuR6i3zg7jwPBL8MV8n2VPpqV6r-N01Mm_xMPP1sje2DTn-QQ3U0vH4PA1SPtTqHZrXH8IwhhWW7ru69613Aj-7RQl41tGhtkiAaSdjcvGLwAr0_UDfVs3sbkkPTqbXXlDelOV2QE6sKRgnoYayMZS3Gn-t1EYdOUFAKONz6GCOVE5xNvktfpmAV21l4pFlVot56DGOJqJbHZAXR5awUONho_tpftSt5dWiGS5UdP2f1Q210Bjd7JEGHW7HppFdLK27Gdsu-QCYZo5K1-Eb3mdQw3lPQtogYUfwwqiPxA7vzds3x8Ze4kxmz6PkQ3mLqbHBTBR5PK761Nj_bQPkFVFTI0YZT77AE85ejyr9JPpBTj5wzhyHwmoTS26nuOToIiD2B2hujj6UfTWO_GytK5MQONl6waTC_odQdPD1sk9nMrDPEC-ekBZAzaGCWWYTLT_UG9_v_EgI0oan7sicQJnuT2EruITAkXMxMGCyjFjjLR8u3wm2YhLvMoG9aDDsOxXj04Zx_Kd-DpRV_4GxQA9m8fONDISOzqqnqnxDZ8qRojIPyrAWI9g2ACa6G7OeGbyDN8HKzPkuqu6b6dqNmRJwjENFASebFFxCGgGbgP3rnS7OA0IeEgNTjC0_YMd5HOyDWaXjf0BTex3rJjMPNqk2KEutTHYBQhvInvXWWOZKwKGspA9zvz_ftIgQaGSqgkWHQ8q7_UkYjgjtSwI3pK0w24hFwEghikBn-4qo8tvVsbwLF_jJPOtVTjiZ8fmTQ8qOF5rzTixKH1X4kQRB2U3rQ3eff85AoCpf3TWcfy0TtGe4NEvLqAfJaUX_l7Y-0PXbcqyT6ulNT1bqaCk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7294 0
0 78ms
78ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221129&jk=1595447074186882&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H3 206 file.mp4
r3---sn-aigl6nzk.c.2mdn.net/videoplayback/id/83072ff4a7e4bcd0/itag/343/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1701917358/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 84C9 132 KB
0 70ms
33ms Media
video/mp4 2a00:1450:4009:19::8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4009:19::8 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Range: bytes=0-

Response headers

expires: Wed, 07 Dec 2022 02:49:18 GMT
date: Wed, 07 Dec 2022 02:49:18 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-4022240/4022241
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 4022241
last-modified: Wed, 20 Jul 2022 09:30:26 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame E758 0
10 B 44ms
44ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?_1T9NA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 02:49:18 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DC52 42 B
64 B 84ms
84ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstf5dIN3QCseUbL4wCmmERvG3FBKOS6Wxg8gmzlpYr_ZUnrXv4OOgFHKSTQG_yyjsWWhA5VYF54VamA4P1wSBI9FnboOcEke9FvxNfD1bx2NaIMV13nYWE3vH3U0XCDR_JTAyI-XA&sai=AMfl-YTpXCJJ_HsY04VAhtGczhOncgjxkNJaWsHHlAf53RZzNraha27DISHHyHFazrznD8MivOjhAPdqGASAS1I&sig=Cg0ArKJSzOJdawe7NMKpEAE&cid=CAQSGwDq26N9QuoR--W85SYc3-Uoi0TOpABl8-e5dBgBIBM&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=82,763,1000,1029,1029&tos=82,681,237,29,0&v=20221205&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1670381357550&rpt=337&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 85ms
82ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221129&jk=1595447074186882&bg=!AwClAETNAAa7eOFIm3g7ACkAdvg8Wv0I03WQWZYjIOQ3kiq1R75Ux00tGJge6L-ageHijFT6-vmnZQIAAABQUgAAAAloAQcKAICyKmL61trQVfxBQIu75d7g_rA31oHJDejrYs1yYZN-uT-3YLeBcKtHEfjfboZavZnQ2E9a_ktfV6b9XbjChk1zPoPwLvFQfuHIqtjDe0hydoA5Zloy2AqNtLbzzkwxJ0Nr1VsJegms11Js8F03axp7F3qGd5L9tkIj7w_EPhRfOpkCoHSBlT6UX0DIE5mkhCGg8YSK0dLn9a7sur3JDF9-NrSeS0ri0zv5HztyDzMkH-JT7lqfFb2rcA1yKPAJWqWaQ97I5Zt4e7o3FDFnnoEF4PCBs5mqJs8kExVforNKe_vAmRCK4OHfTl4yuyntrrkKtCnCbt5P_m6o6y2ziFmrrZVBM3oWBmpmzm6OodNgyseM6usehXrsKXjT3zGGAfIvxxL7dwNoVRMZYoA_9-b8vA95yJQRBF6lVy0kDaOcofTZ8RibEuokf1tUxq2lLs6lv6Iua-KUUkmwZboA6pr7dPkDln4meUH3gY6nUVMp6-kgg6I9ZoZws2nBEJ1NKCeVuwCI7ApgT_im0_1SrvYFqFMqGJZgriVdwXPT4tdyHLqXl5O_ylvdHCvjJl4lYers3n24Hl5t9DWEooo_4qMBepXUi6vxXTpqSDZST_I5Tqd3H8cudX4HN67EvL-rFrjd99BaoLQkpv91u3KVQKF085Pp5-WfIA3Nijv4Jr0BCByoXk8nkjxDeXnDlh7Rd3Cs3PPeLSxPAVyZAeBOI275JvKAb71abSclIZro5oQxVwbtgHiN4IpktZalwYwx6ARm34PnR8tXBi84OFDjEMPJ_XjCtVYWoERBIIzVLD_DWPsG-YPRoVc4TUilQ0o7FCIH_JU5K3axKZUArXSGPzyghtmPpSJ4mTb_nxSCYLm92qqXWzdhfcMMhL1f9vfcncjDIyIYi5P6uAq7OZ86ZG2LsyFFUygLzuVj23xhMkxqjNFXABr3QdbMX5NpBTlNTMm5CYlwRGamPm-D8hrRqRrRN9zFHRzASvoz1YGoRwn0w0dSvsW3VzJhcOM3QbGycOHL1sHMS1UI_9UBZ1zuUUhkjkAAMD7p0chM-q-XqPN0_7SuwQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://kliker.com.ua/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 84C9 0
54 B 574ms
272ms Ping
image/gif 2800:3f0:4001:82d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lbd1xko7&c=6499565186909&slotId=3249782593454.5&qqid=CJ3_tru_5vsCFYRa4Aod850PeQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=876&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=11&vhc=0&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=343&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20221114_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2800:3f0:4001:82d::2003 São Paulo, Brazil, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 07 Dec 2022 02:49:19 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: ww1.flowpubdom.info
URL: http://ww1.flowpubdom.info/

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kliker.com.ua/	1970-01-20 08:01:07	Name: _gid Value: GA1.3.1354077192.1670381356
.kliker.com.ua/	1970-01-20 07:59:41	Name: _gat Value: 1
.kliker.com.ua/	1970-01-20 17:35:41	Name: _ga_ZB0QFYGMDT Value: GS1.1.1670381356.1.0.1670381356.0.0.0
.kliker.com.ua/	1970-01-20 17:35:41	Name: _ga Value: GA1.3.1921471452.1670381356
.kliker.com.ua/	1970-01-20 07:59:41	Name: _gat_gtag_UA_146527585_1 Value: 1
.yadro.ru/	1970-01-20 16:44:56	Name: FTID Value: 1ZZ_yi1EFP8S1ZZ_yi003DPf
.yadro.ru/	1970-01-20 16:44:56	Name: VID Value: 2pnrow1f2y8S1ZZ_yi003OWp
.kliker.com.ua/	1970-01-20 16:45:17	Name: _ym_uid Value: 1670381357651080018
.kliker.com.ua/	1970-01-20 16:45:17	Name: _ym_d Value: 1670381357
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 272345811670381356
.yandex.ru/	1970-01-20 17:35:41	Name: i Value: wQwaSO/08576fAv6/Z8JfMlUcaQJy9oPVYDL0H0MDGSaZ4MPQcQrc0Sybc0mrvXy2dBNV25kX4x8jKliumy9MDl4Gu8=
.yandex.ru/	1970-01-20 16:45:17	Name: yandexuid Value: 8811302541670381356
.yandex.ru/	1970-01-20 16:45:17	Name: yuidss Value: 8811302541670381356
.yandex.ru/	1970-01-20 16:45:17	Name: ymex Value: 1701917356.yc.1670381356#1701917356.yrts.1670381356#1701917356.yrtsi.1670381356
.kliker.com.ua/	1970-01-20 08:00:53	Name: _ym_isad Value: 2
.kliker.com.ua/	1970-01-20 17:21:17	Name: __gads Value: ID=9d5bbdb9a4864926-22e403a8dcd8002e:T=1670381357:RT=1670381357:S=ALNI_Maf14WfqCz5qobyvnXSTufnsBAPig
.kliker.com.ua/	1970-01-20 17:21:17	Name: __gpi Value: UID=00000b8eb43d394e:T=1670381357:RT=1670381357:S=ALNI_MYyzcY-kR34Nc10MRHpbLhnqh8iLg
.doubleclick.net/	1970-01-20 17:21:17	Name: IDE Value: AHWqTUmxkemN6fA7RYENktVTbffJz_P5l-uYbOhrA1Fx8kwkVlH1vZAH0XfJeKpycJY

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://kliker.com.ua/ Message: Mixed Content: The page at 'https://kliker.com.ua/' was loaded over HTTPS, but requested an insecure script 'http://ww1.flowpubdom.info/'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20221129/r20110914/zrt_lookup.html?fsb=1#RS-1-&adk=1812271801&client=ca-pub-7704862409288776&fa=1&ifi=3&uci=a!3&btvi=1&xpc=pajfvyIXRz&p=https%3A//kliker.com.ua Message: The resource https://fonts.googleapis.com/css?family=Roboto%3A400%2C700 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=300;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.co.uk
adservice.google.com
bid.g.doubleclick.net
counter.yadro.ru
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
kliker.com.ua
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
r3---sn-aigl6nzk.c.2mdn.net
region1.google-analytics.com
secure.gravatar.com
storage.googleapis.com
tpc.googlesyndication.com
ww1.flowpubdom.info
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
ww1.flowpubdom.info
2001:4860:4802:32::36
2800:3f0:4001:82d::2003
2a00:1450:4001:801::200e
2a00:1450:4001:809::2003
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2010
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::2008
2a00:1450:4001:831::200a
2a00:1450:4009:19::8
2a02:6b8::1:119
2a04:fa87:fffe::c000:4902
64.233.166.155
88.212.202.52
89.184.95.164
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03446561254d89dcb3bae8fdb37c7f82285ab74f6078188834346790a9a05639
099f342bcdd01d03cacd2d665bb82ed11b7110f74768ec40774de44140481a38
0acd59e18ef9ca4f55b04271a6121d58e6f7044ea91395054dd52d5caf2a7a55
0b5e75f6bab547a4e517bd37e44d3b7e31ec2aeb7c0182690b08931d48d048b4
0c565a9c08a35bfe5e913a1f90b2607afe6ba6aa200acadff8904829f938fea4
101b8d837f8e01156fc293db1932eead16c29f9f16da622bfa89f394fbfd1273
119bcb44daa9c25cfff1b097e51d4ed98425a2c525b934200d949900e1dc671e
150e4d03ae35f998288f482393fd255f8a698ed1a83540cb58a03cbd36ad5f44
16927bb5a2fba3a5a0060f163af30944adbb881a79a5d8ccb47b3a052937ca72
19f83db5567274922feb4a7400bfc7997264aa52dc235ffc24b786623f71911f
1cb86dfdbdb8e438de8a04cf733711fae1a7c42211e6267331e5e8eb1e0a7027
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e965485436a460b6ffc44695b148993598bd4e6cdb8447a547fb5609e3ca152
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ddc75f3a84b109b0c5fb8d44310362dfdb088acde5765eafd0f80bc3bb372cf
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34d87f8b24baa9175ecb619a49b312f27b7a2ec9c978459013a79de282418225
3e4683676bacff5f6430f771cdd4f310a7683eec6000984194681831359009f8
45b8b06d5cd6e04024b5b4fb305a533025d68b07961da0c133b095960ea1627a
47e2723818e46066a228356fa268098f836fb17d3eec61100744564a88b87c06
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
4aae30e2ce1c63a1bbf71a6d8597e1d81a7097090ecef7e6c344cf2e01f2f43d
4d0ed9630334a711204c67723b1eb52755c8316466fa7e4e601958e0c12a5da9
4f70535a3f92a9738eb6c3f7eaf649d5eb288ce6e95bc8af666fef88169da25a
543211bda69e16c5bd576df96c8dbaacbb576984945e139e3ed680ecc517233e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
566095a1c69338676a3f53beb877e8f3f3af2d1947235247e87c4996d003d618
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
60fe48b557b6e5eb1aca620b62986e22e59dfc1db5bd7c81cce35bf46e201a1e
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6728b22a7a0d3b2b887db65f97239b33cfe6147f030c3132706a6535fc5af573
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
69dca4e90b2243ec438947640f9d8f6f08c5d99c7f5b74de8378063cf08a591b
6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7
6ad6f5c04d78b4e36a284c22ee58a3948836aec53c4c796c6c999f732d9665d0
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f18a81e2e835a5f04b0d7921134f69b767f14066dd791b6fcfeaf29b94770ee
72095a2ac4b41e27247edb0f65e195bb1cf3774b2e12b79ce663f386d9c23dac
72f6ab28270934c3d9d123416c8bf36cab7844881720bbe63fc11b7c924f3f8a
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
758924e86b39dd6198b7956899347fd8032d9a2aca56c709fa813fc44ad7dc06
77bded4f6447cc93370a65d50e1b1811e81e032aefd45d0acc952ceec49260c2
77d4e8ad1cf69b85dc88901f546ed1ad9c3052f9eccdc3d95200fe3469ff1e39
78c32311df19b4def51b5084072d10b38e4a14944f307149f7b96bba3f6758cc
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
8ab2e60becd45c5ed2486fe13f0af8e7da1d98282c51fd57160bb60ab4e4f594
93c964e1bd5719c525c73073cf64f4c2b03dd6d4fa846d5bce3142596b3f1e97
94548e017f5e503664d2c698c209abceae72079073d4f97f532ecb183f026cbc
960754b4add2aec3ca05d371cdee7db11a2b8114f6bfd3ebd281d6ee2016c033
9d43a78b5d18f8f5b3d52f262b13914ae95e8a49b71e2b876a92d574e130b933
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a35deaebcd564fb0055f1b986b5c592ece8f221a5b1a7d18ff7792d6251c3106
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aba98d0405c2aad0b6513f606b491a6f03c19811d9dfb2640d5ec9899652a970
b0e90ee02e1586f41abb6bb505cc66b0d8c69bfc51b6d87ea8d802e3856c2963
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b93d3ad05d5001b63a353f35b5a76fe1f34032b67f6a9ef426611c285fe7ffc9
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bdc6904d3681638e082d05fe84b948953200f8c480aa0c03be4f4db08c163595
bddd7c9debeee9bccc8d6a0f0990743d3db200fe23fc08dbad9e60a007e52919
bfedfa468780fef8f326272cf4b1ba8e8dcd7685347bdf2be553b37dce1525b6
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c4e26a8f1d17f04e49ef5329df4e72cc8de0fc7a0bb002837c6e667bab1e4e82
c77f26d10dae5f111bcd58bcde6ab92260a5dde0e9bf4d8b34e4bd53af00213b
ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
ce512c069192915dce2cd9b2af72ee4f71700be3a72c0ac9fdb80e725e50331d
d39e3702e708400920ed40f04d3bc33cbac5951d12a1faa45abacfdafd396d9a
d8c4e625a7d5dca069c1663ed6a83698639680102c5a0c03b70179e92f6f1008
e336907f730fcb547492ddce6aa21ad4c60c7e21ee4f9c99e4f9e581ce60b739
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ebb9fd715d4b0eaf5c43e9e7f36ae6adfd5aa2a9540a9df736d3e464d404a352
edcf8085e81a4ccbb762bfe723b38a41d30d1ea8e86c9bf5d9b10bea731d30fb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066f881ead135cd4ee88cf0c80ddb796f8841fc536a7950d4f7102e0502be2f
f08c94a636dea8c08b6a50658ba1200281007d4fba996ac05cd2eeb0b873d32d
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f894f56e01eab5955aac08b6be39128d70cd567be21c8cc02a5107b7c16c5ea1
f9c1e1da0c197ca101c6fd5ae899d10951dd43316c4ed6b3c9bd38877e79023a
fc1c46ccd9c66ec3a5050e7a5708ee85bed00c703176543eaf04e87d6c8981e0
ff3606675bfa134715b899c11cac8409df84cfbc01881b84434017e6353dd4d0

kliker.com.ua Open in urlscan Pro 89.184.95.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

109 Requests

96 %HTTPS

88 %IPv6

16 Domains

25 Subdomains

24 IPs

7 Countries

2365 kBTransfer

4589 kBSize

18 Cookies

4 Outgoing links

Page URL History

Redirected requests

109 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

kliker.com.ua Open in urlscan Pro
89.184.95.164 Public Scan

Screenshot
Live screenshot

Full Image

109
Requests

96 %
HTTPS

88 %
IPv6

16
Domains

25
Subdomains

24
IPs

7
Countries

2365 kB
Transfer

4589 kB
Size

18
Cookies

109 HTTP transactions
1 data transactions